Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Priceless Adware - continued


  • This topic is locked This topic is locked
20 replies to this topic

#1 beggersrun

beggersrun

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa Bay, Florida
  • Local time:06:01 PM

Posted 16 October 2014 - 08:25 PM

Please note that I tried to follow the Prep Guide but were unable to get DDS to run.
 
 
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dale at 2014-10-16 21:16:12
Microsoft Windows 8.1 
System drive C: has 88 GB (46%) free of 192 GB
Total RAM: 3005 MB (77% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:16:40 PM, on 10/16/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
 
Running processes:
C:\Program Files\Stardock\ModernMix\MMix_32.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\SettingSyncHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\skydrive.exe
C:\Program Files\Hp\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\Hp\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x86__8wekyb3d8bbwe\glcnd.exe
C:\Windows\System32\WWAHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Dale\Desktop\RSIT.exe
C:\Program Files\trend micro\Dale.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?
 
LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?
 
LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files
 
\Java\jre7\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program 
 
Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support
 
\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common 
 
Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [HP Officejet 4620 series (NET) #2] "C:\Program Files\Hp\HP Officejet 4620 
 
series\Bin\ScanToPCActivationApp.exe" -deviceID "CN27K241V605RT:NW" -scfn "HP Officejet 4620 series 
 
(NET) #2" -AutoStart 1
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet for Android\PdaNetPC.exe
O4 - Startup: Sidebar796.lnk = C:\Program Files\Windows Sidebar\sidebar.exe
O4 - Global Startup: Iolo Macro Magic.lnk = C:\Program Files\Iolo\Macro Magic\Macros.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:
 
\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - 
 
O16 - DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} (DVM_IPCam2 Control) - 
 
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo 
 
Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems 
 
Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device 
 
Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files
 
\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google
 
\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google
 
\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Stardock ModernMix (ModernMix) - Stardock Software, Inc - C:\Program Files\Stardock
 
\ModernMix\MMixSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib
 
\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, 
 
Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files\Stardock
 
\Start8\Start8Srv.exe
 
--
End of file - 5631 bytes
 
======Scheduled tasks folder======
 
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash
 
\FlashPlayerUpdateService.exe  
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe  
 
/c 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe  
 
/ua /installsource scheduler 
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3807231785-4007385617-3935110610-1001Core.job - C:
 
\Users\Dale\AppData\Local\Google\Update\GoogleUpdate.exe  /c 
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3807231785-4007385617-3935110610-1001UA.job - C:
 
\Users\Dale\AppData\Local\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
 
\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-21 462760]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
 
\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-21 171944]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-09-01 421160]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 
 
59240]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib
 
\NMBgMonitor.exe [2007-06-27 152872]
"HP Officejet 4620 series (NET) #2"=C:\Program Files\Hp\HP Officejet 4620 series\Bin
 
\ScanToPCActivationApp.exe [2012-10-17 1837672]
 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Iolo Macro Magic.lnk - C:\Program Files\Iolo\Macro Magic\Macros.exe
 
C:\Users\Dale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
PdaNet Desktop.lnk - C:\Program Files\PdaNet for Android\PdaNetPC.exe
Sidebar796.lnk - C:\Program Files\Windows Sidebar\sidebar.exe
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy
 
\standardprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy
 
\domainprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.lameacm"=LameACM.acm
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
 
======List of files/folders created in the last 1 month======
 
2014-10-16 21:16:12 ----D---- C:\rsit
2014-10-16 21:16:12 ----D---- C:\Program Files\trend micro
2014-10-16 17:03:33 ----HD---- C:\WINDOWS\PIF
2014-10-15 23:00:33 ----D---- C:\Program Files\ESET
2014-10-15 22:38:18 ----D---- C:\WINDOWS\ERUNT
2014-10-15 22:04:47 ----D---- C:\AdwCleaner
2014-10-15 21:57:21 ----A---- C:\TDSSKiller.3.0.0.40_15.10.2014_21.57.21_log.txt
2014-10-15 14:19:02 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-10-15 00:51:04 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-10-15 00:51:04 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-10-15 00:51:04 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 00:51:04 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 00:51:04 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-10-15 00:51:03 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 00:51:01 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-10-15 00:51:01 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-10-15 00:51:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-10-15 00:50:59 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-10-15 00:50:58 ----A---- C:\WINDOWS\system32\wininet.dll
2014-10-15 00:50:58 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 00:50:57 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-10-15 00:50:57 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-10-15 00:50:55 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-10-15 00:50:54 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-10-15 00:50:54 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 00:50:54 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-15 00:50:44 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-15 00:50:34 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-10-15 00:50:34 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-10-15 00:50:34 ----A---- C:\WINDOWS\system32\packager.dll
2014-10-15 00:49:19 ----A---- C:\WINDOWS\system32\wpccpl.dll
2014-10-15 00:49:18 ----A---- C:\WINDOWS\system32\drivers\wpcfltr.sys
2014-10-15 00:49:18 ----A---- C:\WINDOWS\system32\drivers\msgpioclx.sys
2014-10-15 00:49:12 ----A---- C:\WINDOWS\system32\WSDMon.dll
2014-10-15 00:49:11 ----A---- C:\WINDOWS\system32\tcpmon.dll
2014-10-15 00:48:39 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2014-10-15 00:47:55 ----A---- C:\WINDOWS\system32\rastls.dll
2014-10-15 00:47:54 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-10-15 00:47:54 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-10-15 00:47:54 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-10-15 00:47:26 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-10-15 00:47:25 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-10-15 00:47:25 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-10-15 00:47:13 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-10-15 00:47:05 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-10-15 00:47:04 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-10-15 00:47:04 ----A---- C:\WINDOWS\system32\localspl.dll
2014-10-15 00:47:03 ----A---- C:\WINDOWS\system32\fveapi.dll
2014-10-15 00:47:03 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2014-10-15 00:46:59 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-10-15 00:46:59 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-10-15 00:46:57 ----A---- C:\WINDOWS\system32\vpnike.dll
2014-10-15 00:46:57 ----A---- C:\WINDOWS\system32\framedynos.dll
2014-10-15 00:46:57 ----A---- C:\WINDOWS\system32\BFE.DLL
2014-10-15 00:46:56 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2014-10-15 00:46:55 ----A---- C:\WINDOWS\system32\winbici.dll
2014-10-15 00:46:55 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2014-10-15 00:46:53 ----A---- C:\WINDOWS\system32\WebClnt.dll
2014-10-15 00:46:53 ----A---- C:\WINDOWS\system32\Robocopy.exe
2014-10-15 00:46:53 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2014-10-15 00:46:52 ----A---- C:\WINDOWS\system32\framedyn.dll
2014-10-15 00:46:52 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2014-10-15 00:46:52 ----A---- C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-15 00:46:52 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-15 00:46:52 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2014-10-15 00:46:52 ----A---- C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-15 00:46:51 ----A---- C:\WINDOWS\system32\srms.dat
2014-10-15 00:46:51 ----A---- C:\WINDOWS\system32\reseteng.dll
2014-10-15 00:46:51 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2014-10-15 00:46:45 ----A---- C:\WINDOWS\system32\FntCache.dll
2014-10-15 00:46:45 ----A---- C:\WINDOWS\system32\DWrite.dll
2014-10-15 00:41:31 ----A---- C:\WINDOWS\system32\schedsvc.dll
2014-10-15 00:41:30 ----A---- C:\WINDOWS\system32\qedit.dll
2014-10-15 00:41:23 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-10-15 00:41:23 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 00:41:23 ----A---- C:\WINDOWS\system32\wups2.dll
2014-10-15 00:41:23 ----A---- C:\WINDOWS\system32\wups.dll
2014-10-15 00:41:23 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-10-15 00:41:23 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-10-15 00:41:23 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-10-15 00:41:23 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-10-15 00:41:23 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-10-15 00:41:23 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-10-15 00:40:58 ----A---- C:\WINDOWS\system32\dxgi.dll
2014-10-15 00:40:58 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2014-10-15 00:40:41 ----A---- C:\WINDOWS\system32\drvinst.exe
2014-10-15 00:40:41 ----A---- C:\WINDOWS\system32\drvcfg.exe
2014-10-15 00:40:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-10-15 00:40:29 ----A---- C:\WINDOWS\system32\rsaenh.dll
2014-10-15 00:40:29 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2014-10-15 00:40:29 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2014-10-15 00:40:28 ----A---- C:\WINDOWS\system32\WUDFSvc.dll
2014-10-15 00:40:28 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-15 00:40:28 ----A---- C:\WINDOWS\system32\WUDFHost.exe
2014-10-15 00:40:28 ----A---- C:\WINDOWS\system32\halmacpi.dll
2014-10-15 00:40:28 ----A---- C:\WINDOWS\system32\hal.dll
2014-10-15 00:40:28 ----A---- C:\WINDOWS\system32\drivers\WUDFRd.sys
2014-10-15 00:40:28 ----A---- C:\WINDOWS\system32\drivers\WUDFPf.sys
2014-10-15 00:40:28 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys
2014-10-15 00:40:28 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2014-10-15 00:40:28 ----A---- C:\WINDOWS\system32\drivers\usbd.sys
2014-10-15 00:40:28 ----A---- C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-15 00:40:27 ----A---- C:\WINDOWS\system32\certcli.dll
2014-10-15 00:39:33 ----A---- C:\WINDOWS\system32\storewuauth.dll
2014-10-15 00:39:31 ----A---- C:\WINDOWS\system32\ubpm.dll
2014-10-15 00:39:31 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-10-15 00:39:25 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2014-10-15 00:39:25 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-10-15 00:39:25 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-10-15 00:39:24 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 00:39:24 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-10-15 00:39:23 ----A---- C:\WINDOWS\system32\shell32.dll
2014-10-15 00:39:23 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 00:39:21 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-10-15 00:39:21 ----A---- C:\WINDOWS
 
\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 00:39:20 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 00:39:19 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 00:39:19 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-10-15 00:39:18 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 00:39:17 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 00:39:16 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 00:39:16 ----A---- C:\WINDOWS\system32\KernelBase.dll
2014-10-15 00:39:15 ----A---- C:\WINDOWS\system32\Wldap32.dll
2014-10-15 00:39:15 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 00:39:15 ----A---- C:\WINDOWS\system32\propsys.dll
2014-10-15 00:39:15 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-10-15 00:39:15 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 00:39:15 ----A---- C:\WINDOWS\system32\bisrv.dll
2014-10-15 00:39:14 ----A---- C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 00:39:12 ----A---- C:\WINDOWS\system32\httpprxm.dll
2014-10-15 00:39:11 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2014-10-15 00:39:10 ----A---- C:\WINDOWS\system32\ProximityService.dll
2014-10-15 00:39:09 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-10-15 00:39:09 ----A---- C:\WINDOWS\system32\adhsvc.dll
2014-10-15 00:39:04 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-10-15 00:39:00 ----A---- C:\WINDOWS\system32\consent.exe
2014-10-15 00:39:00 ----A---- C:\WINDOWS\system32\authui.dll
2014-10-15 00:38:58 ----A---- C:\WINDOWS\system32\uDWM.dll
2014-10-15 00:38:58 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-10-15 00:38:58 ----A---- C:\WINDOWS\system32\msi.dll
2014-10-15 00:38:58 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-10-15 00:38:58 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-10-15 00:38:57 ----A---- C:\WINDOWS\system32\UXInit.dll
2014-10-15 00:38:57 ----A---- C:\WINDOWS\system32\twinui.dll
2014-10-15 00:38:57 ----A---- C:\WINDOWS\explorer.exe
2014-10-15 00:38:44 ----A---- C:\WINDOWS\system32\osk.exe
2014-10-15 00:36:40 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-10-15 00:36:38 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2014-10-15 00:35:41 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-10-15 00:35:36 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-15 00:35:36 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-10-15 00:35:35 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-10-15 00:35:35 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-10-15 00:35:35 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-15 00:35:34 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-10-15 00:35:32 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-10-15 00:35:32 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-10-15 00:35:32 ----A---- C:\WINDOWS\system32\services.exe
2014-10-15 00:35:32 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-10-15 00:35:32 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-10-15 00:35:31 ----A---- C:\WINDOWS\system32\winmde.dll
2014-10-15 00:35:31 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-10-15 00:35:31 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-10-15 00:35:31 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-10-15 00:35:31 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-10-15 00:35:31 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-10-15 00:35:31 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-10-15 00:35:30 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-10-15 00:35:30 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-10-15 00:35:30 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-10-15 00:35:30 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-10-15 00:35:30 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-10-15 00:35:30 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-10-15 00:35:29 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-10-15 00:35:29 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-10-15 00:35:29 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-10-15 00:35:29 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-10-15 00:35:29 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-10-15 00:35:29 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-10-15 00:35:29 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-10-15 00:35:29 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-10-15 00:35:29 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-10-15 00:35:29 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-10-15 00:35:29 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-10-15 00:35:29 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-10-15 00:35:28 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-10-15 00:35:28 ----A---- C:\WINDOWS\system32\mf.dll
2014-10-15 00:35:28 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-10-15 00:35:28 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-10-15 00:35:28 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-10-15 00:35:27 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-10-15 00:35:27 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-10-15 00:35:27 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-10-15 00:35:26 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-10-15 00:35:25 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-10-15 00:35:23 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-10-15 00:35:22 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-10-15 00:35:22 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-10-15 00:35:21 ----A---- C:\WINDOWS\system32\swprv.dll
2014-10-15 00:35:21 ----A---- C:\WINDOWS\system32\srcore.dll
2014-10-15 00:35:20 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-10-15 00:35:20 ----A---- C:\WINDOWS\system32\resutils.dll
2014-10-15 00:35:19 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-10-15 00:35:19 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-10-15 00:35:18 ----A---- C:\WINDOWS\system32\mispace.dll
2014-10-15 00:35:18 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-10-15 00:35:18 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-10-15 00:35:17 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-10-15 00:35:17 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-10-15 00:35:17 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-10-15 00:35:17 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-10-15 00:35:17 ----A---- C:\WINDOWS\system32\srclient.dll
2014-10-15 00:35:17 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-10-15 00:35:17 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-10-15 00:34:23 ----A---- C:\WINDOWS\system32\win32k.sys
2014-10-15 00:32:50 ----A---- C:\WINDOWS\system32\WpcMon.exe
2014-10-15 00:32:50 ----A---- C:\WINDOWS\system32\Wpc.dll
2014-10-15 00:32:49 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2014-10-15 00:32:36 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-15 00:31:08 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-10-13 22:29:58 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-10-12 16:50:10 ----D---- C:\ProgramData\c57eb2ad03c59bcb
2014-10-12 16:50:07 ----D---- C:\ProgramData\PrieceLesss
2014-10-12 02:04:49 ----D---- C:\Program Files\Common Files\DeskShare Shared
2014-10-12 01:51:58 ----D---- C:\ProgramData\DeskShare
2014-10-12 01:51:35 ----D---- C:\Program Files\Deskshare
2014-10-12 01:51:35 ----A---- C:\WINDOWS\system32\LiveWrapRTSP.dll
2014-10-11 19:25:43 ----D---- C:\Users\Dale\AppData\Roaming\HpUpdate
2014-10-11 19:25:29 ----AH---- C:\WINDOWS\system32\HPDiscoPM6412.dll
2014-10-09 22:16:49 ----D---- C:\Program Files\Lame For Audacity
2014-10-09 22:04:34 ----D---- C:\Users\Dale\AppData\Roaming\Audacity
2014-10-09 22:04:00 ----D---- C:\Program Files\Audacity
2014-10-09 21:33:53 ----D---- C:\Program Files\AudioConverter Studio
2014-10-09 11:25:46 ----D---- C:\ProgramData\Stardock
2014-10-09 11:25:34 ----D---- C:\Program Files\Stardock
2014-10-05 16:18:19 ----A---- C:\WINDOWS\system32\~GLH0023.TMP
2014-10-05 16:16:10 ----D---- C:\Program Files\Jasc Software Inc
2014-10-04 15:04:27 ----D---- C:\wifidata
2014-10-03 02:18:52 ----D---- C:\Users\Dale\AppData\Roaming\Adobe
2014-10-03 01:47:46 ----D---- C:\Program Files\MP3Gain
2014-10-03 01:29:55 ----D---- C:\Program Files\EasyCapture
2014-10-03 01:24:34 ----D---- C:\Program Files\DirectoryListPrint
2014-09-26 17:37:39 ----D---- C:\Users\Dale\AppData\Roaming\Vast Studios
2014-09-23 16:03:24 ----D---- C:\Movies
2014-09-22 04:52:32 ----D---- C:\Users\Dale\AppData\Roaming\Jasc
2014-09-19 15:21:54 ----A---- C:\WINDOWS\system32\kernel32.dll
2014-09-19 15:21:49 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2014-09-19 15:21:48 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-09-19 15:21:48 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2014-09-19 15:21:40 ----A---- C:\WINDOWS\system32\msftedit.dll
2014-09-19 15:21:39 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-09-19 15:21:38 ----A---- C:\WINDOWS\system32\msxml6.dll
2014-09-19 15:21:37 ----A---- C:\WINDOWS\system32\dwmcore.dll
2014-09-19 15:21:37 ----A---- C:\WINDOWS\system32\d3d11.dll
2014-09-19 15:21:36 ----A---- C:\WINDOWS\system32\ole32.dll
2014-09-19 15:21:35 ----A---- C:\WINDOWS\system32\ReAgent.dll
2014-09-19 15:21:35 ----A---- C:\WINDOWS\system32\kerberos.dll
2014-09-19 15:21:35 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2014-09-19 15:21:35 ----A---- C:\WINDOWS\system32\dnsapi.dll
2014-09-19 15:21:34 ----A---- C:\WINDOWS\system32\wlidprov.dll
2014-09-19 15:21:33 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2014-09-19 15:21:33 ----A---- C:\WINDOWS\system32\dcomp.dll
2014-09-19 15:21:32 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-09-19 15:21:31 ----A---- C:\WINDOWS\system32\rasapi32.dll
2014-09-19 15:21:31 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2014-09-19 15:21:30 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-09-19 15:21:30 ----A---- C:\WINDOWS\system32\SessEnv.dll
2014-09-19 15:21:30 ----A---- C:\WINDOWS\system32\profsvc.dll
2014-09-19 15:21:30 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2014-09-19 15:21:29 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2014-09-19 15:21:29 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2014-09-19 15:21:29 ----A---- C:\WINDOWS\system32\netlogon.dll
2014-09-19 15:21:29 ----A---- C:\WINDOWS\system32\netcfgx.dll
2014-09-19 15:21:29 ----A---- C:\WINDOWS\system32\bdesvc.dll
2014-09-19 15:21:29 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-09-19 15:21:27 ----A---- C:\WINDOWS\system32\dafWfdProvider.dll
2014-09-19 15:21:26 ----AC---- C:\WINDOWS\system32\drivers\hidclass.sys
2014-09-19 15:21:26 ----A---- C:\WINDOWS\system32\Display.dll
2014-09-19 15:21:20 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-09-19 15:21:20 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2014-09-19 15:21:20 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2014-09-19 15:21:19 ----A---- C:\WINDOWS\system32\userenv.dll
2014-09-19 15:21:19 ----A---- C:\WINDOWS\system32\spp.dll
2014-09-19 15:21:19 ----A---- C:\WINDOWS\system32\pdh.dll
2014-09-19 15:21:19 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2014-09-19 15:21:19 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2014-09-19 15:21:19 ----A---- C:\WINDOWS\system32\davclnt.dll
2014-09-19 15:21:19 ----A---- C:\WINDOWS\system32\cdd.dll
2014-09-19 15:21:18 ----A---- C:\WINDOWS\system32\wlangpui.dll
2014-09-19 15:21:18 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-09-19 15:21:15 ----A---- C:\WINDOWS\system32\drivers\tcpipreg.sys
2014-09-19 15:21:12 ----AC---- C:\WINDOWS\system32\drivers\hidusb.sys
2014-09-19 15:21:11 ----A---- C:\WINDOWS\system32\w32tm.exe
2014-09-19 15:21:10 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2014-09-19 15:21:10 ----A---- C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-09-19 15:21:09 ----A---- C:\WINDOWS\system32\aclui.dll
2014-09-19 15:21:08 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-09-19 15:21:08 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-09-19 15:21:08 ----A---- C:\WINDOWS\system32\ReInfo.dll
2014-09-19 15:21:08 ----A---- C:\WINDOWS\system32\fveapibase.dll
2014-09-19 15:21:08 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2014-09-19 15:21:07 ----A---- C:\WINDOWS\system32\WSDScDrv.dll
2014-09-19 15:21:07 ----A---- C:\WINDOWS\system32\RMapi.dll
2014-09-19 15:21:06 ----A---- C:\WINDOWS\system32\sxproxy.dll
2014-09-19 15:21:06 ----A---- C:\WINDOWS\system32\nshwfp.dll
2014-09-19 15:21:06 ----A---- C:\WINDOWS\system32\LocationApi.dll
2014-09-19 15:21:06 ----A---- C:\WINDOWS\system32\fvewiz.dll
2014-09-19 15:21:05 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-09-19 15:21:04 ----A---- C:\WINDOWS\system32\DevPropMgr.dll
2014-09-19 15:21:03 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2014-09-19 15:21:03 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-09-19 15:21:02 ----A---- C:\WINDOWS\system32\SetNetworkLocation.dll
2014-09-19 15:21:02 ----A---- C:\WINDOWS\system32\drivers\IPMIDrv.sys
2014-09-19 15:21:01 ----A---- C:\WINDOWS\system32\l2gpstore.dll
2014-09-19 15:17:58 ----A---- C:\WINDOWS\system32\OobeFldr.dll
2014-09-19 15:17:52 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2014-09-19 15:17:51 ----A---- C:\WINDOWS\system32\WSService.dll
2014-09-19 15:17:51 ----A---- C:\WINDOWS\system32\WofTasks.dll
2014-09-19 15:17:44 ----A---- C:\WINDOWS\system32\combase.dll
2014-09-19 15:17:43 ----A---- C:\WINDOWS\system32\wmp.dll
2014-09-19 15:17:41 ----A---- C:\WINDOWS\system32\sppobjs.dll
2014-09-19 15:17:40 ----A---- C:\WINDOWS\system32\tquery.dll
2014-09-19 15:17:40 ----A---- C:\WINDOWS\system32\sysmain.dll
2014-09-19 15:17:38 ----A---- C:\WINDOWS\system32\mssrch.dll
2014-09-19 15:17:37 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2014-09-19 15:17:34 ----A---- C:\WINDOWS\system32\dui70.dll
2014-09-19 15:17:33 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2014-09-19 15:17:32 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-09-19 15:17:31 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-19 15:17:31 ----A---- C:\WINDOWS\system32\WerFault.exe
2014-09-19 15:17:31 ----A---- C:\WINDOWS\system32\webservices.dll
2014-09-19 15:17:31 ----A---- C:\WINDOWS\system32\Faultrep.dll
2014-09-19 15:17:31 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2014-09-19 15:17:30 ----A---- C:\WINDOWS\system32\msctf.dll
2014-09-19 15:17:29 ----A---- C:\WINDOWS\system32\winresume.exe
2014-09-19 15:17:29 ----A---- C:\WINDOWS\system32\winload.exe
2014-09-19 15:17:29 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-09-19 15:17:29 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2014-09-19 15:17:29 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2014-09-19 15:17:28 ----AC---- C:\WINDOWS\system32\drivers\acpi.sys
2014-09-19 15:17:28 ----A---- C:\WINDOWS\system32\wer.dll
2014-09-19 15:17:28 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2014-09-19 15:17:27 ----A---- C:\WINDOWS\system32\WWAHost.exe
2014-09-19 15:17:26 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2014-09-19 15:17:26 ----A---- C:\WINDOWS\system32\DfpCommon.dll
2014-09-19 15:17:25 ----A---- C:\WINDOWS\system32\twinapi.dll
2014-09-19 15:17:25 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2014-09-19 15:17:24 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2014-09-19 15:17:24 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2014-09-19 15:17:24 ----A---- C:\WINDOWS\system32\setupapi.dll
2014-09-19 15:17:24 ----A---- C:\WINDOWS\system32\msTextPrediction.dll
2014-09-19 15:17:23 ----A---- C:\WINDOWS\system32\rpcss.dll
2014-09-19 15:17:23 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2014-09-19 15:17:22 ----A---- C:\WINDOWS\system32\wpncore.dll
2014-09-19 15:17:21 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2014-09-19 15:17:21 ----A---- C:\WINDOWS\system32\apphelp.dll
2014-09-19 15:17:19 ----A---- C:\WINDOWS\system32\SHCore.dll
2014-09-19 15:17:19 ----A---- C:\WINDOWS\system32\SettingSync.dll
2014-09-19 15:17:19 ----A---- C:\WINDOWS\system32\samsrv.dll
2014-09-19 15:17:18 ----A---- C:\WINDOWS\system32\WofUtil.dll
2014-09-19 15:17:18 ----A---- C:\WINDOWS\system32\wimserv.exe
2014-09-19 15:17:18 ----A---- C:\WINDOWS\system32\wimgapi.dll
2014-09-19 15:17:17 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2014-09-19 15:17:17 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2014-09-19 15:17:17 ----A---- C:\WINDOWS\system32\RacEngn.dll
2014-09-19 15:17:16 ----A---- C:\WINDOWS\system32\usercpl.dll
2014-09-19 15:17:16 ----A---- C:\WINDOWS\system32\scrrun.dll
2014-09-19 15:17:16 ----A---- C:\WINDOWS\system32\comdlg32.dll
2014-09-19 15:17:16 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2014-09-19 15:17:15 ----A---- C:\WINDOWS\system32\recimg.exe
2014-09-19 15:17:15 ----A---- C:\WINDOWS\system32\drivers\rdyboost.sys
2014-09-19 15:17:15 ----A---- C:\WINDOWS\system32\dfpinc.dat
2014-09-19 15:17:15 ----A---- C:\WINDOWS\system32\dfp.exe
2014-09-19 15:17:14 ----A---- C:\WINDOWS\system32\uxtheme.dll
2014-09-19 15:17:13 ----A---- C:\WINDOWS\system32\user32.dll
2014-09-19 15:17:12 ----A---- C:\WINDOWS\system32\storagewmi.dll
2014-09-19 15:17:12 ----A---- C:\WINDOWS\system32\perftrack.dll
2014-09-19 15:17:12 ----A---- C:\WINDOWS\system32\mssph.dll
2014-09-19 15:17:11 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2014-09-19 15:17:10 ----A---- C:\WINDOWS\system32\schannel.dll
2014-09-19 15:17:10 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2014-09-19 15:17:09 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2014-09-19 15:17:09 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2014-09-19 15:17:09 ----A---- C:\WINDOWS\system32\aelupsvc.dll
2014-09-19 15:17:08 ----AC---- C:\WINDOWS\system32\drivers\portcls.sys
2014-09-19 15:17:08 ----AC---- C:\WINDOWS\system32\drivers\pci.sys
2014-09-19 15:17:07 ----A---- C:\WINDOWS\system32\tdh.dll
2014-09-19 15:17:07 ----A---- C:\WINDOWS\system32\msctfuimanager.dll
2014-09-19 15:17:07 ----A---- C:\WINDOWS\system32\energy.dll
2014-09-19 15:17:06 ----A---- C:\WINDOWS\system32\oleaut32.dll
2014-09-19 15:17:06 ----A---- C:\WINDOWS\system32\iuilp.dll
2014-09-19 15:17:05 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-09-19 15:17:05 ----A---- C:\WINDOWS\system32\WSClient.dll
2014-09-19 15:17:05 ----A---- C:\WINDOWS\system32\slc.dll
2014-09-19 15:17:05 ----A---- C:\WINDOWS\system32\msvproc.dll
2014-09-19 15:17:05 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-19 15:17:05 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2014-09-19 15:17:04 ----A---- C:\WINDOWS\system32\thumbcache.dll
2014-09-19 15:17:04 ----A---- C:\WINDOWS\system32\stobject.dll
2014-09-19 15:17:04 ----A---- C:\WINDOWS\system32\mssvp.dll
2014-09-19 15:17:04 ----A---- C:\WINDOWS\system32\ci.dll
2014-09-19 15:17:04 ----A---- C:\WINDOWS\system32\advapi32.dll
2014-09-19 15:17:03 ----A---- C:\WINDOWS\system32\winlogon.exe
2014-09-19 15:17:03 ----A---- C:\WINDOWS\system32\sppwinob.dll
2014-09-19 15:17:03 ----A---- C:\WINDOWS\system32\psmsrv.dll
2014-09-19 15:17:02 ----A---- C:\WINDOWS\system32\ntshrui.dll
2014-09-19 15:17:01 ----A---- C:\WINDOWS\system32\wersvc.dll
2014-09-19 15:17:00 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-09-19 15:17:00 ----A---- C:\WINDOWS\system32\rascustom.dll
2014-09-19 15:17:00 ----A---- C:\WINDOWS\system32\pnidui.dll
2014-09-19 15:16:59 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-09-19 15:16:59 ----A---- C:\WINDOWS\system32\dwmredir.dll
2014-09-19 15:16:58 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2014-09-19 15:16:58 ----A---- C:\WINDOWS\system32\DismApi.dll
2014-09-19 15:16:57 ----A---- C:\WINDOWS\system32\themeui.dll
2014-09-19 15:16:57 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2014-09-19 15:16:57 ----A---- C:\WINDOWS\system32\MrmIndexer.dll
2014-09-19 15:16:57 ----A---- C:\WINDOWS\system32\lsm.dll
2014-09-19 15:16:56 ----A---- C:\WINDOWS\system32\mssphtb.dll
2014-09-19 15:16:56 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2014-09-19 15:16:56 ----A---- C:\WINDOWS\system32\Dism.exe
2014-09-19 15:16:56 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2014-09-19 15:16:55 ----A---- C:\WINDOWS\system32\nettrace.dll
2014-09-19 15:16:54 ----A---- C:\WINDOWS\system32\VAN.dll
2014-09-19 15:16:54 ----A---- C:\WINDOWS\system32\sppc.dll
2014-09-19 15:16:54 ----A---- C:\WINDOWS\system32\conhost.exe
2014-09-19 15:16:53 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2014-09-19 15:16:53 ----A---- C:\WINDOWS\system32\werconcpl.dll
2014-09-19 15:16:53 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2014-09-19 15:16:53 ----A---- C:\WINDOWS\system32\SndVol.exe
2014-09-19 15:16:53 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-09-19 15:16:52 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2014-09-19 15:16:52 ----A---- C:\WINDOWS\system32\WlanMM.dll
2014-09-19 15:16:52 ----A---- C:\WINDOWS\system32\WinTypes.dll
2014-09-19 15:16:52 ----A---- C:\WINDOWS\system32\rdpcore.dll
2014-09-19 15:16:52 ----A---- C:\WINDOWS\system32\rdbui.dll
2014-09-19 15:16:52 ----A---- C:\WINDOWS\system32\authz.dll
2014-09-19 15:16:51 ----AC---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2014-09-19 15:16:51 ----A---- C:\WINDOWS\system32\wwanmm.dll
2014-09-19 15:16:51 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-09-19 15:16:51 ----A---- C:\WINDOWS\system32\ninput.dll
2014-09-19 15:16:51 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2014-09-19 15:16:51 ----A---- C:\WINDOWS\system32\imm32.dll
2014-09-19 15:16:51 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2014-09-19 15:16:51 ----A---- C:\WINDOWS\system32\clrhost.dll
2014-09-19 15:16:50 ----A---- C:\WINDOWS\system32\drivers\luafv.sys
2014-09-19 15:16:50 ----A---- C:\WINDOWS\system32\bcrypt.dll
2014-09-19 15:16:49 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-19 15:16:49 ----A---- C:\WINDOWS\system32\sqmapi.dll
2014-09-19 15:16:48 ----A---- C:\WINDOWS\system32\smss.exe
2014-09-19 15:16:47 ----A---- C:\WINDOWS\system32\sdclt.exe
2014-09-19 15:16:47 ----A---- C:\WINDOWS\system32\fsutil.exe
2014-09-19 15:16:47 ----A---- C:\WINDOWS\system32\dwm.exe
2014-09-19 15:16:47 ----A---- C:\WINDOWS\system32\CloudNotifications.exe
2014-09-19 15:16:46 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2014-09-19 15:16:46 ----A---- C:\WINDOWS\system32\wscapi.dll
2014-09-19 15:16:46 ----A---- C:\WINDOWS\system32\taskhost.exe
2014-09-19 15:16:46 ----A---- C:\WINDOWS\system32\AltTab.dll
2014-09-19 15:16:46 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-09-19 15:16:45 ----A---- C:\WINDOWS\system32\RASMM.dll
2014-09-19 15:16:45 ----A---- C:\WINDOWS\system32\fhcfg.dll
2014-09-19 15:16:44 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-09-19 15:16:44 ----A---- C:\WINDOWS\system32\systemreset.exe
2014-09-19 15:16:44 ----A---- C:\WINDOWS\system32\gameux.dll
2014-09-19 15:16:43 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2014-09-19 15:16:42 ----AC---- C:\WINDOWS\system32\drivers\vhdmp.sys
2014-09-19 15:16:42 ----A---- C:\WINDOWS\system32\WLanConn.dll
2014-09-19 15:16:42 ----A---- C:\WINDOWS\system32\winsrv.dll
2014-09-19 15:16:42 ----A---- C:\WINDOWS\system32\wermgr.exe
2014-09-19 15:16:42 ----A---- C:\WINDOWS\system32\powrprof.dll
2014-09-19 15:16:42 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2014-09-19 15:16:42 ----A---- C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-09-19 15:16:42 ----A---- C:\WINDOWS\system32\drivers\fileinfo.sys
2014-09-19 15:16:41 ----A---- C:\WINDOWS\system32\zipfldr.dll
2014-09-19 15:16:41 ----A---- C:\WINDOWS\system32\WSDApi.dll
2014-09-19 15:16:41 ----A---- C:\WINDOWS\system32\vdsbas.dll
2014-09-19 15:16:41 ----A---- C:\WINDOWS\system32\UserAccountBroker.exe
2014-09-19 15:16:41 ----A---- C:\WINDOWS\system32\RestoreOptIn.exe
2014-09-19 15:16:41 ----A---- C:\WINDOWS\system32\rasgcw.dll
2014-09-19 15:16:41 ----A---- C:\WINDOWS\system32\fhcpl.dll
2014-09-19 15:16:40 ----A---- C:\WINDOWS\system32\wscinterop.dll
2014-09-19 15:16:40 ----A---- C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-09-19 15:16:40 ----A---- C:\WINDOWS\system32\wbengine.exe
2014-09-19 15:16:40 ----A---- C:\WINDOWS\system32\srchadmin.dll
2014-09-19 15:16:40 ----A---- C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-09-19 15:16:40 ----A---- C:\WINDOWS\system32\newdev.dll
2014-09-19 15:16:40 ----A---- C:\WINDOWS\system32\LockScreenContent.dll
2014-09-19 15:16:40 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2014-09-19 15:16:39 ----A---- C:\WINDOWS\system32\taskhostex.exe
2014-09-19 15:16:39 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2014-09-19 15:16:38 ----A---- C:\WINDOWS\system32\bcd.dll
2014-09-19 15:16:32 ----AC---- C:\WINDOWS\system32\drivers\sdstor.sys
2014-09-19 15:16:32 ----A---- C:\WINDOWS\system32\wwanconn.dll
2014-09-19 15:16:30 ----A---- C:\WINDOWS\system32\das.dll
2014-09-19 15:16:30 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2014-09-19 15:16:29 ----A---- C:\WINDOWS\system32\AuthHost.exe
2014-09-19 15:16:27 ----A---- C:\WINDOWS\system32\taskeng.exe
2014-09-19 15:16:27 ----A---- C:\WINDOWS\system32\bootux.dll
2014-09-19 15:16:26 ----AC---- C:\WINDOWS\system32\drivers\UCX01000.SYS
2014-09-19 15:16:26 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2014-09-19 15:16:26 ----A---- C:\WINDOWS\system32\netid.dll
2014-09-19 15:16:26 ----A---- C:\WINDOWS\system32\BioCredProv.dll
2014-09-19 15:16:22 ----A---- C:\WINDOWS\system32\dmvdsitf.dll
2014-09-19 15:16:20 ----AC---- C:\WINDOWS\system32\drivers\BasicRender.sys
2014-09-19 15:16:18 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2014-09-19 15:16:17 ----A---- C:\WINDOWS\system32\drivers\http.sys
2014-09-19 15:16:16 ----A---- C:\WINDOWS\system32\SysResetErr.exe
2014-09-19 15:16:14 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2014-09-19 15:16:14 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2014-09-19 15:16:14 ----A---- C:\WINDOWS\system32\netiohlp.dll
2014-09-19 15:16:14 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2014-09-19 15:16:13 ----A---- C:\WINDOWS\system32\samlib.dll
2014-09-19 15:16:13 ----A---- C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-09-19 15:16:13 ----A---- C:\WINDOWS\system32\LockScreenContentServer.exe
2014-09-19 15:16:12 ----A---- C:\WINDOWS\system32\easinvoker.exe
2014-09-19 15:16:12 ----A---- C:\WINDOWS\system32\dot3mm.dll
2014-09-19 15:16:11 ----A---- C:\WINDOWS\system32\netplwiz.dll
2014-09-19 15:16:11 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2014-09-19 15:16:11 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2014-09-19 15:16:11 ----A---- C:\WINDOWS\system32\DAMM.dll
2014-09-19 15:16:11 ----A---- C:\WINDOWS\system32\acppage.dll
2014-09-19 15:16:10 ----A---- C:\WINDOWS\system32\wlidcredprov.dll
2014-09-19 15:16:10 ----A---- C:\WINDOWS\system32\slpts.dll
2014-09-19 15:16:10 ----A---- C:\WINDOWS\system32\scrobj.dll
2014-09-19 15:16:10 ----A---- C:\WINDOWS\system32\rasmans.dll
2014-09-19 15:16:10 ----A---- C:\WINDOWS\system32\provsvc.dll
2014-09-19 15:16:10 ----A---- C:\WINDOWS\system32\printui.dll
2014-09-19 15:16:10 ----A---- C:\WINDOWS\system32\aepic.dll
2014-09-19 15:16:09 ----AC---- C:\WINDOWS\system32\drivers\intelpep.sys
2014-09-19 15:16:09 ----A---- C:\WINDOWS\system32\winbrand.dll
2014-09-19 15:16:09 ----A---- C:\WINDOWS\system32\PkgMgr.exe
2014-09-19 15:16:09 ----A---- C:\WINDOWS\system32\autofmt.exe
2014-09-19 15:16:08 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-19 15:16:08 ----A---- C:\WINDOWS\system32\untfs.dll
2014-09-19 15:16:08 ----A---- C:\WINDOWS\system32\sppnp.dll
2014-09-19 15:16:08 ----A---- C:\WINDOWS\system32\autoconv.exe
2014-09-19 15:16:08 ----A---- C:\WINDOWS\system32\autochk.exe
2014-09-19 15:16:07 ----A---- C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-09-19 15:16:07 ----A---- C:\WINDOWS\system32\StorageContextHandler.dll
2014-09-19 15:16:07 ----A---- C:\WINDOWS\system32\bcdedit.exe
2014-09-19 15:16:07 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2014-09-19 15:16:06 ----A---- C:\WINDOWS\system32\wpnprv.dll
2014-09-19 15:16:06 ----A---- C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-09-19 15:16:06 ----A---- C:\WINDOWS
 
\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-09-19 15:16:06 ----A---- C:\WINDOWS\system32\spwizeng.dll
2014-09-19 15:16:06 ----A---- C:\WINDOWS\system32\spbcd.dll
2014-09-19 15:16:06 ----A---- C:\WINDOWS\system32\mssprxy.dll
2014-09-19 15:16:05 ----A---- C:\WINDOWS\system32\WimBootCompress.ini
2014-09-19 15:16:05 ----A---- C:\WINDOWS\system32\setbcdlocale.dll
2014-09-19 15:16:05 ----A---- C:\WINDOWS\system32\dafBth.dll
2014-09-19 15:16:05 ----A---- C:\WINDOWS\system32\bcdboot.exe
2014-09-19 15:16:04 ----A---- C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-09-19 15:16:03 ----A---- C:\WINDOWS\system32\AepRoam.dll
2014-09-19 15:16:02 ----A---- C:\WINDOWS\system32\sud.dll
2014-09-19 15:16:01 ----A---- C:\WINDOWS\system32\RelPost.exe
2014-09-19 15:16:00 ----A---- C:\WINDOWS\system32\wlidcli.dll
2014-09-19 15:16:00 ----A---- C:\WINDOWS\system32\vdsutil.dll
2014-09-19 15:16:00 ----A---- C:\WINDOWS\system32\vds.exe
2014-09-19 15:16:00 ----A---- C:\WINDOWS\system32\energytask.dll
2014-09-19 15:15:59 ----A---- C:\WINDOWS\system32\srrstr.dll
2014-09-19 15:15:59 ----A---- C:\WINDOWS\system32\DAConn.dll
2014-09-19 15:15:57 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2014-09-19 15:15:54 ----A---- C:\WINDOWS\system32\PrintDialogs.dll
2014-09-19 15:15:54 ----A---- C:\WINDOWS\system32\offreg.dll
2014-09-19 15:15:53 ----A---- C:\WINDOWS\system32\winsku.dll
2014-09-19 15:15:53 ----A---- C:\WINDOWS\system32\SSShim.dll
2014-09-19 15:15:53 ----A---- C:\WINDOWS\system32\CloudStorageWizard.exe
2014-09-19 15:15:52 ----A---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-09-19 15:15:52 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2014-09-19 15:15:52 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2014-09-19 15:15:52 ----A---- C:\WINDOWS\system32\fhevents.dll
2014-09-19 15:15:52 ----A---- C:\WINDOWS\system32\drivers\watchdog.sys
2014-09-19 15:15:52 ----A---- C:\WINDOWS\system32\deviceassociation.dll
2014-09-19 15:15:51 ----A---- C:\WINDOWS\system32\werui.dll
2014-09-19 15:15:51 ----A---- C:\WINDOWS\system32\SrTasks.exe
2014-09-19 15:15:51 ----A---- C:\WINDOWS\system32\powercfg.exe
2014-09-19 15:15:51 ----A---- C:\WINDOWS\system32\migisol.dll
2014-09-19 15:15:50 ----A---- C:\WINDOWS\system32\ReAgentc.exe
2014-09-19 15:15:50 ----A---- C:\WINDOWS\system32\dfrgui.exe
2014-09-19 15:15:50 ----A---- C:\WINDOWS\system32\dasHost.exe
2014-09-19 15:15:49 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2014-09-19 15:15:49 ----A---- C:\WINDOWS\system32\easwrt.dll
2014-09-19 15:15:49 ----A---- C:\WINDOWS\system32\Defrag.exe
2014-09-19 15:15:49 ----A---- C:\WINDOWS\system32\aitagent.exe
2014-09-19 15:15:49 ----A---- C:\WINDOWS\system32\ActionQueue.dll
2014-09-19 15:15:47 ----A---- C:\WINDOWS\system32\diskpart.exe
2014-09-19 15:15:46 ----A---- C:\WINDOWS\system32\cscript.exe
2014-09-19 15:15:45 ----A---- C:\WINDOWS\system32\sxshared.dll
2014-09-19 15:15:45 ----A---- C:\WINDOWS\system32\msshooks.dll
2014-09-19 15:15:45 ----A---- C:\WINDOWS\system32\LockScreenContentHost.dll
2014-09-19 15:15:44 ----A---- C:\WINDOWS\system32\wusa.exe
2014-09-19 15:15:44 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-09-19 15:15:44 ----A---- C:\WINDOWS\system32\wbadmin.exe
2014-09-19 15:15:44 ----A---- C:\WINDOWS\system32\pnpclean.dll
2014-09-19 15:15:44 ----A---- C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-09-19 15:15:43 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-09-19 15:15:43 ----A---- C:\WINDOWS\system32\scavengeui.dll
2014-09-19 15:15:40 ----AH---- C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-09-19 15:15:39 ----A---- C:\WINDOWS\system32\wincorlib.dll
2014-09-19 15:15:39 ----A---- C:\WINDOWS\system32\setupugc.exe
2014-09-19 15:15:36 ----A---- C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-09-19 15:15:36 ----A---- C:\WINDOWS\system32\lpksetup.exe
2014-09-19 15:15:36 ----A---- C:\WINDOWS\system32\finger.exe
2014-09-19 15:15:36 ----A---- C:\WINDOWS\system32\fhengine.dll
2014-09-19 15:15:35 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2014-09-19 15:15:35 ----A---- C:\WINDOWS\system32\themecpl.dll
2014-09-19 15:15:32 ----AH---- C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-09-19 15:15:32 ----A---- C:\WINDOWS\system32\ocsetapi.dll
2014-09-19 15:15:32 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2014-09-19 15:15:32 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2014-09-19 15:15:31 ----A---- C:\WINDOWS\system32\devinv.dll
2014-09-19 15:15:30 ----A---- C:\WINDOWS\system32\dataclen.dll
2014-09-19 15:15:27 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-09-19 15:15:25 ----AH---- C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-09-19 15:15:24 ----AH---- C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-09-19 15:15:24 ----AH---- C:\WINDOWS\system32\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-09-19 15:15:24 ----A---- C:\WINDOWS\system32\workerdd.dll
2014-09-19 15:15:23 ----A---- C:\WINDOWS\system32\occache.dll
2014-09-19 15:15:23 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2014-09-19 15:15:23 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2014-09-19 15:01:59 ----D---- C:\WINDOWS\AUInstallAgent
 
======List of files/folders modified in the last 1 month======
 
2014-10-16 21:16:29 ----D---- C:\WINDOWS\Prefetch
2014-10-16 21:16:12 ----RD---- C:\Program Files
2014-10-16 21:02:48 ----D---- C:\Downloads
2014-10-16 21:00:00 ----D---- C:\WINDOWS\system32\sru
2014-10-16 18:41:10 ----D---- C:\WINDOWS\system32\Tasks
2014-10-16 18:37:59 ----D---- C:\WINDOWS\Temp
2014-10-16 17:03:33 ----D---- C:\Windows
2014-10-16 04:54:48 ----D---- C:\WINDOWS\rescache
2014-10-16 04:42:43 ----D---- C:\WINDOWS\Microsoft.NET
2014-10-16 04:39:58 ----RSD---- C:\WINDOWS\assembly
2014-10-16 02:14:19 ----D---- C:\Program Files\KMSnano
2014-10-16 02:14:18 ----D---- C:\Program Files\Free Keylogger Pro
2014-10-15 23:00:34 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-10-15 22:39:11 ----RD---- C:\WINDOWS\System32
2014-10-15 22:20:00 ----D---- C:\WINDOWS\inf
2014-10-15 22:20:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-15 21:59:58 ----D---- C:\WINDOWS\system32\Drivers
2014-10-15 17:05:15 ----D---- C:\All Saved
2014-10-15 14:54:54 ----D---- C:\WINDOWS\InputMethod
2014-10-15 14:27:08 ----D---- C:\WINDOWS\system32\config
2014-10-15 14:19:21 ----D---- C:\WINDOWS\WinSxS
2014-10-15 14:13:29 ----D---- C:\WINDOWS\system32\drivers\en-US
2014-10-15 14:13:28 ----D---- C:\WINDOWS\system32\oobe
2014-10-15 14:13:25 ----RD---- C:\WINDOWS\ToastData
2014-10-15 14:13:25 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-10-15 14:13:23 ----D---- C:\WINDOWS\PolicyDefinitions
2014-10-15 14:13:22 ----D---- C:\WINDOWS\system32\en-US
2014-10-15 14:13:21 ----D---- C:\Program Files\Internet Explorer
2014-10-15 14:13:20 ----D---- C:\WINDOWS\system32\wbem
2014-10-15 14:13:20 ----D---- C:\WINDOWS\system32\migration
2014-10-15 14:13:09 ----D---- C:\Program Files\Windows Defender
2014-10-15 14:13:07 ----D---- C:\WINDOWS\MediaViewer
2014-10-15 14:13:06 ----D---- C:\WINDOWS\FileManager
2014-10-15 14:13:06 ----D---- C:\WINDOWS\Camera
2014-10-15 14:12:43 ----D---- C:\WINDOWS\WinStore
2014-10-15 14:12:41 ----D---- C:\WINDOWS\system32\DriverStore
2014-10-15 14:08:17 ----D---- C:\WINDOWS\Tasks
2014-10-15 13:04:19 ----D---- C:\ProgramData\Package Cache
2014-10-15 13:04:18 ----SHD---- C:\WINDOWS\Installer
2014-10-15 13:04:18 ----SHD---- C:\Config.Msi
2014-10-15 13:01:55 ----SHD---- C:\System Volume Information
2014-10-15 03:18:03 ----HD---- C:\Program Files\WindowsApps
2014-10-15 03:09:45 ----D---- C:\WINDOWS\registration
2014-10-15 03:09:33 ----D---- C:\WINDOWS\ServiceProfiles
2014-10-15 03:06:22 ----HD---- C:\ProgramData
2014-10-15 03:06:15 ----D---- C:\Program Files\Google
2014-10-15 01:14:23 ----D---- C:\WINDOWS\CbsTemp
2014-10-15 01:00:24 ----D---- C:\Program Files\Windows Journal
2014-10-15 00:59:27 ----D---- C:\WINDOWS\system32\MRT
2014-10-15 00:52:53 ----D---- C:\WINDOWS\debug
2014-10-15 00:52:47 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-15 00:49:40 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-10-15 00:49:40 ----A---- C:\WINDOWS\system32\ieetwcollectorres.dll
2014-10-15 00:49:40 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-10-15 00:49:37 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-10-15 00:49:36 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-10-15 00:49:35 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-10-15 00:47:50 ----D---- C:\WINDOWS\system32\catroot2
2014-10-15 00:34:43 ----A---- C:\WINDOWS\system32\msrating.dll
2014-10-15 00:33:32 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-10-15 00:25:39 ----D---- C:\WINDOWS\SoftwareDistribution
2014-10-14 23:51:21 ----D---- C:\Users\Dale\AppData\Roaming\uTorrent
2014-10-13 17:35:31 ----D---- C:\WINDOWS\AppReadiness
2014-10-13 15:02:30 ----D---- C:\Users\Dale\AppData\Roaming\FSC
2014-10-12 16:50:01 ----HD---- C:\WINDOWS\system32\GroupPolicy
2014-10-12 16:49:58 ----RD---- C:\Users
2014-10-12 02:04:49 ----D---- C:\Program Files\Common Files
2014-10-11 19:35:27 ----D---- C:\ProgramData\boost_interprocess
2014-10-11 19:33:34 ----D---- C:\WINDOWS\system32\catroot
2014-10-11 19:25:44 ----D---- C:\Program Files\Hp
2014-10-09 22:22:52 ----D---- C:\MP3s
2014-10-09 21:50:27 ----D---- C:\Users\Dale\AppData\Roaming\Mp3tag
2014-10-03 03:52:39 ----D---- C:\WINDOWS\Logs
2014-10-03 02:23:51 ----D---- C:\Program Files\Windows Multimedia Platform
2014-10-03 02:23:49 ----D---- C:\Program Files\Windows Portable Devices
2014-10-03 02:23:49 ----D---- C:\Program Files\Windows Media Player
2014-10-03 02:23:47 ----D---- C:\WINDOWS\servicing
2014-10-03 02:23:47 ----D---- C:\WINDOWS\en-US
2014-10-03 02:23:46 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2014-10-03 02:23:46 ----D---- C:\WINDOWS\system32\lv-LV
2014-10-03 02:23:46 ----D---- C:\WINDOWS\system32\hr-HR
2014-10-03 02:23:46 ----D---- C:\WINDOWS\system32\da-DK
2014-10-03 02:23:45 ----D---- C:\WINDOWS\system32\sk-SK
2014-10-03 02:23:45 ----D---- C:\WINDOWS\system32\ko-KR
2014-10-03 02:23:45 ----D---- C:\WINDOWS\system32\et-EE
2014-10-03 02:23:40 ----D---- C:\WINDOWS\system32\it-IT
2014-10-03 02:23:40 ----D---- C:\WINDOWS\system32\en-GB
2014-10-03 02:23:40 ----D---- C:\WINDOWS\system32\el-GR
2014-10-03 02:23:40 ----D---- C:\WINDOWS\system32\de-DE
2014-10-03 02:23:39 ----D---- C:\WINDOWS\system32\Sysprep
2014-10-03 02:23:39 ----D---- C:\WINDOWS\system32\sv-SE
2014-10-03 02:23:39 ----D---- C:\WINDOWS\system32\ru-RU
2014-10-03 02:23:39 ----D---- C:\WINDOWS\system32\he-IL
2014-10-03 02:23:39 ----D---- C:\WINDOWS\system32\fr-FR
2014-10-03 02:23:39 ----D---- C:\WINDOWS\system32\fi-FI
2014-10-03 02:23:38 ----D---- C:\WINDOWS\system32\zh-TW
2014-10-03 02:23:38 ----D---- C:\WINDOWS\system32\zh-CN
2014-10-03 02:23:38 ----D---- C:\WINDOWS\system32\uk-UA
2014-10-03 02:23:38 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2014-10-03 02:23:38 ----D---- C:\WINDOWS\system32\sl-SI
2014-10-03 02:23:38 ----D---- C:\WINDOWS\system32\pt-PT
2014-10-03 02:23:38 ----D---- C:\WINDOWS\system32\pl-PL
2014-10-03 02:23:38 ----D---- C:\WINDOWS\system32\ja-JP
2014-10-03 02:23:38 ----D---- C:\WINDOWS\system32\hu-HU
2014-10-03 02:23:38 ----D---- C:\WINDOWS\system32\es-ES
2014-10-03 02:23:38 ----D---- C:\WINDOWS\system32\cs-CZ
2014-10-03 02:23:38 ----D---- C:\WINDOWS\system32\bg-BG
2014-10-03 02:23:37 ----D---- C:\WINDOWS\system32\ro-RO
2014-10-03 02:23:34 ----D---- C:\WINDOWS\system32\zh-HK
2014-10-03 02:23:34 ----D---- C:\WINDOWS\system32\tr-TR
2014-10-03 02:23:34 ----D---- C:\WINDOWS\system32\th-TH
2014-10-03 02:23:33 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2014-10-03 02:23:33 ----D---- C:\WINDOWS\system32\nl-NL
2014-10-03 02:23:33 ----D---- C:\WINDOWS\system32\nb-NO
2014-10-03 02:23:33 ----D---- C:\WINDOWS\system32\migwiz
2014-10-03 02:23:33 ----D---- C:\WINDOWS\system32\lt-LT
2014-10-03 02:23:33 ----D---- C:\WINDOWS\system32\ar-SA
2014-10-03 02:23:32 ----D---- C:\WINDOWS\system32\Dism
2014-10-03 02:23:31 ----D---- C:\WINDOWS\system32\pt-BR
2014-10-03 02:23:31 ----D---- C:\WINDOWS\system32\Boot
2014-10-03 02:23:01 ----RSD---- C:\WINDOWS\Fonts
2014-10-03 02:22:57 ----D---- C:\WINDOWS\apppatch
2014-10-03 02:22:29 ----D---- C:\WINDOWS\system32\drivers\UMDF
2014-09-28 13:41:23 ----A---- C:\WINDOWS\win.ini
2014-09-28 13:41:23 ----A---- C:\WINDOWS\system.ini
2014-09-28 13:37:07 ----D---- C:\Program Files\Common Files\Adobe
2014-09-25 14:50:38 ----SD---- C:\Users\Dale\AppData\Roaming\Microsoft
2014-09-22 02:41:56 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2014-09-19 15:43:23 ----SH---- C:\WINDOWS\system32\desktop.ini
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-05-16 46080]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 
 
138584]
R1 MpKsl76a7b0dd;MpKsl76a7b0dd; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates
 
\{747C39AC-C82E-4A2B-AAB5-D724279D9360}\MpKsl76a7b0dd.sys [2014-10-15 39464]
R1 MpKslb3fddbcc;MpKslb3fddbcc; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates
 
\{747C39AC-C82E-4A2B-AAB5-D724279D9360}\MpKslb3fddbcc.sys [2014-10-16 39464]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS
 
\vwififlt.sys [2014-04-30 57344]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-02-28 36600]
R3 ACPIVPC;@oem2.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS
 
\System32\drivers\AcpiVpc.sys [2010-01-20 23136]
R3 b57nd60x;@netb57vx.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\WINDOWS
 
\system32\DRIVERS\b57nd60x.sys [2013-06-18 376832]
R3 BCM43XX;@netbc63.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:
 
\WINDOWS\system32\DRIVERS\bcmwl63l.sys [2013-07-01 4715008]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 
 
26600]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2012-03-23 9036288]
R3 pneteth;@oem10.inf,%pneteth.Service.DispName%;PdaNet Broadband; C:\WINDOWS\system32\DRIVERS
 
\pneteth.sys [2011-11-25 13440]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS
 
\system32\DRIVERS\serscan.sys [2013-08-21 8704]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers
 
\usbvideo.sys [2013-08-22 176768]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys 
 
[2014-04-30 30720]
S3 dg_ssudbus;@oem6.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver 
 
(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers
 
\iaiogpio.sys [2013-07-23 22016]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel® Atom™ Processor I2C Controller Service; 
 
C:\WINDOWS\System32\drivers\iaioi2c.sys [2013-07-23 61936]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 SPUVCbv;SPUVCb Driver Service; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys []
S3 ssudmdm;@oem8.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:
 
\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;USB RNDIS Adapter; C:\WINDOWS
 
\system32\DRIVERS\usb8023x.sys [2013-08-22 15872]
S3 usbrndis6;@netrndis.inf,%usbrndis6.Service.DispName%;USB RNDIS6 Adapter; C:\WINDOWS
 
\system32\DRIVERS\usb80236.sys [2013-08-22 15872]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys 
 
[2013-08-22 37888]
S3 WinUsb;@oem9.inf,%WinUSB_SvcDesc%;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS
 
\WinUsb.sys [2013-08-22 64000]
S3 WSDPrintDevice;@WSDPrint.Inf,%WSDPrintDevice.SVCDESC%;WSD Print Support; C:\WINDOWS
 
\System32\drivers\WSDPrint.sys [2013-08-22 16384]
S3 WSDScan;@sti.inf,%WSDScan.SvcDesc%;WSD Scan Support; C:\WINDOWS\System32\drivers\WSDScan.sys 
 
[2013-08-22 17920]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device 
 
Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2013-08-22 31552]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 
 
[2003-06-20 322120]
R2 ModernMix;Stardock ModernMix; C:\Program Files\Stardock\ModernMix\MMixSrv.exe [2013-02-28 74864]
R2 Start8;Stardock Start8; C:\Program Files\Stardock\Start8\Start8Srv.exe [2014-04-04 143288]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-
 
12-27 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash
 
\FlashPlayerUpdateService.exe [2014-09-09 267440]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision 
 
Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-05-06 1045256]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net
 
\Framework\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe 
 
[2013-12-27 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 
 
800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib
 
\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 
 
[2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe 
 
[2013-02-28 118520]
 
-----------------EOF-----------------

Edited by beggersrun, 16 October 2014 - 08:33 PM.


BC AdBot (Login to Remove)

 


m

#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:01 PM

Posted 17 October 2014 - 08:16 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 beggersrun

beggersrun
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa Bay, Florida
  • Local time:06:01 PM

Posted 17 October 2014 - 11:45 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-10-2014
Ran by Dale (administrator) on DALES-LAPTOP on 17-10-2014 10:54:26
Running from C:\Downloads
Loaded Profile: Dale (Available profiles: Dale)
Platform: Microsoft Windows 8.1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Stardock Software, Inc) C:\Program Files\Stardock\ModernMix\MMixSrv.exe
(Stardock Software, Inc) C:\Program Files\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files\Stardock\Start8\Start8.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Stardock Software, Inc) C:\Program Files\Stardock\ModernMix\MMix_32.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard Co.) C:\Program Files\Hp\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\Hp\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x86__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\Dale\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x86__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421160 2010-09-01] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3807231785-4007385617-3935110610-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-3807231785-4007385617-3935110610-1001\...\Run: [HP Officejet 4620 series (NET) #2] => C:\Program Files\Hp\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Iolo Macro Magic.lnk
ShortcutTarget: Iolo Macro Magic.lnk -> C:\Program Files\Iolo\Macro Magic\Macros.exe ()
Startup: C:\Users\Dale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files\PdaNet for Android\PdaNetPC.exe ()
Startup: C:\Users\Dale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar796.lnk
ShortcutTarget: Sidebar796.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} http://192.168.1.14:90/codebase/DVM_IPCam2.ocx
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Winsock: Catalog5 08 C:\WINDOWS\system32\wlidnsp.dll [49664] (Microsoft Corporation)
Winsock: Catalog5 09 C:\WINDOWS\system32\wlidnsp.dll [49664] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Dale\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Dale\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "https://www.facebook.com/", "hxxp://www.cnn.com/"
CHR Profile: C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2014-10-12]
CHR Extension: (Google Drive) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-12]
CHR Extension: (TV) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-10-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-12]
CHR Extension: (James White) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-10-07]
CHR Extension: (YouTube) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-12]
CHR Extension: (Google Cast) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-10-12]
CHR Extension: (Gmail Offline) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-10-12]
CHR Extension: (Google Calendar) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-10-12]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2014-10-12]
CHR Extension: (AdBlock) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-14]
CHR Extension: (PrieceLesss) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\gimadnmjmhcbdbhdlpgfpepehadapmoh [2014-10-12]
CHR Extension: (Tabs to the front!) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjaooagfdhdhmbfchnkhggjmacjlacla [2014-10-12]
CHR Extension: (Crackle) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2014-10-12]
CHR Extension: (StumbleUpon) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2014-10-12]
CHR Extension: (Google Maps) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-10-12]
CHR Extension: (Poppit!) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-10-12]
CHR Extension: (Google Wallet) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-12]
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2014-10-12]
CHR Extension: (Gmail) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HPSLPSVC; C:\Users\Dale\AppData\Local\Temp\7zS7C31\hpslpsvc32.dll [701288 2013-07-19] (Hewlett-Packard Co.)
R2 ModernMix; C:\Program Files\Stardock\ModernMix\MMixSrv.exe [74864 2013-02-28] (Stardock Software, Inc)
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-21] (Microsoft Corporation)
R2 Start8; C:\Program Files\Stardock\Start8\Start8Srv.exe [143288 2014-04-04] (Stardock Software, Inc)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [279784 2014-03-23] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2014-03-23] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2014-04-02] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIVPC; C:\WINDOWS\System32\drivers\AcpiVpc.sys [23136 2010-01-20] (Lenovo Corporation)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63l.sys [4715008 2013-07-01] (Broadcom Corporation)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R1 MpKsl76a7b0dd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{747C39AC-C82E-4A2B-AAB5-D724279D9360}\MpKsl76a7b0dd.sys [39464 2014-10-15] (Microsoft Corporation)
R1 MpKslb3fddbcc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{747C39AC-C82E-4A2B-AAB5-D724279D9360}\MpKslb3fddbcc.sys [39464 2014-10-16] (Microsoft Corporation)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 pneteth; C:\WINDOWS\system32\DRIVERS\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [46080 2006-05-16] (Sonic Solutions) [File not signed]
S3 usbrndis6; C:\WINDOWS\system32\DRIVERS\usb80236.sys [15872 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [92504 2014-03-23] (Microsoft Corporation)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
S3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
S3 SPUVCbv; \SystemRoot\System32\Drivers\SPUVCbv_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-17 10:53 - 2014-10-17 10:54 - 00000000 ____D () C:\FRST
2014-10-16 21:16 - 2014-10-16 21:16 - 00000000 ____D () C:\rsit
2014-10-16 21:16 - 2014-10-16 21:16 - 00000000 ____D () C:\Program Files\trend micro
2014-10-16 21:15 - 2014-10-16 21:02 - 01107968 _____ () C:\Users\Dale\Desktop\RSIT.exe
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ___HD () C:\WINDOWS\PIF
2014-10-15 23:00 - 2014-10-15 23:00 - 00000000 ____D () C:\Program Files\ESET
2014-10-15 22:51 - 2014-10-15 22:51 - 00001847 _____ () C:\Users\Dale\Desktop\JRT.txt
2014-10-15 22:38 - 2014-10-15 22:38 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-15 22:04 - 2014-10-15 22:11 - 00000000 ____D () C:\AdwCleaner
2014-10-15 14:19 - 2014-09-29 18:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-10-15 14:19 - 2014-09-29 18:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-10-15 14:17 - 2014-10-15 22:13 - 00002824 _____ () C:\WINDOWS\PFRO.log
2014-10-15 00:51 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-15 00:51 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-15 00:51 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-15 00:51 - 2014-09-18 20:20 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 00:51 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-15 00:51 - 2014-09-18 20:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 00:51 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-15 00:51 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 00:51 - 2014-08-15 21:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-15 00:51 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-10-15 00:50 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-15 00:50 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-15 00:50 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-15 00:50 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-15 00:50 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 00:50 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-15 00:50 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-15 00:50 - 2014-09-13 01:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-15 00:50 - 2014-08-15 21:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 00:50 - 2014-08-15 20:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-15 00:50 - 2014-06-09 18:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-15 00:50 - 2014-05-05 00:02 - 02826240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-10-15 00:50 - 2014-05-03 02:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-10-15 00:49 - 2014-08-14 19:35 - 00122688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-10-15 00:49 - 2014-07-29 21:57 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-10-15 00:49 - 2014-07-29 01:06 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-10-15 00:49 - 2014-05-01 07:00 - 00046512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-10-15 00:49 - 2014-05-01 01:31 - 02366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-10-15 00:48 - 2014-06-19 20:36 - 00805136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-10-15 00:47 - 2014-09-03 20:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-15 00:47 - 2014-08-06 19:36 - 01090280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-10-15 00:47 - 2014-05-29 05:30 - 00481400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-10-15 00:47 - 2014-05-29 02:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-10-15 00:47 - 2014-05-29 00:38 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-10-15 00:47 - 2014-05-01 01:46 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-10-15 00:47 - 2014-04-29 23:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-15 00:47 - 2014-04-28 18:40 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-15 00:47 - 2014-04-26 16:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-10-15 00:47 - 2014-04-14 04:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-15 00:47 - 2014-03-23 21:34 - 00219992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-10-15 00:47 - 2014-03-23 21:34 - 00092504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-10-15 00:47 - 2014-03-23 21:33 - 00030224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-10-15 00:46 - 2014-05-13 01:21 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-15 00:46 - 2014-05-12 23:43 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-15 00:46 - 2014-05-03 00:57 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-15 00:46 - 2014-05-03 00:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-15 00:46 - 2014-05-03 00:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-15 00:46 - 2014-05-03 00:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-15 00:46 - 2014-05-02 19:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-15 00:46 - 2014-05-01 04:24 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-10-15 00:46 - 2014-04-30 01:32 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-15 00:46 - 2014-04-30 01:29 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-15 00:46 - 2014-04-30 01:29 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-15 00:46 - 2014-04-30 00:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-15 00:46 - 2014-04-29 23:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-10-15 00:46 - 2014-04-29 23:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-15 00:46 - 2014-04-29 23:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-15 00:46 - 2014-04-29 23:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-15 00:46 - 2014-04-29 23:43 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-10-15 00:46 - 2014-04-29 23:38 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-15 00:46 - 2014-04-29 23:25 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-15 00:46 - 2014-04-29 23:15 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-15 00:46 - 2014-04-14 01:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2014-10-15 00:46 - 2014-04-09 01:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-10-15 00:41 - 2014-09-07 22:41 - 00049528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-15 00:41 - 2014-09-07 19:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-15 00:41 - 2014-09-07 19:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-15 00:41 - 2014-09-07 19:57 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 00:41 - 2014-09-07 19:56 - 02815488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-15 00:41 - 2014-09-07 19:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-15 00:41 - 2014-09-07 19:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-15 00:41 - 2014-09-07 19:53 - 01634816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-15 00:41 - 2014-08-01 20:15 - 00976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-15 00:41 - 2014-07-24 06:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-15 00:41 - 2014-07-24 06:33 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-15 00:41 - 2014-06-06 08:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-10-15 00:40 - 2014-06-12 20:10 - 01326936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-10-15 00:40 - 2014-06-12 20:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-10-15 00:40 - 2014-06-05 09:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-10-15 00:40 - 2014-06-01 21:06 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2014-10-15 00:40 - 2014-06-01 21:06 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-15 00:40 - 2014-05-31 04:32 - 00382296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-10-15 00:40 - 2014-05-31 04:32 - 00338264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-10-15 00:40 - 2014-05-31 04:32 - 00072536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-10-15 00:40 - 2014-05-31 04:32 - 00023384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-10-15 00:40 - 2014-05-31 01:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-10-15 00:40 - 2014-05-31 01:30 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-15 00:40 - 2014-05-31 01:29 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-15 00:40 - 2014-05-30 23:33 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-15 00:40 - 2014-05-30 23:33 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-15 00:40 - 2014-05-30 23:33 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-15 00:40 - 2014-05-27 05:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-15 00:40 - 2014-05-19 01:33 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-10-15 00:40 - 2014-05-19 01:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-10-15 00:40 - 2014-05-17 00:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-10-15 00:40 - 2014-05-08 00:37 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-10-15 00:39 - 2014-08-28 19:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-15 00:39 - 2014-08-15 23:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-15 00:39 - 2014-08-15 23:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-15 00:39 - 2014-08-15 23:08 - 00863528 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-15 00:39 - 2014-08-15 23:03 - 01858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-15 00:39 - 2014-08-15 23:03 - 01436888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-15 00:39 - 2014-08-15 23:03 - 00286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-15 00:39 - 2014-08-15 20:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-15 00:39 - 2014-08-15 20:39 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 00:39 - 2014-08-15 20:35 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-15 00:39 - 2014-08-15 20:31 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-15 00:39 - 2014-08-15 20:30 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-15 00:39 - 2014-08-15 20:29 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-15 00:39 - 2014-08-15 20:23 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 00:39 - 2014-08-15 20:21 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 00:39 - 2014-08-15 20:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 00:39 - 2014-08-15 20:15 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 00:39 - 2014-08-15 20:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 00:39 - 2014-08-15 20:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 00:39 - 2014-08-15 20:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 00:39 - 2014-08-15 20:11 - 03985408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 00:39 - 2014-08-15 20:11 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 00:39 - 2014-08-15 20:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-15 00:39 - 2014-08-15 20:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-15 00:39 - 2014-08-15 20:05 - 00877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 00:39 - 2014-07-31 19:23 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-15 00:39 - 2014-07-24 09:48 - 00376128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-10-15 00:39 - 2014-07-24 06:42 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-10-15 00:39 - 2014-07-24 05:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-10-15 00:39 - 2014-06-04 04:22 - 00107352 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-10-15 00:39 - 2014-05-29 23:05 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-10-15 00:39 - 2014-04-11 04:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-10-15 00:39 - 2014-04-11 01:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-10-15 00:39 - 2014-04-10 23:41 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-10-15 00:39 - 2014-04-10 23:02 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-10-15 00:38 - 2014-08-28 21:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-15 00:38 - 2014-08-28 20:59 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-15 00:38 - 2014-08-23 03:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-10-15 00:38 - 2014-08-23 01:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-15 00:38 - 2014-08-23 00:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-15 00:38 - 2014-08-23 00:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-15 00:38 - 2014-08-23 00:02 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-10-15 00:38 - 2014-06-16 18:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-10-15 00:38 - 2014-06-04 00:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-10-15 00:36 - 2014-07-11 23:43 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-15 00:36 - 2014-05-09 23:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-10-15 00:35 - 2014-04-18 09:43 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-10-15 00:35 - 2014-04-18 04:51 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-10-15 00:35 - 2014-04-18 04:01 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-10-15 00:35 - 2014-04-14 04:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-10-15 00:35 - 2014-04-11 00:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-10-15 00:35 - 2014-04-10 23:27 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-10-15 00:35 - 2014-04-09 06:47 - 00294744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-10-15 00:35 - 2014-04-09 01:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-10-15 00:35 - 2014-04-08 23:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-10-15 00:35 - 2014-04-07 19:47 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-10-15 00:35 - 2014-04-06 11:27 - 00311128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-10-15 00:35 - 2014-04-06 11:27 - 00240472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-10-15 00:35 - 2014-04-06 11:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-10-15 00:35 - 2014-04-06 11:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-10-15 00:35 - 2014-04-06 11:18 - 00271192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-10-15 00:35 - 2014-04-06 11:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 01159520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00194752 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-10-15 00:35 - 2014-04-06 08:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-10-15 00:35 - 2014-04-06 08:00 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-10-15 00:35 - 2014-04-06 07:47 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-10-15 00:35 - 2014-04-06 07:40 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-10-15 00:35 - 2014-04-06 06:58 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-10-15 00:35 - 2014-04-06 06:55 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-10-15 00:35 - 2014-04-06 06:44 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-10-15 00:35 - 2014-04-06 06:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-15 00:35 - 2014-04-06 06:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-10-15 00:35 - 2014-04-06 05:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-10-15 00:35 - 2014-04-03 00:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-10-15 00:35 - 2014-04-03 00:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-10-15 00:35 - 2014-04-02 22:44 - 01210368 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-10-15 00:35 - 2014-04-02 22:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-10-15 00:35 - 2014-04-01 01:09 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-10-15 00:35 - 2014-03-30 23:34 - 05786968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-10-15 00:35 - 2014-03-30 19:26 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-10-15 00:35 - 2014-03-30 19:13 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-10-15 00:35 - 2014-03-30 18:37 - 01167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-10-15 00:35 - 2014-03-30 18:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-10-15 00:35 - 2014-03-28 05:04 - 00328984 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-10-15 00:35 - 2014-03-27 01:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-10-15 00:35 - 2014-03-27 00:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-10-15 00:35 - 2014-03-27 00:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-10-15 00:35 - 2014-03-26 23:22 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-10-15 00:35 - 2014-03-26 23:03 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-10-15 00:35 - 2014-03-26 22:59 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-10-15 00:35 - 2014-03-24 18:57 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-10-15 00:35 - 2014-03-19 21:20 - 00229344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-10-15 00:35 - 2014-03-19 03:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-10-15 00:35 - 2014-03-19 03:09 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-10-15 00:35 - 2014-03-19 01:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-10-15 00:35 - 2014-03-19 00:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-10-15 00:35 - 2014-03-19 00:47 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-10-15 00:35 - 2014-03-19 00:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-10-15 00:35 - 2014-03-19 00:14 - 02130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-15 00:35 - 2014-03-18 03:22 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-10-15 00:35 - 2014-03-18 00:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-10-15 00:35 - 2014-03-17 00:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-10-15 00:35 - 2014-03-16 22:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-10-15 00:35 - 2014-03-14 02:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-10-15 00:35 - 2014-03-06 06:37 - 00264536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-10-15 00:34 - 2014-09-27 18:25 - 03546624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-15 00:32 - 2014-07-23 23:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-15 00:32 - 2014-07-15 13:07 - 02257584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-10-15 00:32 - 2014-07-15 04:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-10-15 00:32 - 2014-07-15 03:55 - 02045440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-10-15 00:31 - 2014-05-30 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-10-15 00:25 - 2014-10-17 06:33 - 01229970 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-13 22:29 - 2014-10-15 03:22 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-13 17:41 - 2014-10-13 22:46 - 00000400 _____ () C:\Users\Dale\AppData\Roaming\Microsoft\Windows\Start Menu\Device(Derp Cam).website
2014-10-12 17:11 - 2014-10-12 17:11 - 00000010 _____ () C:\Users\Dale\AppData\Local\sponge.last.runtime.cache
2014-10-12 16:50 - 2014-10-15 14:53 - 00000000 ____D () C:\ProgramData\PrieceLesss
2014-10-12 16:50 - 2014-10-14 21:18 - 00000000 ____D () C:\ProgramData\c57eb2ad03c59bcb
2014-10-12 16:50 - 2014-10-12 16:50 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Guest
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Dale\AppData\Local\Comodo
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Administrator
2014-10-12 16:48 - 2014-10-12 17:20 - 00019925 _____ () C:\Users\Dale\AppData\Local\census.cache
2014-10-12 16:48 - 2014-10-12 17:20 - 00000000 _____ () C:\Users\Dale\AppData\Local\ars.cache
2014-10-12 16:39 - 2014-10-12 16:39 - 00000036 _____ () C:\Users\Dale\AppData\Local\housecall.guid.cache
2014-10-12 03:02 - 2014-10-15 14:53 - 00000000 ____D () C:\Users\Dale\AppData\Local\27838
2014-10-12 02:05 - 2014-10-12 02:36 - 00000000 ____D () C:\Users\Dale\Documents\Security Monitor Pro
2014-10-12 02:04 - 2014-10-12 02:04 - 00001387 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Monitor Pro 5.lnk
2014-10-12 02:04 - 2014-10-12 02:04 - 00001375 _____ () C:\Users\Public\Desktop\Security Monitor Pro 5.lnk
2014-10-12 02:04 - 2014-10-12 02:04 - 00000000 ____D () C:\Program Files\Common Files\DeskShare Shared
2014-10-12 01:54 - 2014-10-12 02:05 - 00000000 ____D () C:\Users\Dale\AppData\Local\DeskShare Data
2014-10-12 01:51 - 2014-10-12 02:05 - 00000000 ____D () C:\ProgramData\DeskShare
2014-10-12 01:51 - 2014-10-12 02:04 - 00000000 ____D () C:\Program Files\Deskshare
2014-10-12 01:51 - 2014-10-12 01:51 - 00001329 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP Camera Viewer 2.lnk
2014-10-12 01:51 - 2014-10-12 01:51 - 00001317 _____ () C:\Users\Public\Desktop\IP Camera Viewer 2.lnk
2014-10-12 01:51 - 2014-10-12 01:51 - 00000000 ____D () C:\Users\Dale\AppData\Local\Spoon
2014-10-12 01:51 - 2014-08-29 13:04 - 00301568 _____ () C:\WINDOWS\system32\LiveWrapRTSP.dll
2014-10-11 19:25 - 2014-10-11 20:10 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\HpUpdate
2014-10-11 19:25 - 2014-10-11 19:25 - 00002256 _____ () C:\Users\Public\Desktop\HP Officejet 4620 series.lnk
2014-10-11 19:25 - 2012-10-17 04:04 - 00580712 ____H (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM6412.dll
2014-10-10 13:12 - 2014-10-10 13:13 - 00000000 ____D () C:\Users\Dale\Desktop\SysinternalsSuite
2014-10-09 22:16 - 2014-10-09 22:16 - 00000000 ____D () C:\Program Files\Lame For Audacity
2014-10-09 22:04 - 2014-10-09 22:44 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\Audacity
2014-10-09 22:04 - 2014-10-09 22:04 - 00000993 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-10-09 22:04 - 2014-10-09 22:04 - 00000981 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-10-09 22:04 - 2014-10-09 22:04 - 00000000 ____D () C:\Program Files\Audacity
2014-10-09 21:34 - 2014-10-09 21:34 - 00001077 _____ () C:\Users\Dale\Desktop\AudioConverter Studio.lnk
2014-10-09 21:33 - 2014-10-09 21:34 - 00000000 ____D () C:\Program Files\AudioConverter Studio
2014-10-09 21:33 - 2014-10-09 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioConverter Studio
2014-10-09 11:25 - 2014-10-09 14:02 - 00000000 ____D () C:\ProgramData\Stardock
2014-10-09 11:25 - 2014-10-09 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-10-09 11:25 - 2014-10-09 11:42 - 00000000 ____D () C:\Program Files\Stardock
2014-10-09 11:25 - 2014-10-09 11:25 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2014-10-07 14:41 - 2014-10-07 14:41 - 00038912 _____ () C:\Users\Dale\Desktop\XBox Sign.pub
2014-10-05 16:18 - 2000-04-06 20:10 - 00401462 _____ (Microsoft Corporation) C:\WINDOWS\system32\~GLH0023.TMP
2014-10-05 16:17 - 2014-10-05 16:16 - 00002583 _____ () C:\Users\Public\Desktop\Paint Shop Pro 7.lnk
2014-10-05 16:16 - 2014-10-05 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jasc Software
2014-10-05 16:16 - 2014-10-05 16:16 - 00000000 ____D () C:\Program Files\Jasc Software Inc
2014-10-04 15:04 - 2014-10-06 13:27 - 00000000 ____D () C:\wifidata
2014-10-03 02:37 - 2014-10-03 02:37 - 00000000 __SHD () C:\Users\Dale\AppData\Local\EmieUserList
2014-10-03 02:37 - 2014-10-03 02:37 - 00000000 __SHD () C:\Users\Dale\AppData\Local\EmieSiteList
2014-10-03 02:18 - 2014-10-03 14:25 - 00018432 _____ () C:\Users\Dale\Desktop\Book1.xls
2014-10-03 02:18 - 2014-10-03 02:18 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\Adobe
2014-10-03 01:47 - 2014-10-03 01:47 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-10-03 01:47 - 2014-10-03 01:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-10-03 01:47 - 2014-10-03 01:47 - 00000000 ____D () C:\Program Files\MP3Gain
2014-10-03 01:29 - 2014-10-03 01:30 - 00000000 ____D () C:\Program Files\EasyCapture
2014-10-03 01:24 - 2014-10-03 01:24 - 00000000 ____D () C:\Program Files\DirectoryListPrint
2014-09-26 17:37 - 2014-09-26 17:37 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\Vast Studios
2014-09-25 16:51 - 2014-09-25 16:51 - 00001041 _____ () C:\Users\Dale\Desktop\Free MKV to AVI Converter.lnk
2014-09-25 14:39 - 2014-09-25 14:39 - 00001840 _____ () C:\Users\Dale\Desktop\Show Presenter.exe - Shortcut.lnk
2014-09-24 18:28 - 2014-09-24 18:28 - 00001437 _____ () C:\Users\Dale\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk
2014-09-24 18:28 - 2014-09-24 18:28 - 00001435 _____ () C:\Users\Dale\Desktop\Install Windows.lnk
2014-09-23 16:03 - 2014-10-17 00:35 - 00000000 ____D () C:\Movies
2014-09-22 04:52 - 2014-09-22 04:52 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\Jasc
2014-09-19 15:21 - 2014-03-19 21:31 - 01037504 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-09-19 15:21 - 2014-03-19 21:09 - 01679704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-19 15:21 - 2014-03-19 21:09 - 00283992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-09-19 15:21 - 2014-03-19 19:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-09-19 15:21 - 2014-03-19 19:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-09-19 15:21 - 2014-03-19 01:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-09-19 15:21 - 2014-03-19 01:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-19 15:21 - 2014-03-13 06:12 - 00138584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-09-19 15:21 - 2014-03-11 10:49 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-09-19 15:21 - 2014-03-11 10:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-19 15:21 - 2014-03-11 10:09 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-09-19 15:21 - 2014-03-11 09:46 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-09-19 15:21 - 2014-03-11 09:34 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-09-19 15:21 - 2014-03-11 09:32 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-09-19 15:21 - 2014-03-08 08:00 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-09-19 15:21 - 2014-03-08 07:53 - 00147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-09-19 15:21 - 2014-03-08 07:45 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-09-19 15:21 - 2014-03-08 07:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-09-19 15:21 - 2014-03-08 04:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-09-19 15:21 - 2014-03-08 03:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-09-19 15:21 - 2014-03-08 03:40 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-09-19 15:21 - 2014-03-08 03:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-19 15:21 - 2014-03-08 02:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-09-19 15:21 - 2014-03-08 02:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-09-19 15:21 - 2014-03-08 02:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-09-19 15:21 - 2014-03-08 02:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-09-19 15:21 - 2014-03-08 01:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-09-19 15:21 - 2014-03-08 01:42 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-09-19 15:21 - 2014-03-08 01:16 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-09-19 15:21 - 2014-03-06 07:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-19 15:21 - 2014-03-06 07:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-09-19 15:21 - 2014-03-06 07:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-09-19 15:21 - 2014-03-06 06:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-09-19 15:21 - 2014-03-06 06:43 - 00321880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-09-19 15:21 - 2014-03-06 06:34 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-09-19 15:21 - 2014-03-06 04:24 - 00092160 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-09-19 15:21 - 2014-03-06 04:24 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-19 15:21 - 2014-03-06 04:24 - 00020992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-09-19 15:21 - 2014-03-06 04:23 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-09-19 15:21 - 2014-03-06 04:22 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-09-19 15:21 - 2014-03-06 04:20 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-09-19 15:21 - 2014-03-06 04:20 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-09-19 15:21 - 2014-03-06 04:20 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-09-19 15:21 - 2014-03-06 04:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-09-19 15:21 - 2014-03-06 04:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-09-19 15:21 - 2014-03-06 03:47 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-09-19 15:21 - 2014-03-06 03:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-09-19 15:21 - 2014-03-06 03:25 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDScDrv.dll
2014-09-19 15:21 - 2014-03-06 03:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-09-19 15:21 - 2014-03-06 02:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-09-19 15:21 - 2014-03-06 02:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-09-19 15:21 - 2014-03-06 02:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-09-19 15:21 - 2014-03-06 02:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-09-19 15:21 - 2014-03-06 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-09-19 15:21 - 2014-03-06 02:06 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-09-19 15:21 - 2014-03-06 02:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-09-19 15:21 - 2014-03-06 01:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-09-19 15:21 - 2014-03-06 01:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-09-19 15:21 - 2014-03-04 07:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-19 15:21 - 2014-03-04 02:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-09-19 15:21 - 2014-03-04 02:42 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-09-19 15:21 - 2014-03-04 02:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-09-19 15:21 - 2014-03-04 02:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-09-19 15:21 - 2014-03-04 02:30 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-09-19 15:21 - 2014-03-04 02:26 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-19 15:21 - 2014-03-04 02:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-09-19 15:21 - 2014-03-04 01:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-09-19 15:21 - 2014-03-04 01:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-09-19 15:21 - 2013-12-23 19:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-09-19 15:17 - 2014-02-22 10:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-09-19 15:17 - 2014-02-22 10:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-09-19 15:17 - 2014-02-22 10:51 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-09-19 15:17 - 2014-02-22 10:42 - 01370696 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-19 15:17 - 2014-02-22 10:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-09-19 15:17 - 2014-02-22 10:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-09-19 15:17 - 2014-02-22 10:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-09-19 15:17 - 2014-02-22 10:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-09-19 15:17 - 2014-02-22 10:40 - 00211800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-19 15:17 - 2014-02-22 10:40 - 00120664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-09-19 15:17 - 2014-02-22 10:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-09-19 15:17 - 2014-02-22 10:38 - 01129064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-09-19 15:17 - 2014-02-22 10:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-09-19 15:17 - 2014-02-22 10:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-19 15:17 - 2014-02-22 10:38 - 00197280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-09-19 15:17 - 2014-02-22 10:26 - 00198488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-09-19 15:17 - 2014-02-22 10:25 - 02871672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-09-19 15:17 - 2014-02-22 10:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-19 15:17 - 2014-02-22 10:18 - 00759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-09-19 15:17 - 2014-02-22 10:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-19 15:17 - 2014-02-22 10:12 - 01468872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-09-19 15:17 - 2014-02-22 10:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-09-19 15:17 - 2014-02-22 10:08 - 01389960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-19 15:17 - 2014-02-22 10:08 - 01280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-19 15:17 - 2014-02-22 10:08 - 01270608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-19 15:17 - 2014-02-22 10:08 - 01167856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-19 15:17 - 2014-02-22 10:08 - 00431960 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-09-19 15:17 - 2014-02-22 10:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-09-19 15:17 - 2014-02-22 10:04 - 00869720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-19 15:17 - 2014-02-22 10:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-09-19 15:17 - 2014-02-22 10:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-09-19 15:17 - 2014-02-22 10:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-09-19 15:17 - 2014-02-22 07:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-09-19 15:17 - 2014-02-22 07:23 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-09-19 15:17 - 2014-02-22 07:22 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-19 15:17 - 2014-02-22 07:19 - 00205312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-09-19 15:17 - 2014-02-22 07:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-09-19 15:17 - 2014-02-22 07:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-09-19 15:17 - 2014-02-22 07:16 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-09-19 15:17 - 2014-02-22 07:11 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-09-19 15:17 - 2014-02-22 07:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-09-19 15:17 - 2014-02-22 06:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-09-19 15:17 - 2014-02-22 06:40 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-09-19 15:17 - 2014-02-22 06:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-09-19 15:17 - 2014-02-22 06:09 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-09-19 15:17 - 2014-02-22 06:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-09-19 15:17 - 2014-02-22 06:02 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-09-19 15:17 - 2014-02-22 06:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-19 15:17 - 2014-02-22 06:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-09-19 15:17 - 2014-02-22 05:52 - 00926720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-09-19 15:17 - 2014-02-22 05:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-19 15:17 - 2014-02-22 05:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-09-19 15:17 - 2014-02-22 05:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-09-19 15:17 - 2014-02-22 05:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-09-19 15:17 - 2014-02-22 05:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-09-19 15:17 - 2014-02-22 05:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-09-19 15:17 - 2014-02-22 05:24 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-09-19 15:17 - 2014-02-22 05:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-19 15:17 - 2014-02-22 05:23 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-09-19 15:17 - 2014-02-22 05:21 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-09-19 15:17 - 2014-02-22 05:20 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-09-19 15:17 - 2014-02-22 05:19 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-09-19 15:17 - 2014-02-22 05:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-09-19 15:17 - 2014-02-22 05:16 - 00593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-09-19 15:17 - 2014-02-22 05:14 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-09-19 15:17 - 2014-02-22 05:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-09-19 15:17 - 2014-02-22 05:14 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-09-19 15:17 - 2014-02-22 05:13 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-09-19 15:17 - 2014-02-22 05:10 - 00300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-09-19 15:17 - 2014-02-22 05:07 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-09-19 15:17 - 2014-02-22 05:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-09-19 15:17 - 2014-02-22 05:06 - 00434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-09-19 15:17 - 2014-02-22 05:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-09-19 15:17 - 2014-02-22 05:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-09-19 15:17 - 2014-02-22 04:59 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-19 15:17 - 2014-02-22 04:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-09-19 15:17 - 2014-02-22 04:58 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-09-19 15:17 - 2014-02-22 04:57 - 00829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-09-19 15:17 - 2014-02-22 04:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-09-19 15:17 - 2014-02-22 04:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-09-19 15:17 - 2014-02-22 04:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-09-19 15:17 - 2014-02-22 04:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-09-19 15:17 - 2014-02-22 04:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-09-19 15:17 - 2014-02-22 04:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-09-19 15:17 - 2014-02-22 04:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-19 15:17 - 2014-02-22 04:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-09-19 15:17 - 2014-02-22 04:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-09-19 15:17 - 2014-02-22 04:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-19 15:17 - 2014-02-22 04:28 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-09-19 15:17 - 2014-02-22 04:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-09-19 15:17 - 2014-02-22 04:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-19 15:17 - 2014-02-22 04:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-09-19 15:17 - 2014-02-22 04:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-09-19 15:17 - 2014-02-22 00:35 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-09-19 15:17 - 2014-02-07 21:08 - 00081975 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-09-19 15:17 - 2014-02-07 21:08 - 00024518 _____ () C:\WINDOWS\system32\systemsflm.ebd
2014-09-19 15:17 - 2014-01-29 03:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-09-19 15:17 - 2014-01-29 02:41 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-09-19 15:17 - 2014-01-07 20:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-09-19 15:17 - 2013-12-10 02:10 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-09-19 15:16 - 2014-02-22 10:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-09-19 15:16 - 2014-02-22 10:52 - 00171936 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-09-19 15:16 - 2014-02-22 10:52 - 00063592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-09-19 15:16 - 2014-02-22 10:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-09-19 15:16 - 2014-02-22 10:51 - 00066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-09-19 15:16 - 2014-02-22 10:51 - 00065056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-09-19 15:16 - 2014-02-22 10:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-09-19 15:16 - 2014-02-22 10:42 - 00146672 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-09-19 15:16 - 2014-02-22 10:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-09-19 15:16 - 2014-02-22 10:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2014-09-19 15:16 - 2014-02-22 10:40 - 00261464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-09-19 15:16 - 2014-02-22 10:40 - 00163672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-09-19 15:16 - 2014-02-22 10:40 - 00064344 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-09-19 15:16 - 2014-02-22 10:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-09-19 15:16 - 2014-02-22 10:38 - 00136320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-09-19 15:16 - 2014-02-22 10:38 - 00125976 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-09-19 15:16 - 2014-02-22 10:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-09-19 15:16 - 2014-02-22 10:38 - 00078000 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-09-19 15:16 - 2014-02-22 10:26 - 00197976 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-09-19 15:16 - 2014-02-22 10:26 - 00130904 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-09-19 15:16 - 2014-02-22 10:26 - 00063832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-09-19 15:16 - 2014-02-22 10:26 - 00025944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-09-19 15:16 - 2014-02-22 10:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-19 15:16 - 2014-02-22 10:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-09-19 15:16 - 2014-02-22 10:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-09-19 15:16 - 2014-02-22 10:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-09-19 15:16 - 2014-02-22 10:10 - 00105896 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-09-19 15:16 - 2014-02-22 10:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-09-19 15:16 - 2014-02-22 07:28 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-09-19 15:16 - 2014-02-22 07:28 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-09-19 15:16 - 2014-02-22 07:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-09-19 15:16 - 2014-02-22 07:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-09-19 15:16 - 2014-02-22 07:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-09-19 15:16 - 2014-02-22 07:22 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-09-19 15:16 - 2014-02-22 07:22 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-09-19 15:16 - 2014-02-22 07:18 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-09-19 15:16 - 2014-02-22 07:16 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-09-19 15:16 - 2014-02-22 07:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-09-19 15:16 - 2014-02-22 07:12 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-09-19 15:16 - 2014-02-22 07:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-09-19 15:16 - 2014-02-22 07:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-09-19 15:16 - 2014-02-22 07:04 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-09-19 15:16 - 2014-02-22 07:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-09-19 15:16 - 2014-02-22 06:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-09-19 15:16 - 2014-02-22 06:58 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-09-19 15:16 - 2014-02-22 06:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-09-19 15:16 - 2014-02-22 06:54 - 00035024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-09-19 15:16 - 2014-02-22 06:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-09-19 15:16 - 2014-02-22 06:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-09-19 15:16 - 2014-02-22 06:46 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-09-19 15:16 - 2014-02-22 06:43 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-09-19 15:16 - 2014-02-22 06:41 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-09-19 15:16 - 2014-02-22 06:40 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-09-19 15:16 - 2014-02-22 06:37 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-19 15:16 - 2014-02-22 06:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-09-19 15:16 - 2014-02-22 06:33 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-09-19 15:16 - 2014-02-22 06:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-09-19 15:16 - 2014-02-22 06:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-09-19 15:16 - 2014-02-22 06:24 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-09-19 15:16 - 2014-02-22 06:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-09-19 15:16 - 2014-02-22 06:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-09-19 15:16 - 2014-02-22 06:17 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-09-19 15:16 - 2014-02-22 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-09-19 15:16 - 2014-02-22 06:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-09-19 15:16 - 2014-02-22 06:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-09-19 15:16 - 2014-02-22 06:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-09-19 15:16 - 2014-02-22 06:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-09-19 15:16 - 2014-02-22 06:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-09-19 15:16 - 2014-02-22 06:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-09-19 15:16 - 2014-02-22 06:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-09-19 15:16 - 2014-02-22 06:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-09-19 15:16 - 2014-02-22 06:01 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-09-19 15:16 - 2014-02-22 06:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2014-09-19 15:16 - 2014-02-22 05:58 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-09-19 15:16 - 2014-02-22 05:52 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-09-19 15:16 - 2014-02-22 05:44 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-09-19 15:16 - 2014-02-22 05:43 - 01294848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-09-19 15:16 - 2014-02-22 05:43 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-09-19 15:16 - 2014-02-22 05:42 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-09-19 15:16 - 2014-02-22 05:42 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-09-19 15:16 - 2014-02-22 05:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-09-19 15:16 - 2014-02-22 05:40 - 01095680 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-09-19 15:16 - 2014-02-22 05:39 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-09-19 15:16 - 2014-02-22 05:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-09-19 15:16 - 2014-02-22 05:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-09-19 15:16 - 2014-02-22 05:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-09-19 15:16 - 2014-02-22 05:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-09-19 15:16 - 2014-02-22 05:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-09-19 15:16 - 2014-02-22 05:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-09-19 15:16 - 2014-02-22 05:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-09-19 15:16 - 2014-02-22 05:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-09-19 15:16 - 2014-02-22 05:21 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-09-19 15:16 - 2014-02-22 05:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-19 15:16 - 2014-02-22 05:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-09-19 15:16 - 2014-02-22 05:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-19 15:16 - 2014-02-22 05:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-09-19 15:16 - 2014-02-22 05:13 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-09-19 15:16 - 2014-02-22 05:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-09-19 15:16 - 2014-02-22 05:08 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-09-19 15:16 - 2014-02-22 05:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-09-19 15:16 - 2014-02-22 05:07 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-09-19 15:16 - 2014-02-22 05:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-09-19 15:16 - 2014-02-22 05:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-09-19 15:16 - 2014-02-22 05:03 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-19 15:16 - 2014-02-22 04:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-09-19 15:16 - 2014-02-22 04:56 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-09-19 15:16 - 2014-02-22 04:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-09-19 15:16 - 2014-02-22 04:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-09-19 15:16 - 2014-02-22 04:54 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-19 15:16 - 2014-02-22 04:48 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-09-19 15:16 - 2014-02-22 04:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-09-19 15:16 - 2014-02-22 04:48 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-09-19 15:16 - 2014-02-22 04:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-09-19 15:16 - 2014-02-22 04:47 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-09-19 15:16 - 2014-02-22 04:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-09-19 15:16 - 2014-02-22 04:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-09-19 15:16 - 2014-02-22 04:43 - 01108480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-19 15:16 - 2014-02-22 04:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-09-19 15:16 - 2014-02-22 04:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-09-19 15:16 - 2014-02-22 04:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-19 15:16 - 2014-02-22 04:42 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-09-19 15:16 - 2014-02-22 04:41 - 03278848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-09-19 15:16 - 2014-02-22 04:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-09-19 15:16 - 2014-02-22 04:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-09-19 15:16 - 2014-02-22 04:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-09-19 15:16 - 2014-02-22 04:38 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-09-19 15:16 - 2014-02-22 04:33 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-09-19 15:16 - 2014-02-22 04:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-09-19 15:16 - 2014-02-22 04:25 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-19 15:16 - 2014-02-22 04:23 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-09-19 15:16 - 2014-02-22 04:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-09-19 15:16 - 2014-02-22 04:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-09-19 15:16 - 2014-02-22 03:56 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-19 15:16 - 2014-02-22 03:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-19 15:16 - 2014-02-01 02:00 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-09-19 15:16 - 2014-01-31 05:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-09-19 15:16 - 2014-01-31 05:10 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-09-19 15:16 - 2014-01-31 05:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-09-19 15:16 - 2014-01-31 05:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-09-19 15:16 - 2014-01-31 04:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-19 15:16 - 2014-01-29 03:43 - 00411992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-09-19 15:16 - 2014-01-29 03:38 - 00735576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-09-19 15:16 - 2014-01-29 02:25 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-09-19 15:16 - 2014-01-29 02:25 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-09-19 15:16 - 2014-01-22 01:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-09-19 15:16 - 2014-01-17 13:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-09-19 15:16 - 2013-12-04 10:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-19 15:16 - 2013-12-04 09:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-19 15:16 - 2013-11-27 04:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-09-19 15:16 - 2013-11-23 04:37 - 00036696 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-09-19 15:15 - 2014-02-22 07:25 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-09-19 15:15 - 2014-02-22 07:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-09-19 15:15 - 2014-02-22 07:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-09-19 15:15 - 2014-02-22 07:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SSShim.dll
2014-09-19 15:15 - 2014-02-22 07:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-09-19 15:15 - 2014-02-22 07:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-09-19 15:15 - 2014-02-22 07:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-09-19 15:15 - 2014-02-22 07:23 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2014-09-19 15:15 - 2014-02-22 07:22 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-09-19 15:15 - 2014-02-22 07:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-09-19 15:15 - 2014-02-22 07:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-09-19 15:15 - 2014-02-22 07:01 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-09-19 15:15 - 2014-02-22 06:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-09-19 15:15 - 2014-02-22 06:56 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-09-19 15:15 - 2014-02-22 06:50 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2014-09-19 15:15 - 2014-02-22 06:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-09-19 15:15 - 2014-02-22 06:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2014-09-19 15:15 - 2014-02-22 06:40 - 00304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-09-19 15:15 - 2014-02-22 06:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-09-19 15:15 - 2014-02-22 06:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-09-19 15:15 - 2014-02-22 06:31 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-19 15:15 - 2014-02-22 06:27 - 00625664 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2014-09-19 15:15 - 2014-02-22 06:26 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-09-19 15:15 - 2014-02-22 06:25 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-09-19 15:15 - 2014-02-22 06:23 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-09-19 15:15 - 2014-02-22 06:23 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-09-19 15:15 - 2014-02-22 06:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-09-19 15:15 - 2014-02-22 06:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-09-19 15:15 - 2014-02-22 06:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-09-19 15:15 - 2014-02-22 06:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-09-19 15:15 - 2014-02-22 06:15 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-09-19 15:15 - 2014-02-22 06:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-09-19 15:15 - 2014-02-22 06:08 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-09-19 15:15 - 2014-02-22 06:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-09-19 15:15 - 2014-02-22 06:00 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-09-19 15:15 - 2014-02-22 05:59 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-09-19 15:15 - 2014-02-22 05:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-09-19 15:15 - 2014-02-22 05:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-09-19 15:15 - 2014-02-22 05:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-19 15:15 - 2014-02-22 05:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-09-19 15:15 - 2014-02-22 05:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-09-19 15:15 - 2014-02-22 05:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-09-19 15:15 - 2014-02-22 05:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-09-19 15:15 - 2014-02-22 05:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-09-19 15:15 - 2014-02-22 05:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-09-19 15:15 - 2014-02-22 05:21 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-09-19 15:15 - 2014-02-22 05:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-09-19 15:15 - 2014-02-22 05:17 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-09-19 15:15 - 2014-02-22 05:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxshared.dll
2014-09-19 15:15 - 2014-02-22 05:15 - 00178176 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-19 15:15 - 2014-02-22 05:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-09-19 15:15 - 2014-02-22 05:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-09-19 15:15 - 2014-02-22 04:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-09-19 15:15 - 2014-02-22 04:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-09-19 15:15 - 2014-02-22 04:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-09-19 15:15 - 2014-02-22 04:43 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-09-19 15:15 - 2014-02-22 04:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-09-19 15:15 - 2014-02-22 04:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2014-09-19 15:15 - 2014-02-22 04:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-09-19 15:15 - 2014-02-22 04:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-09-19 15:15 - 2014-02-22 04:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-09-19 15:15 - 2014-02-22 04:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-09-19 15:15 - 2014-02-22 00:46 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-09-19 15:15 - 2014-02-22 00:38 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-09-19 15:15 - 2014-02-22 00:38 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-09-19 15:15 - 2014-02-22 00:38 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-09-19 15:15 - 2014-02-22 00:38 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-09-19 15:15 - 2014-02-07 21:08 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml
2014-09-19 15:15 - 2014-02-01 02:00 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-09-19 15:15 - 2014-02-01 02:00 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-09-19 15:15 - 2014-02-01 02:00 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-09-19 15:15 - 2013-11-27 05:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-09-19 15:01 - 2014-09-19 15:01 - 00000000 ____D () C:\WINDOWS\AUInstallAgent

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-17 10:55 - 2013-12-28 01:50 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\uTorrent
2014-10-17 10:37 - 2013-12-27 19:56 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-17 10:30 - 2014-01-30 14:05 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-17 10:01 - 2014-01-20 19:28 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3807231785-4007385617-3935110610-1001UA.job
2014-10-17 10:00 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-17 05:20 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-17 04:01 - 2014-01-20 19:28 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3807231785-4007385617-3935110610-1001Core.job
2014-10-17 00:29 - 2013-12-27 17:49 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-16 18:37 - 2013-12-27 19:56 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 18:35 - 2013-12-27 18:02 - 00000000 __RDO () C:\Users\Dale\SkyDrive
2014-10-16 18:34 - 2013-12-27 17:52 - 00000000 ____D () C:\Users\Dale
2014-10-16 18:34 - 2013-08-22 03:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-16 13:03 - 2014-02-12 17:42 - 00000384 _____ () C:\Users\Dale\Desktop\Printer Info.txt
2014-10-16 04:54 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-16 04:42 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-10-16 02:14 - 2014-02-24 17:07 - 00000000 ____D () C:\Program Files\KMSnano
2014-10-16 02:14 - 2014-02-23 13:42 - 00000000 ____D () C:\Program Files\Free Keylogger Pro
2014-10-15 17:05 - 2011-09-01 14:06 - 00000000 ____D () C:\All Saved
2014-10-15 14:54 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\InputMethod
2014-10-15 14:17 - 2013-08-22 03:22 - 00485808 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-15 14:16 - 2013-08-22 02:13 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-15 14:12 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-15 13:04 - 2014-05-26 15:21 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-15 03:22 - 2014-07-08 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-15 03:09 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\registration
2014-10-15 03:06 - 2013-12-27 19:56 - 00000000 ____D () C:\Program Files\Google
2014-10-15 01:14 - 2013-08-22 04:05 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-15 01:00 - 2013-09-29 23:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-15 00:59 - 2013-12-29 14:52 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-15 00:52 - 2013-12-29 14:52 - 100290944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-15 00:49 - 2014-02-12 04:16 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-10-15 00:49 - 2014-02-12 04:16 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-10-15 00:49 - 2014-02-12 04:16 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-10-15 00:49 - 2014-02-12 04:16 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-10-15 00:49 - 2014-02-12 04:15 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-10-15 00:49 - 2014-02-12 04:15 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-10-15 00:49 - 2014-02-12 04:15 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-10-15 00:34 - 2014-02-12 04:15 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-10-15 00:33 - 2014-09-10 10:34 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-10-13 15:02 - 2014-05-25 13:38 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\FSC
2014-10-12 16:50 - 2013-12-27 19:56 - 00000000 ____D () C:\Users\Dale\AppData\Local\Google
2014-10-12 16:50 - 2013-08-22 04:17 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-10-11 19:48 - 2014-09-08 16:51 - 00001986 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-10-11 19:35 - 2014-09-12 13:36 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-10-11 19:25 - 2014-04-05 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-10-11 19:25 - 2014-02-12 17:23 - 00000000 ____D () C:\Program Files\Hp
2014-10-11 19:06 - 2014-01-20 18:50 - 00001654 _____ () C:\Users\Dale\advanced_ip_scanner_MAC.bin
2014-10-09 22:22 - 2011-09-17 14:10 - 00000000 ____D () C:\MP3s
2014-10-09 21:57 - 2014-01-11 14:14 - 00117609 _____ () C:\ProgramData\ITFW.log
2014-10-09 21:50 - 2014-01-11 14:23 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\Mp3tag
2014-10-09 15:05 - 2014-01-31 16:59 - 00000000 ____D () C:\Users\Dale\AppData\Local\SoulseekQt
2014-10-06 19:26 - 2014-04-01 11:56 - 00040448 _____ () C:\Users\Dale\Desktop\Banking.xls
2014-10-05 15:34 - 2013-12-31 18:27 - 00000000 ____D () C:\Users\Dale\Documents\My PSP Files
2014-10-03 02:24 - 2013-08-22 04:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\zh-TW
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\zh-CN
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sv-SE
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ru-RU
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\pt-PT
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\pt-BR
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\pl-PL
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\nl-NL
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\nb-NO
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ko-KR
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ja-JP
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\it-IT
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\hu-HU
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\fr-FR
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\fi-FI
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\el-GR
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-09-28 13:41 - 2013-08-22 02:13 - 00000256 _____ () C:\WINDOWS\win.ini
2014-09-28 13:41 - 2013-08-22 02:13 - 00000247 _____ () C:\WINDOWS\system.ini
2014-09-28 13:37 - 2014-01-07 17:19 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-22 02:41 - 2013-12-29 12:01 - 00231568 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Dale\AppData\Local\Temp\Quarantine.exe
C:\Users\Dale\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-13 01:55

==================== End Of Log ============================

Edited by beggersrun, 17 October 2014 - 11:50 AM.


#4 beggersrun

beggersrun
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa Bay, Florida
  • Local time:06:01 PM

Posted 17 October 2014 - 11:56 AM

Please note:

 

Running Gmer rootkit scanner resulted in 4 crashes closing the program each time. I took a screenshot, but don't know how to post it here since I don't have the image hosted on any site.

 

Should I proceed with TDSS-Killer?

 

Thank you for your time!

 

- Dale



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:01 PM

Posted 20 October 2014 - 10:44 AM

Yes, please proceed! :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 beggersrun

beggersrun
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa Bay, Florida
  • Local time:06:01 PM

Posted 20 October 2014 - 11:19 AM

Results of TDSSKiller:

--------------------------------

12:10:43.0209 0x1bf0  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:11:01.0102 0x1bf0  ============================================================
12:11:01.0102 0x1bf0  Current date / time: 2014/10/20 12:11:01.0102
12:11:01.0102 0x1bf0  SystemInfo:
12:11:01.0103 0x1bf0  
12:11:01.0103 0x1bf0  OS Version: 6.3.9600 ServicePack: 0.0
12:11:01.0103 0x1bf0  Product type: Workstation
12:11:01.0103 0x1bf0  ComputerName: DALES-LAPTOP
12:11:01.0103 0x1bf0  UserName: Dale
12:11:01.0103 0x1bf0  Windows directory: C:\WINDOWS
12:11:01.0103 0x1bf0  System windows directory: C:\WINDOWS
12:11:01.0103 0x1bf0  Processor architecture: Intel x86
12:11:01.0103 0x1bf0  Number of processors: 2
12:11:01.0103 0x1bf0  Page size: 0x1000
12:11:01.0103 0x1bf0  Boot type: Normal boot
12:11:01.0103 0x1bf0  ============================================================
12:11:03.0692 0x1bf0  KLMD registered as C:\WINDOWS\system32\drivers\35246938.sys
12:11:05.0772 0x1bf0  System UUID: {BD40007E-C236-C4E0-E900-38F854B4776B}
12:11:08.0292 0x1bf0  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:11:08.0336 0x1bf0  ============================================================
12:11:08.0337 0x1bf0  \Device\Harddisk0\DR0:
12:11:08.0347 0x1bf0  MBR partitions:
12:11:08.0347 0x1bf0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
12:11:08.0347 0x1bf0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1775FAC0
12:11:08.0385 0x1bf0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x177C52C0, BlocksNum 0x3C7E000
12:11:08.0385 0x1bf0  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1B4432C0, BlocksNum 0x1D826B0
12:11:08.0385 0x1bf0  ============================================================
12:11:08.0603 0x1bf0  C: <-> \Device\Harddisk0\DR0\Partition2
12:11:08.0642 0x1bf0  D: <-> \Device\Harddisk0\DR0\Partition3
12:11:08.0745 0x1bf0  O: <-> \Device\Harddisk0\DR0\Partition4
12:11:08.0745 0x1bf0  ============================================================
12:11:08.0745 0x1bf0  Initialize success
12:11:08.0745 0x1bf0  ============================================================
12:11:12.0633 0x1fb8  ============================================================
12:11:12.0633 0x1fb8  Scan started
12:11:12.0633 0x1fb8  Mode: Manual; 
12:11:12.0633 0x1fb8  ============================================================
12:11:12.0633 0x1fb8  KSN ping started
12:11:15.0219 0x1fb8  KSN ping finished: true
12:11:16.0580 0x1fb8  ================ Scan system memory ========================
12:11:16.0580 0x1fb8  System memory - ok
12:11:16.0581 0x1fb8  ================ Scan services =============================
12:11:16.0744 0x1fb8  [ F7B9F821CF1C31B266F60A5733F8119A, F6CD1745CCE5F3023AA71BEBDD90ABF53AAB7BAC30FE6D28EB0CE73A46346875 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
12:11:16.0751 0x1fb8  1394ohci - ok
12:11:16.0789 0x1fb8  [ 57F7923ACC5009218F6591B3C0F62E07, 2C55C3C05063A87AA3B8B4E229F473104DE3643B1905214F75643332F60AD77F ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
12:11:16.0793 0x1fb8  3ware - ok
12:11:16.0838 0x1fb8  [ 97E855ABBF94A5B979BB3070833AE71C, 1BE118C8E9DE6C37D4B64980824B01552B18F468E710C5313CBBBAC4458F3CED ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
12:11:16.0860 0x1fb8  ACPI - ok
12:11:16.0886 0x1fb8  [ DCA3C5F55150B3AEB8B75A5E8D1156DC, 5BECBA14872511E9195B66F5BA290C80978C0DFFB08FABB8C5502D6F4B2927B9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
12:11:16.0889 0x1fb8  acpiex - ok
12:11:16.0911 0x1fb8  [ EE103776F838AE570EDBB2C1FB1356AF, 893FE536EEC3E9FBF08FBF3491DD96939DD92879E321A24E1AB4C6F7C5C84961 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
12:11:16.0913 0x1fb8  acpipagr - ok
12:11:16.0946 0x1fb8  [ AC1BAD06E47D090C553FDEEAD1A7C463, FF4A46E0811B6857DDF1C8FB35E1D99CF2C13D7139FEC574B797F09CA0DC95CA ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
12:11:16.0950 0x1fb8  AcpiPmi - ok
12:11:16.0976 0x1fb8  [ 519FA16CFE54F107861501D852322AEF, AC81AEAABF7C97F90769A8EE789449DB413815C2634999AE0C5825BF40656505 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
12:11:16.0978 0x1fb8  acpitime - ok
12:11:17.0006 0x1fb8  [ 0FF1F2F287E65A66A3B72484B9895785, 93DA8081BCF32732528FF909BD38EA552C47FA361B22D6C4C5272183244E6659 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
12:11:17.0008 0x1fb8  ACPIVPC - ok
12:11:17.0066 0x1fb8  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:11:17.0075 0x1fb8  AdobeFlashPlayerUpdateSvc - ok
12:11:17.0120 0x1fb8  [ D614199DF507F1047D2C9ADB89BDD49E, F858794161F40660CDFEDA895A3B924364F74F8D6165947A7605A3C695D9EE7D ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:11:17.0154 0x1fb8  ADP80XX - ok
12:11:17.0203 0x1fb8  [ 38ED16BD714BD8AB7A1D78568E2C5B22, D03E82A895DC9F47488D4DDF4C47D241364F2FAFCA9C76576C934403BEFC046B ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
12:11:17.0209 0x1fb8  AeLookupSvc - ok
12:11:17.0255 0x1fb8  [ D75FB05E8DBF21FA0EF313C7503243F1, A9D9B5A6B26D114319B16605D47BDD27D4B13B72D2661DDDCD711AC48D46DB4E ] AFD             C:\WINDOWS\system32\drivers\afd.sys
12:11:17.0277 0x1fb8  AFD - ok
12:11:17.0317 0x1fb8  [ 7A706DCF874214097A30694D3B686866, C565B0A0F59A79259D0D3958FF3FAAE252FCC2BF3964C426B37F8C3830A0C216 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
12:11:17.0321 0x1fb8  agp440 - ok
12:11:17.0347 0x1fb8  [ 25815816E0032A26D2FE5FDA7F9A2BB7, F10F59CE1EB099BA7D6923BA7C8712E1D2E03C31A194F47A6B4CC824B479104B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:11:17.0350 0x1fb8  ahcache - ok
12:11:17.0373 0x1fb8  [ F0393267267B7E0EFD1E987781783B9F, 90BC0B0FA5DE930650104C9D3ED76A90EDB99DCAD097FAF964B1705BD2BE6825 ] ALG             C:\WINDOWS\System32\alg.exe
12:11:17.0376 0x1fb8  ALG - ok
12:11:17.0397 0x1fb8  [ E7E154969EEDB8E8FC2C80DF690A175A, 3015D83058BF9B018473823B596F4F9F1A348E3ED2724C51CB9776E76082C479 ] amdagp          C:\WINDOWS\system32\drivers\amdagp.sys
12:11:17.0400 0x1fb8  amdagp - ok
12:11:17.0420 0x1fb8  [ D9707ECC59834964EBA0D9D6C87305F6, EEC61004B16B4E1582D55D00C7A6DF497E72EC2B81A301B383584F5D6DFADCF0 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
12:11:17.0425 0x1fb8  AmdK8 - ok
12:11:17.0443 0x1fb8  [ 7E4E0841365A02F77BD8497CCE347179, 915506A214730851CD789A4E0D1AC6501706D56929CD8AFB30BF77E4618AE574 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
12:11:17.0449 0x1fb8  AmdPPM - ok
12:11:17.0463 0x1fb8  [ 5558A0EB3082EAC88C0578ABCE0C707D, 46DDFFE4E3DC5E98B06CA6DCF508C8B7BBCD1C9BED8DFA74B48AA08498E76EF2 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
12:11:17.0466 0x1fb8  amdsata - ok
12:11:17.0495 0x1fb8  [ FB1A73A850C812F63BA9D174AB97BFB6, D15ECB48ECC459E564386101178E4E698B84B7763ABBC022F6D617CC5623F755 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
12:11:17.0504 0x1fb8  amdsbs - ok
12:11:17.0517 0x1fb8  [ 43352B9C7917984404F893AD10468F63, 26270C5FBECF1D2E91ABB589196F3B57C46D5C941594D12EEA1A6BAD60B2E28A ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
12:11:17.0520 0x1fb8  amdxata - ok
12:11:17.0543 0x1fb8  [ 744F52D39EE8B38B85A047B6AFFE8696, 67594BD57863C48559B690D0C6FB2376B9ACBF7645232EE259464D54B786C5A8 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
12:11:17.0547 0x1fb8  AppID - ok
12:11:17.0581 0x1fb8  [ 74A94E7CE70DAABD1929F605392F3632, 4434B89229E220B35E071E63A478C67F9607AF5F17A4C2C0FEB8DA5E8E77C11E ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
12:11:17.0584 0x1fb8  AppIDSvc - ok
12:11:17.0617 0x1fb8  [ FB3D6A346A14B7581FDA75C53FCF5E42, 60A605B3EB5685AAF4D9CE50387D82BB9AAFCBC65DADE99ABBB167A55C97B152 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
12:11:17.0622 0x1fb8  Appinfo - ok
12:11:17.0708 0x1fb8  [ 70D7BE78061126DD0C3ACCDB7E129017, 6F330C925B2567ECCDA0C743A51BA64CAA91E16021EFA5946B3A135282BFB1BF ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:11:17.0716 0x1fb8  Apple Mobile Device - ok
12:11:17.0759 0x1fb8  [ 0016BF6CCFCBEE39188861476B700D8B, 8E90B8BA4C94E7CF4E970C2ACE34FD510E2A1643AC041F4C51D8CF1EE1A0DA4E ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
12:11:17.0782 0x1fb8  AppReadiness - ok
12:11:17.0848 0x1fb8  [ D07789299DA4D79B123336534E960F62, E98CD0B2B80A71D8B7BCD152196B4D8B2B56EE39C798C35CB33C6D82C5C314A5 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
12:11:17.0940 0x1fb8  AppXSvc - ok
12:11:17.0972 0x1fb8  [ 0554DE27A3B4527C000073CEA0E84D1B, 526AA2C3B88AB21331C6DAA40F0443AE3437D673DECC330E7433F9FDC7ADDB54 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
12:11:17.0977 0x1fb8  arcsas - ok
12:11:17.0994 0x1fb8  [ 437EAC134721F0BA2D856FA3B2622F7B, 0B07CEB94C9F5FA86996A031E054AD3C7177C6185D946398A9FF9E57CF10D0AE ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:11:17.0997 0x1fb8  AsyncMac - ok
12:11:18.0019 0x1fb8  [ 72FCAE2CE6DFEAB2AB072435017F3417, 1081DAD1DEC8956D7A0D2CE9AF5DCDC56620436B161A7D749EDE769AAE73F2D6 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
12:11:18.0022 0x1fb8  atapi - ok
12:11:18.0054 0x1fb8  [ D6BB129AB4F45174432D88C0B768E3A6, 32659D2DB33879B4368700C22B57208BFE3D5D257C15D632C169C19AD78BDD3F ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:11:18.0061 0x1fb8  AudioEndpointBuilder - ok
12:11:18.0099 0x1fb8  [ F5DB09E62DD1F1864C8DCF596645B540, 3B200F7835A1D468353D19821199F24ABB38C35716D652736382BF7775E3D807 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
12:11:18.0132 0x1fb8  Audiosrv - ok
12:11:18.0166 0x1fb8  [ E8EB0D954F852612B5558A2FA48141EF, 9EAFADF021D18BF7EBB9A0F3D7896EE4C4D144FE471447BECE1555FB3FF4148E ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
12:11:18.0237 0x1fb8  AxInstSV - ok
12:11:18.0316 0x1fb8  [ 399F9268585E60FF0E4E7932013775D4, EF15A52FB024D3042789AD91F905CB53ABDD0AE40B1982ED3383AB591D3F9931 ] b57nd60x        C:\WINDOWS\system32\DRIVERS\b57nd60x.sys
12:11:18.0389 0x1fb8  b57nd60x - ok
12:11:18.0421 0x1fb8  [ 235EAE5E6E5F3F0DD49DA9204F86976E, 6F29B9E36C54717E94DBF346FEF5145A2CAEBA4C1BB336E4023C5A7FE09B5290 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:11:18.0425 0x1fb8  BasicDisplay - ok
12:11:18.0471 0x1fb8  [ 363392A3AF1630C9D3A7B9A31267B5B3, C1F084BFCC05EE56585860DF4729198C72475AC75A2A38FD4D1551D8CA3A9EA3 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
12:11:18.0690 0x1fb8  BasicRender - ok
12:11:18.0942 0x1fb8  [ DC7001507CD70FAD9D2D288C8F14E162, E0DB839B2ED13AAE879258D36011DCA4667596EDB2C50CAE4C96A0EC3FA187F2 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63l.sys
12:11:19.0140 0x1fb8  BCM43XX - ok
12:11:19.0210 0x1fb8  [ 596DB7E4D0DB6AC32DF142C861001979, D7E2C2334F286778A485391C0E0BA19DE2A7D2C3B94A74563C57D55EB0A8E858 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
12:11:19.0211 0x1fb8  bcmfn2 - ok
12:11:19.0244 0x1fb8  [ BB66D3F11B9D1A71C14AA9175BA308E1, C110DA0892A6C4507D22537CD83DC8D923935624507F8C04B89D41367DD61ADC ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
12:11:19.0255 0x1fb8  BDESVC - ok
12:11:19.0287 0x1fb8  [ 38058AF65F15D0E9E1A5A9B8E75B0757, C7855B39DEAF8AE6E87FBF44FADD3344D69AC71AAC8737EA6FF21435685189F7 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:11:19.0288 0x1fb8  Beep - ok
12:11:19.0341 0x1fb8  [ B865A96B787A813F5D66665B2B62AB11, 667D7916EC00D5F57B3F527C68AEB0AED147D5D62B25DCA2ACD78B509C36EAA6 ] BFE             C:\WINDOWS\System32\bfe.dll
12:11:19.0372 0x1fb8  BFE - ok
12:11:19.0455 0x1fb8  [ CF61A9210872D1C98FA82593A5A3EFA1, E4732961BB3D9220E692646D1B16984B375D8BD65B1881B25F9BD35FB1B0AFD2 ] BITS            C:\WINDOWS\System32\qmgr.dll
12:11:19.0494 0x1fb8  BITS - ok
12:11:19.0555 0x1fb8  [ 673CF4F6BB1FBE09331B526802FBB892, 1C592111174757CA3F495BD6571FB17E45D4BCCF2893CE63C5F2809B066F69F6 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:11:19.0566 0x1fb8  Bonjour Service - ok
12:11:19.0588 0x1fb8  [ BC1FC15A5B1FAE717CE441537590FDD3, B16A29C37AAFD8BB63E96211A7B01A206E3370904F942DE0D85AAFE8EF49A8E9 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
12:11:19.0592 0x1fb8  bowser - ok
12:11:19.0621 0x1fb8  [ 0693FAE9B475E1C079C6EEB52C0AC986, 314480AF3678726D2E55E2DD942C742275F0ECF019F1189F61EE5AAA0934223B ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:11:19.0629 0x1fb8  BrokerInfrastructure - ok
12:11:19.0659 0x1fb8  [ B64CCCB190CB29C3D376932DE1F1281B, 994C36CA6F6CD61F3607D3B226E8A5F362A5C254C936EABF234A6EEF516A7ED8 ] Browser         C:\WINDOWS\System32\browser.dll
12:11:19.0664 0x1fb8  Browser - ok
12:11:19.0698 0x1fb8  [ 48590B2DBCE55AC0DF0F7A3F23204CBF, CA57095FD6979A937FC26E9E4D804C8FA7248B36D84159D746F9FC8BADF08365 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:11:19.0701 0x1fb8  BthAvrcpTg - ok
12:11:19.0717 0x1fb8  [ 84CF99F7190D54D4C72E0F5D008BF88C, 585A87EC0A57057727D58A8D9B9ACDE90861AFB4BF4FBEF07C451A7EDF5DB96F ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
12:11:19.0721 0x1fb8  BthHFEnum - ok
12:11:19.0743 0x1fb8  [ 1C0791BC4DC2AE0B41F8E84CD3154929, FEA1FF46493C6638E08FC2FBBFB66B9922680BB649B99695ADACF05713962A78 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
12:11:19.0746 0x1fb8  bthhfhid - ok
12:11:19.0764 0x1fb8  [ 34915F2B5A85B46E5B9033634C937CCA, 3A6B32C55712581CEAC5E7159A302D8CC36AB69E6702A77F1B4F20D5DFF13574 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
12:11:19.0767 0x1fb8  BTHMODEM - ok
12:11:19.0792 0x1fb8  [ D0AD9879CC58ABB122EC0BF0F7B3925C, 09B3ECE40AA008B4E11955CE15453AC9F9262895E0568CEE2A169A0FE9526080 ] bthserv         C:\WINDOWS\system32\bthserv.dll
12:11:19.0796 0x1fb8  bthserv - ok
12:11:19.0830 0x1fb8  [ CE232BB0965C0C0B786C3F976CCBFB7D, B3EF33018585A1B0B560E774C6127354E45805F01779C5931C345853F9EFD48C ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:11:19.0834 0x1fb8  cdfs - ok
12:11:19.0853 0x1fb8  [ E2FC132D48EA4E8B04432C33EFB77801, 732BCDFA8975FB54DD0EAF0D208CBD361CA2E9C68B82212481C843E2ED1C5237 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
12:11:19.0859 0x1fb8  cdrom - ok
12:11:19.0889 0x1fb8  [ 8EA77992FACEB94182B9610FA4A06A68, 18AC5B03A3B7FA783596B8BD63DC01F9C36520AEA5264AFD99CD9207F538C931 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
12:11:19.0894 0x1fb8  CertPropSvc - ok
12:11:19.0911 0x1fb8  [ 98294CE233DE8687CEEC29BD632107D0, 91DCAD303EB49A0321E3991A7B77E77672A87B32B55656A6D9471F10F1C2EE27 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
12:11:19.0917 0x1fb8  circlass - ok
12:11:19.0957 0x1fb8  [ 7559018F0024F00AC00198F18C6A0426, 29280C458A1C0F43D410E8582811D61A2ED5D7D8104FA5B17BB15E02DB080964 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
12:11:19.0968 0x1fb8  CLFS - ok
12:11:20.0000 0x1fb8  [ 6D46D1CCDA47E9B76F2D7FF4417D31AD, 8AA40C74C284EBF78FB60D64614BC87BD8C1592AD0EFB03D0DEE7F0265050019 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
12:11:20.0003 0x1fb8  CmBatt - ok
12:11:20.0044 0x1fb8  [ 7E7A3756C7F8490D7A507A2F488293BC, 6E359677D81AA5ED6CE93A98DB4E250E70E7DF7581FCBB7C7E1025D58DF9E359 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
12:11:20.0067 0x1fb8  CNG - ok
12:11:20.0092 0x1fb8  [ EC086CEEC479CEDAD294D64D819CAABE, 07202C26C0691CE1C83112439FFDD9F4151B3FB16AE63A3B8F35D235C59D005B ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
12:11:20.0095 0x1fb8  cnghwassist - ok
12:11:20.0110 0x1fb8  [ F89853991E6A03526E17E4AE5239FD98, E10FBF25FCFA42D7D495B013B327E090517797E654FFAEA0A4D4F212A6A5D5CC ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
12:11:20.0112 0x1fb8  CompositeBus - ok
12:11:20.0120 0x1fb8  COMSysApp - ok
12:11:20.0136 0x1fb8  [ C8A7949EBAC42923D59B2C2630D2AD84, F5828C42AC40B873A09879F80B8C5F51ED36F9633A11A2A34846BBB890A416B9 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
12:11:20.0140 0x1fb8  condrv - ok
12:11:20.0168 0x1fb8  [ 1D0EF66A01276C2562A84E4C23C19F61, 791DC91B3348A24728165DC8E571FB02D068AF3E80D77DC32194DE083087BB48 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
12:11:20.0173 0x1fb8  CryptSvc - ok
12:11:20.0199 0x1fb8  [ 2ECC9D6E0104409B441EA7095233F323, 82F9340A98DEF7CA4DDDBF27EAF23C9E829F87863C11E81445A776B366A00CA8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
12:11:20.0202 0x1fb8  dam - ok
12:11:20.0250 0x1fb8  [ 05C0337538BEECC04FC695808EFF201C, DC32234686D38A7DD35DFE6AC9CB55F0DDAD8B463EE6B20857CC45884F00C093 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:11:20.0326 0x1fb8  DcomLaunch - ok
12:11:20.0382 0x1fb8  [ 0586EBA2C2741193863CE0B07050E15D, F929EF50F0E779C58EC449F8BE32961A468CAB2C33566FA61B60BBD303C39988 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
12:11:20.0394 0x1fb8  defragsvc - ok
12:11:20.0425 0x1fb8  [ CB7581E95D45B89503D6290277B3AEBA, E6645951628600EA62CE52CBF1CC2BFA46AFD429072B8CAB52530D93306CFCC0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:11:20.0437 0x1fb8  DeviceAssociationService - ok
12:11:20.0466 0x1fb8  [ 7F4B79568DD6BEC3ECC80C2AE93DC749, E21DFE1B4D3B2BF3B4C65AB5D2A875453EED66AD9958CB3FD4840EA057756474 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
12:11:20.0473 0x1fb8  DeviceInstall - ok
12:11:20.0507 0x1fb8  [ 55758EBBC45E1628161121D7CFEAD4A1, 566B90D1600B5B0F71B85B7B5F775D3E77C3B8C73CE13A848784A9EC74478C80 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
12:11:20.0511 0x1fb8  Dfsc - ok
12:11:20.0544 0x1fb8  [ 560B0DCE52DFED6623B27C9BAFA6F236, BB4156BB1CCA64CCDE065870DAE56CD58BF05CEBF7C3B17C7A821FDF02A8B157 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:11:20.0891 0x1fb8  dg_ssudbus - ok
12:11:20.0933 0x1fb8  [ E28501E3A241DDC5DC65382E55661B1D, 3D7C1D55BF377C38A02CBF46C8B3E5D87B71936E0C14CF57FF626C473E313F32 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
12:11:20.0945 0x1fb8  Dhcp - ok
12:11:20.0973 0x1fb8  [ 832BDA661E26792B5512FC641A177F26, 10D4E4D2AE0974A48D6B5E8A294B4B53250B0BC6CA00EBBFE1F6119DD67509F8 ] disk            C:\WINDOWS\system32\drivers\disk.sys
12:11:20.0978 0x1fb8  disk - ok
12:11:21.0002 0x1fb8  [ 0357F5F7C542249D8EAA4E6FCC69EE91, E23B6657E1126603D195145BED77AA239625057A28378AF535E5A3A7A4D1F36D ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
12:11:21.0005 0x1fb8  dmvsc - ok
12:11:21.0031 0x1fb8  [ A47341D3C4D2FB3984BDCAF00AE4A6C7, E612CE37EF1C1F1090A95452349BA47CA9580A3928C7B3E1C5784117018F3E76 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:11:21.0039 0x1fb8  Dnscache - ok
12:11:21.0083 0x1fb8  [ EB46660185B04E24A66344699B5A3866, ADBF72CE72982D4C4F7D7DAC4DF0511FED3D7C936B9A1152E91C83ED6ADBEC51 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:11:21.0091 0x1fb8  dot3svc - ok
12:11:21.0117 0x1fb8  [ F57ECB784590B2C7A974EE22EA16BE5F, 5A252316036C9A0DAAF27008D2C139A225E21736464E32C85709C39FC63DC2B1 ] DPS             C:\WINDOWS\system32\dps.dll
12:11:21.0124 0x1fb8  DPS - ok
12:11:21.0160 0x1fb8  [ 115B0BCB58F274B46A9C6A5615C4B925, 2F66228A3BC128FDA2356CE5BE7386E91AB9CA155F4E4B45B8BC7D4D02361589 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
12:11:21.0162 0x1fb8  drmkaud - ok
12:11:21.0186 0x1fb8  [ 57B0E7924571AFC1F4617749D17C7BFF, 7A1E4E7B5AC1849D020B2DA67B07CAC86CD5D378727AC340376558FDCE1A1C7F ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
12:11:21.0193 0x1fb8  DsmSvc - ok
12:11:21.0268 0x1fb8  [ 27FA5460CE08F69FE536399214E0ABBB, 4B68384F6405D16776BA828BF06E59B671A7D5C007CF834179C421D08552662A ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:11:21.0335 0x1fb8  DXGKrnl - ok
12:11:21.0392 0x1fb8  [ BC17CF644AD174F7558D1DCB7D1D488E, 66DC5F0E4619F95674E553A09DA5558F1545B98F042D3D0298288D071F998B00 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
12:11:21.0397 0x1fb8  EapHost - ok
12:11:21.0428 0x1fb8  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] EFS             C:\WINDOWS\System32\lsass.exe
12:11:21.0433 0x1fb8  EFS - ok
12:11:21.0472 0x1fb8  [ AECFDE05D120822452BA8F606841B3FE, DC89D894C9C25E164DD409C31937D6E85824F504D3F834BE8B9DAC61819BC844 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
12:11:21.0476 0x1fb8  EhStorClass - ok
12:11:21.0494 0x1fb8  [ BFDF5BA2B770B358CA607109240A739D, 20007ED67456BF90F080B4FC4BBA699CB0F2F10216B63350C0B6F9F4D7C5D1CB ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:11:21.0499 0x1fb8  EhStorTcgDrv - ok
12:11:21.0518 0x1fb8  [ 6E7FD164E20C50F5A2D49AD0218FF4AE, 0625C6875E703AC0059B5DE55AE6BF725D337C168C499F79D2E772EBAC107EA6 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
12:11:21.0520 0x1fb8  ErrDev - ok
12:11:21.0577 0x1fb8  [ BC4E13AFEE0B35D87CE8F49EF5DF5634, EA6E7C135EE660070AD823F3D2BB940124FF7EDA599DAF7B7B86CCC58DC0BE5A ] EventSystem     C:\WINDOWS\system32\es.dll
12:11:21.0589 0x1fb8  EventSystem - ok
12:11:21.0611 0x1fb8  [ 630E4FAFAE692F2D2D3835A4F37A583C, 282C2051F4BDA060958529E4A1F799DB91CA0855B804FF2F6E19EFF913533FE1 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
12:11:21.0619 0x1fb8  exfat - ok
12:11:21.0640 0x1fb8  [ 2B731E0CF73B392B1923078F464D96DB, 741AE561704A0EF464EB6184C3353188AD6150A5B10130DF0E96D31CE821AD0C ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
12:11:21.0648 0x1fb8  fastfat - ok
12:11:21.0694 0x1fb8  [ 1FE12BBB957D8D74DDACF51F40B1358F, E8E565E332EADEDB543AE451CD446BE6CDC1079798A9598B868943A434416E84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
12:11:21.0729 0x1fb8  Fax - ok
12:11:21.0893 0x1fb8  [ F2D60D87B15FF8ABBDA27371EBBEFE0B, EC2B48A3E259449E7C388C31BEF8ECF8B3CA9CB851CBE90E97673CE093CB4863 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
12:11:21.0898 0x1fb8  fdc - ok
12:11:21.0984 0x1fb8  [ D6AEDD0E959AC11665BEABA0EC470A2B, 731295F996D1AD143FF788E3041B0D8E21C5F6C3ACDAE6662A1598E86545C84B ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
12:11:21.0989 0x1fb8  fdPHost - ok
12:11:22.0010 0x1fb8  [ A04078C96EDF2D475B76B23D35967344, BB37D73D2899EF60080B5CBCA6FFB14E82933C717F9316025757EB17A0A64E00 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
12:11:22.0014 0x1fb8  FDResPub - ok
12:11:22.0037 0x1fb8  [ 472A9FFB696FD557828DEBD606FBD819, 5F8C8C5E5DF762A5E9CD4D82933F5BD881C6768194125A53FFBF81F8E8E5AC29 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
12:11:22.0043 0x1fb8  fhsvc - ok
12:11:22.0076 0x1fb8  [ 878BE2CD1B68000D4BEEE293267B19CB, 136480B18E145E681C756792B57163349D49521A6DDEA78745E896F1EAB24B17 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
12:11:22.0080 0x1fb8  FileInfo - ok
12:11:22.0104 0x1fb8  [ 5C427FD4AFAEAC08882A70EDA5013AF8, 74FDB9218D18154D6C541A835A54F17A88C6BE4EFA0A0C94BD642A752A500B0A ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
12:11:22.0107 0x1fb8  Filetrace - ok
12:11:22.0164 0x1fb8  [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:11:22.0208 0x1fb8  FLEXnet Licensing Service - ok
12:11:22.0225 0x1fb8  [ BB2091E613F6F06F24FF9507E0FAA20B, EFACAE4F4E586120C30C48EA503EC679E37D3BDE9052FE7392D6C81E8AE5010C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
12:11:22.0228 0x1fb8  flpydisk - ok
12:11:22.0263 0x1fb8  [ 0E647295EA5573F06DDD42F0FDFF254A, 5051F269A431ED83B8DB70E4945C1CDC4D74481AFA71E30D389B47E1093D306F ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:11:22.0273 0x1fb8  FltMgr - ok
12:11:22.0345 0x1fb8  [ ED4BA3B6CD98646F392858C8110307FF, 853BD974F62DD580AB7172F99B81EBA4BFFC39C294F927DABF4BF4118F3736EB ] FontCache       C:\WINDOWS\system32\FntCache.dll
12:11:22.0411 0x1fb8  FontCache - ok
12:11:22.0500 0x1fb8  [ 7B47332931E0B083D09F1E7FBDD3F147, D7812D0109291BCB5268913498E66F817009E8262050F546AD16B5FAC47F8CCA ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:11:22.0504 0x1fb8  FontCache3.0.0.0 - ok
12:11:22.0542 0x1fb8  [ 73F944AA04157781172CAD535AB6E172, 6C2FB6C0D4A10924A845A1CF18A98206EEAAB8243A0B36AEEC78B047BFFCDDAF ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
12:11:22.0546 0x1fb8  FsDepends - ok
12:11:22.0562 0x1fb8  [ 6496F5E84CBC8C6D697939D6518D9B7A, 1E518FC7B478356E997E86FDD06A01A6833407C25F67A85CC91A49EC6F2EAEB1 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:11:22.0565 0x1fb8  Fs_Rec - ok
12:11:22.0604 0x1fb8  [ A58318CA9F98AAB207D4C84868490D1D, E57DEF96B69A7ED25EC37DE41BF5F1F3A57A5B2729BC615E9785F0EDF5E75346 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:11:22.0627 0x1fb8  fvevol - ok
12:11:22.0645 0x1fb8  [ B3CDDF19F6201210B8785FFD642A1632, 35A664BD1C51F9F448CADA2B82276F378BA65188D175C00515EBBD06E91641AC ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
12:11:22.0648 0x1fb8  FxPPM - ok
12:11:22.0672 0x1fb8  [ 2DC88A077B783AFD416CDEE7BDE63868, C016325071D88371753C4049749C26C8D58FE8D787533B3289DB1D523E6F076B ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
12:11:22.0677 0x1fb8  gagp30kx - ok
12:11:22.0706 0x1fb8  [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:11:22.0709 0x1fb8  GEARAspiWDM - ok
12:11:22.0733 0x1fb8  [ 2156802A56276A97FB6892412A0B899D, F97F253D7EE992A427D2A4F12601893FCEA93975547A7CE5D8C2DF25ABD23A97 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
12:11:22.0736 0x1fb8  gencounter - ok
12:11:22.0758 0x1fb8  [ 73EFE8A2747BB87F66B5646AA2262AE4, 368AAFA38F214D474206B914A4258B3679CB0B1C9080D32DFB3BF890BD5611A8 ] GPIO            C:\WINDOWS\System32\drivers\iaiogpio.sys
12:11:22.0762 0x1fb8  GPIO - ok
12:11:22.0798 0x1fb8  [ FB1DB2A2663D59FEB04F4311861C7022, B9571C1B80ED150DC41E200ED20B8C289E2011548A12ECF4DB55234075B60E02 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:11:22.0803 0x1fb8  GPIOClx0101 - ok
12:11:22.0874 0x1fb8  [ 22306013C7C180699EAD991005AF2F93, ECFC900BF1F2B3AC8CCD3B021A3F8F632689D6817219FAA383A3AE3BCA90A377 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
12:11:22.0973 0x1fb8  gpsvc - ok
12:11:23.0047 0x1fb8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
12:11:23.0051 0x1fb8  gupdate - ok
12:11:23.0062 0x1fb8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
12:11:23.0065 0x1fb8  gupdatem - ok
12:11:23.0105 0x1fb8  [ 449688B15D29787C8A440D6ECA9925B5, 7E1C88106F3F39394843B8B2B5921A8F5B215AC1538F46F151B9F4FAAC7AE1DE ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
12:11:23.0117 0x1fb8  HdAudAddService - ok
12:11:23.0174 0x1fb8  [ 3D06FB84CFFB1D959ACE7690A27A89E1, 267F22D64BC774E32BF8DC8BED45C384ACAC888E16D9924D31EEEB1AF16553B6 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
12:11:23.0179 0x1fb8  HDAudBus - ok
12:11:23.0207 0x1fb8  [ 5C5BF3E47BB6B07FAD8EA4565159659E, E8C52CC743408093B118D3E1E8C0E7E1E7EED7234422341C8B666C03A9FA0CC4 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
12:11:23.0211 0x1fb8  HidBatt - ok
12:11:23.0229 0x1fb8  [ 4A59C5DAF29CC28DA966C57DB863655E, 6A164BEB000AF2A8FBCBF8A15C8BF9D999CDCF90EAFDD748D4F7FAA27E67CD12 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
12:11:23.0233 0x1fb8  HidBth - ok
12:11:23.0257 0x1fb8  [ 4AC33C5E591F9845E34DA8681E558A58, 4FC04C7EF2736D63CF77756566C5710764671EC54085FC035B4752377CABDDE7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
12:11:23.0266 0x1fb8  hidi2c - ok
12:11:23.0304 0x1fb8  [ 2E6CA4DE2AEDF7ABDFEA906F11EDC8B1, 69FD8513F4E0C1E8C78D01D007D90DC33D3C4DEAED05FEECD634A15334202D62 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
12:11:23.0307 0x1fb8  HidIr - ok
12:11:23.0330 0x1fb8  [ 06692FEB8EBC5AD53AC6C610BC72F1C6, 4C2754E0F3FBCF147D7D7F9D1F433C85B6AB59922F9DA754B31CB57A90CDC175 ] hidserv         C:\WINDOWS\system32\hidserv.dll
12:11:23.0334 0x1fb8  hidserv - ok
12:11:23.0356 0x1fb8  [ 71E4AD300E86C0754D6070FB92475CF7, 110AF2389CFC8AB481B6A8706F436BB600D10063669C2A6ABB5A63FB9E3A3495 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
12:11:23.0475 0x1fb8  HidUsb - ok
12:11:23.0514 0x1fb8  [ 622B08BD041DE4B0B8F34D4F0F5A018C, 4EA4DB15CE5DD44FF30B5AE0D7EBEDAF3DDE8761D7633FED52CE7D022E0980E6 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
12:11:23.0519 0x1fb8  hkmsvc - ok
12:11:23.0546 0x1fb8  [ D331E843F66501F57978F85FE695CEEE, CB2B23E3191DDE105A47D7C7361880DE968D79D55A16B371DA16456F047B7FE2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:11:23.0557 0x1fb8  HomeGroupListener - ok
12:11:23.0594 0x1fb8  [ 4FC945E08AF63491AFCC902C99046735, 3F62C132B8C8A35C09D1ED7C602658EC901ED6284550B0A8E9E6FE0AACB7A511 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:11:23.0607 0x1fb8  HomeGroupProvider - ok
12:11:23.0637 0x1fb8  [ BA073FD7F6C94FF18F97DF8F0297ED62, 132611011C0AEB1E529453A4FA983587D7F1CE286C04AC0B952F4D964B72BEC1 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
12:11:23.0642 0x1fb8  HpSAMD - ok
12:11:24.0411 0x1fb8  [ C3B71A7EE3ADA9E9D1A30133B9D2FC74, CDC22E3FF2AB7279E5DAB4CC9FEF41C1E97F276B192143BAC34FAEBE3E4B3D3B ] HPSLPSVC        C:\Users\Dale\AppData\Local\Temp\7zS7C31\hpslpsvc32.dll
12:11:24.0456 0x1fb8  HPSLPSVC - ok
12:11:24.0637 0x1fb8  [ 4196BBF0725EF4E4F220D5E1539EF553, EE78E340C8DE4256567A5D0589CE5B3C182EE80A7D6F663CB971651391BA3F92 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
12:11:24.0702 0x1fb8  HTTP - ok
12:11:24.0726 0x1fb8  [ FAEB94F3ACCDFDA16E5FA585369FDEC4, 12A41592EEC9CEB5C8C10AAF2C09E7262E2AC28B615D181F9BCCA0DEC12648F3 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
12:11:24.0728 0x1fb8  hwpolicy - ok
12:11:24.0763 0x1fb8  [ 2DDC60AD29D845A745C9ECAAE35FC477, 1A4670D10744B36FFCDC5068C824315200F9D9BD24E5F2A111B2019C13CD59BE ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
12:11:24.0764 0x1fb8  hyperkbd - ok
12:11:24.0784 0x1fb8  [ D360FFBA289307976BE1BBE7BE792F58, 6A787C493D226D6AB5A933B3EAF9D6EE4B18BDB2D07D1CAE59CE1EFA729B1B2D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
12:11:24.0787 0x1fb8  HyperVideo - ok
12:11:24.0810 0x1fb8  [ 5043E69532392A43549E5D41E22638AA, DC5186117FC60036A70CD6065810F090BD3EFFA24B59C760ECB6B7FB9C43F174 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
12:11:24.0815 0x1fb8  i8042prt - ok
12:11:24.0837 0x1fb8  [ 646D3B416BC970C3CD2F53844FD156A5, 045CBA642382B33DB1E222302B14DD46838895A73CE50426FD180B4CA918253A ] iaioi2c         C:\WINDOWS\System32\drivers\iaioi2c.sys
12:11:24.0840 0x1fb8  iaioi2c - ok
12:11:24.0871 0x1fb8  [ 387637FC01BA30E95A2330DA3FFD0919, 836A100F766044B431D2263A57CB3BB3B43AA0C3E58220F31A2EF89E1BB8CB55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
12:11:24.0907 0x1fb8  iaStorAV - ok
12:11:24.0936 0x1fb8  [ D2E7F3611BB8F1C2661B8F7858D33A35, EFA7B2E8433AB6DE739EB12792154B64DF29B61C8BB2F467C95C393A40D84E1A ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
12:11:24.0948 0x1fb8  iaStorV - ok
12:11:24.0955 0x1fb8  IEEtwCollectorService - ok
12:11:25.0312 0x1fb8  [ D771E3D5E0ECE091FF9244BDF1303D6F, 4404A7857AD53234EEB19E7B3516226ADF342BF722C8D81B232D2C909F85DAC5 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd32.sys
12:11:25.0650 0x1fb8  igfx - ok
12:11:25.0726 0x1fb8  [ 36A36F1059D559F9D64660F6845FDD63, 529FD025F28F2C56041FDD77A5DEC6382B1F798B0EE92C46A7AB14CE04C51428 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
12:11:25.0759 0x1fb8  IKEEXT - ok
12:11:25.0790 0x1fb8  [ B0F92A795C7E48E2C5F908265C655458, 6F6606C3F36FD3E603CF9FCFDD1213A108E4B1CF9936E4FE851E6FD5FEA5FEEC ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
12:11:25.0792 0x1fb8  intelide - ok
12:11:25.0817 0x1fb8  [ 1B96BF4186366306D917FBD187218F29, 8B1E85412D52B0EE7593D7BA08153DABF0852448A4E8DC01F2B24EE3289912AA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
12:11:25.0819 0x1fb8  intelpep - ok
12:11:25.0842 0x1fb8  [ 6DD61D8AFB56C9F853210C49FD4D8C16, DFE299AB383A81BDE531B93645F59076BC2D7E37038DA20649CA08230C043C55 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
12:11:25.0846 0x1fb8  intelppm - ok
12:11:25.0869 0x1fb8  [ 23B5C10891B64FB4261F9FCADF24FE28, DCE73864B0BE98DE96C0EC6C88BA62E1BC2878837D6442BCC2220A956E350D0E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:11:25.0874 0x1fb8  IpFilterDriver - ok
12:11:25.0929 0x1fb8  [ A61DD1F02DE668A6713822942B876D4C, 22B06518C2CF16D605550C3327BA2FD4AD09410082D4C23ED54AEF307D4AB20D ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
12:11:25.0985 0x1fb8  iphlpsvc - ok
12:11:26.0047 0x1fb8  [ D395D5C2900596DFA30478E79110D003, BBED3586F653F9167430DF8FF42669FC7962F5EEA3E789289224DD91BAD3F18C ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:11:26.0218 0x1fb8  IPMIDRV - ok
12:11:26.0268 0x1fb8  [ FA6C94C754A566EA8A61D658932F32DE, AEA11A21F850228B23714CBF981C0D038FF5CC22566594E6995BA0994343A256 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
12:11:26.0366 0x1fb8  IPNAT - ok
12:11:26.0453 0x1fb8  [ DCB3796E0169419618C72F0CE34C68ED, 332868A6F993924E1CC985B260580DE94B2806A2E7C7447A75627A72DEC0358E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:11:26.0519 0x1fb8  iPod Service - ok
12:11:26.0546 0x1fb8  [ ADF675CF9EB57229E9D13BC2F5D4719D, 1CAE1C71951795D1E650C81D5271EF9DF3482E531AAF0E6E08BE9789DE8C1E5B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
12:11:26.0548 0x1fb8  IRENUM - ok
12:11:26.0587 0x1fb8  [ 2A0D17D431F13E87ADCB28DEEC84F252, 87C82734B58896BB71EE0707B70C4618D0E4895BE1409E9B55668F11E1715F30 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
12:11:26.0591 0x1fb8  isapnp - ok
12:11:26.0635 0x1fb8  [ 74F452379260EA77CC59905AEDBD5AE7, BCD59690F69FCADC95C7499960F723D584E6E701CB722BA53BE738402BB080E9 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
12:11:26.0645 0x1fb8  iScsiPrt - ok
12:11:26.0663 0x1fb8  [ 4504C8B75A6B2E5BE800DE03B26891D3, 4DC5DA3A2CBBB43B0E9CACE094D7EADE458347D134012F9693CAC2014EFE4145 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
12:11:26.0666 0x1fb8  kbdclass - ok
12:11:26.0685 0x1fb8  [ 8BAF1904393EACA7178A5EF962256D3F, 7CC026151E96D239C68758A016C206278ED262594C87EB7BFCD73A73631DBBC8 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
12:11:26.0687 0x1fb8  kbdhid - ok
12:11:26.0712 0x1fb8  [ 7F896C99637CB0E48262F307FC0F3557, 51B1A2038443F581EAE8057FF487398CBAA4753E7AA854B191E47502F9D7D69B ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
12:11:26.0715 0x1fb8  kdnic - ok
12:11:26.0744 0x1fb8  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] KeyIso          C:\WINDOWS\system32\lsass.exe
12:11:26.0747 0x1fb8  KeyIso - ok
12:11:26.0776 0x1fb8  [ 21719E6D6B4EDEB062F0A9D8F7720FEF, 6BEF2890270D4127EAEA6C627B663495A7576A781EDB4E4623E9C68D2DE3EE22 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
12:11:26.0780 0x1fb8  KSecDD - ok
12:11:26.0806 0x1fb8  [ 09C2C25E6199901B93716FE4A82E682C, DC242E688EC66F9667320A1FA6CD73CF6FFE635E3459E1C851DAE1B2D8B07E9A ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:11:26.0812 0x1fb8  KSecPkg - ok
12:11:26.0854 0x1fb8  [ EC89E8C1334D257C27197A52099FA960, 5243DD460A78CBCCF6296C13944ADC0F7FA7BD152BCE9633EB8CA911B055C3F0 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
12:11:26.0867 0x1fb8  KtmRm - ok
12:11:26.0900 0x1fb8  [ 9E51948344BC8C8EBBDCD197948940F4, ADEFD92FD5EE23A008C1C7BA826F532BA6F7231F025373106EC551C850B3AC64 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
12:11:26.0912 0x1fb8  LanmanServer - ok
12:11:26.0946 0x1fb8  [ B230EE02279BBD757637B3CAE1CF660B, D74B85548818E0C9DAE10076AB00198AAD3838BB3A8C0212762716E5EBC3A3C8 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:11:26.0957 0x1fb8  LanmanWorkstation - ok
12:11:26.0989 0x1fb8  [ A54EB398BC2D792A0C603A97F7975FD8, 5216624129595ADBA24AA07F68350045D4D59B5F8A6FE5FD78FA3BD72646B83B ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
12:11:27.0011 0x1fb8  lfsvc - ok
12:11:27.0038 0x1fb8  [ 369ED2626209D245BA1CEBB626F9A376, C28A0B4998DF1027AB3C234742AD51E140889CC065CF2F073665297B61A31F6F ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
12:11:27.0042 0x1fb8  lltdio - ok
12:11:27.0075 0x1fb8  [ E7857CCA67A54E265533EF68C7B90A0C, 3CC312DAFD7C539467D5833002D448D62C8B3A2F2894523CBA18C49D2129F609 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
12:11:27.0084 0x1fb8  lltdsvc - ok
12:11:27.0109 0x1fb8  [ A44270027BA1C8983CCC414183AD5726, 26F0881DF03F7C521A7CA9FE91432B40313B1ED5A9F2779F4CAA3CF6625219B7 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
12:11:27.0112 0x1fb8  lmhosts - ok
12:11:27.0152 0x1fb8  [ 876BA8550E9F1F4EF8A7D056E66678F6, 55937F75D1332923FD348B9931BC28E379DEBC13841E0EE4D1330D3D4E7707DF ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
12:11:27.0156 0x1fb8  LSI_SAS - ok
12:11:27.0169 0x1fb8  [ 6FB4E344E66F7243D23F0F52A9610790, 7AAEE5EB222539AD767B0B01FD1F821EE35263699BC4D123E95906C4AE62D3F6 ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
12:11:27.0173 0x1fb8  LSI_SAS2 - ok
12:11:27.0191 0x1fb8  [ 2E61D97CA19BBECCCF7CDE9C0C7392B5, 237A5739DE9A643CBEE7432522E43DAAB289EAA322FB2E67A66E24D2A0E859E1 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
12:11:27.0194 0x1fb8  LSI_SAS3 - ok
12:11:27.0215 0x1fb8  [ 3986C8FAA6E397725024E7189BAC69CE, FD934C8D5E51153D9E69764B628E1A983D96CF223115B4E549FA67BA819A27E8 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
12:11:27.0218 0x1fb8  LSI_SSS - ok
12:11:27.0263 0x1fb8  [ 1D5999E703FAA551DFF0E4E7F6AA2150, D73332190244FE2943CE93C298EDBB09290AFDD1B12F286F94E4B67323F1A1F9 ] LSM             C:\WINDOWS\System32\lsm.dll
12:11:27.0297 0x1fb8  LSM - ok
12:11:27.0326 0x1fb8  [ A1E31C77F407F629F430A070B8747A44, 80E50D95CBDB85DBA2462BF133140AFEAB2D047F70168E87CE95E8D90A83C99E ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
12:11:27.0330 0x1fb8  luafv - ok
12:11:27.0394 0x1fb8  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
12:11:27.0415 0x1fb8  MDM - ok
12:11:27.0442 0x1fb8  [ EE038F0B57FD34B872AE2ADD7679C1E2, FC6C352A4EFE659961513B131B68871AFFAD8174672C3D5BF955D83BA1F9CEA0 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
12:11:27.0445 0x1fb8  megasas - ok
12:11:27.0479 0x1fb8  [ 2E3BE5DA8078B170DA14CE3181C5D3AC, F4E8251C554A47682F00FCE7A0F3B0D0FD0F3D74970BA501F63860A7C824407E ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
12:11:27.0500 0x1fb8  megasr - ok
12:11:27.0533 0x1fb8  [ 01946468EA6196F9C54A245354C1240A, 96BE9EF1D791417BFBD9AC9F24D38F128DEE409C95F25138B8CDAE3F86E17D4A ] MMCSS           C:\WINDOWS\system32\mmcss.dll
12:11:27.0538 0x1fb8  MMCSS - ok
12:11:27.0569 0x1fb8  [ FFE175CCDA4BC0278E88149F183B6C5E, B84F9E1E20B0C0BF64BC8DABC238776A307286ECC5AEFEDD74F6C187F5FD0671 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
12:11:27.0572 0x1fb8  Modem - ok
12:11:27.0622 0x1fb8  [ ECFDDEBFD613A849763EDDA3B1DF5FA7, 5F22A6EE18563232C8036839D0F846576BF74BC34D10DE40D90441064A65911D ] ModernMix       C:\Program Files\Stardock\ModernMix\MMixSrv.exe
12:11:27.0626 0x1fb8  ModernMix - ok
12:11:27.0637 0x1fb8  [ 523C526BBB796FC2087C0C8AC2B669BD, 79FAC4B32BD35E140B7FAFC5A58FA039B1FB16EF68A4DCEB25B2B153B1B0FE0D ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
12:11:27.0639 0x1fb8  monitor - ok
12:11:27.0664 0x1fb8  [ 1B621475FA22B947B60EE004A8EE11F5, EC4BBD6C586686BD3E05F861FF7D9E82E7C787DDBC9BC3CDEEE613BFCAFC34D3 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
12:11:27.0667 0x1fb8  mouclass - ok
12:11:27.0682 0x1fb8  [ 64DAA33D69C4442AD4CC52D478895355, 686CD366539D41331ACC41A66B165EF7B659CD8FC0048596E6F38D1FBF3120C8 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
12:11:27.0684 0x1fb8  mouhid - ok
12:11:27.0765 0x1fb8  [ 8CF63AB55709A9E415190219C226A855, E061AE50F74F46D9D58E406254515B104B32D7B7DE64C1045E9901942A953FCF ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
12:11:27.0769 0x1fb8  mountmgr - ok
12:11:27.0927 0x1fb8  [ 65C34426C83EFA32D48380A97717997B, CD7EB6BFBB0BE382BA21055460D9A72323F09AF3194A22D8EDB28D5DB3BAE8E7 ] MpKsl7b1f1bda   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{747C39AC-C82E-4A2B-AAB5-D724279D9360}\MpKsl7b1f1bda.sys
12:11:27.0930 0x1fb8  MpKsl7b1f1bda - ok
12:11:27.0970 0x1fb8  [ 65C34426C83EFA32D48380A97717997B, CD7EB6BFBB0BE382BA21055460D9A72323F09AF3194A22D8EDB28D5DB3BAE8E7 ] MpKsla4660cc2   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{747C39AC-C82E-4A2B-AAB5-D724279D9360}\MpKsla4660cc2.sys
12:11:27.0975 0x1fb8  MpKsla4660cc2 - ok
12:11:28.0044 0x1fb8  [ 4B300E2D06B03410064CF443E1CE6B25, 9B75E288392DBB24C84C573823AB0C94F2CFA6AA8AF3F6D8E3ED93DA57F5ABB8 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
12:11:28.0049 0x1fb8  mpsdrv - ok
12:11:28.0098 0x1fb8  [ C67F755D89AE52C7F2249ACE98416265, EA115A4165E3657452CDF69E0C5704BB685A8E0FD451F37EA1FC3D5A8BCE5A9E ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
12:11:28.0133 0x1fb8  MpsSvc - ok
12:11:28.0177 0x1fb8  [ 53E370C8ED69C68DFD26BAE4588095F3, C72A759D0C31CF2E6C153D8D008DE03575C5D6A74067C381E580B09850890EBB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
12:11:28.0354 0x1fb8  MRxDAV - ok
12:11:28.0392 0x1fb8  [ E11D4B798CF0FF9F739CD9BDC552FF08, 0612806A35E5C054622DA20F5BEB2D4555B889391BDCF66A94D5A7B6C6ADFC3D ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:11:28.0403 0x1fb8  mrxsmb - ok
12:11:28.0434 0x1fb8  [ F37F40422662235AB5768C303E829602, B1350AE9827FCF48FDC7BCA83CE5A7E1C54550449F6F56AC39E1E1ECB9EA56DD ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:11:28.0443 0x1fb8  mrxsmb10 - ok
12:11:28.0479 0x1fb8  [ 20EA1075D820ECD58400A76B617DC384, D1F3FFD233A68D994565883F8304807D09ACBBCCE3522E9DD8D17D094A8AFED7 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:11:28.0485 0x1fb8  mrxsmb20 - ok
12:11:28.0509 0x1fb8  [ 1188DC48CB36F31A3624BB9504F77AEE, CE01C4C1DF0F49E89D1C648C7B6D1116833DE31740F5D8BE088B3EA3EA163DC2 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
12:11:28.0514 0x1fb8  MsBridge - ok
12:11:28.0547 0x1fb8  [ 18919845004A5A05D69CF5EAE19D0E68, 809FC3AF3CCA004712CE3B841E08BD0D47E2A1C0B938AD68337B642D5D43B0C3 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
12:11:28.0554 0x1fb8  MSDTC - ok
12:11:28.0593 0x1fb8  [ D99C98D630C34A448A93DE552DC7DD68, B3A216B119737476182B3CD080B3466506D673ED2889C9F8C36F0E92A4657029 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:11:28.0595 0x1fb8  Msfs - ok
12:11:28.0627 0x1fb8  [ 22FFBD5F9BCE2E970C617B95103079DC, BD431517B572EC80127881124C697434B31F016BF897382F6D2C5D0FF904C1C6 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:11:28.0630 0x1fb8  msgpiowin32 - ok
12:11:28.0649 0x1fb8  [ 30DA16E72C4CB4D5F06D35D0DFA16E2C, F8C4073C3AA001FD22087BEBD0CEBDFA8F0BD1965B8F3346BBAEC0E3208F927B ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:11:28.0651 0x1fb8  mshidkmdf - ok
12:11:28.0665 0x1fb8  [ 26B1961255650B59107FC4990B2CEF34, 273E5E0DD5708BE9E188934CF1A19E63946179280F9AC149376053AD863A8239 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
12:11:28.0667 0x1fb8  mshidumdf - ok
12:11:28.0696 0x1fb8  [ BF7ABD4461576528028FB86633A7EA24, 3AF39AEA9FEAAE7D79A3691714AD700288411DC594F38A07756F149D6D7463BE ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
12:11:28.0699 0x1fb8  msisadrv - ok
12:11:28.0733 0x1fb8  [ A876A975BAF66A8D209240F43AC07A07, 11B26C8004B8F191F9AF7A25C90500DAE344392561DDA9C5516FC0EAB6DDEE26 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
12:11:28.0740 0x1fb8  MSiSCSI - ok
12:11:28.0746 0x1fb8  msiserver - ok
12:11:28.0763 0x1fb8  [ 0B2A5AB2591D7F6E8E64A0516325F2AD, 083775925CA8B4677029B5FDF4F60F08E325CF05486FAE63D311B40C7EF3786F ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:11:28.0765 0x1fb8  MSKSSRV - ok
12:11:28.0787 0x1fb8  [ 2B1E1DA9C5FA25DB8DAC2F34BCF10196, AE346D5711E4EA9C6365D55411E907683147064B34192B88EEAA9E871DECE2B0 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
12:11:28.0790 0x1fb8  MsLldp - ok
12:11:28.0797 0x1fb8  [ 86729EC40EB28DBBAB6A672B138B4DC5, 13F097572A8BE21EC9FA44C950F143BF0AFEEF09131DCD115B951AB5EF13BA13 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:11:28.0799 0x1fb8  MSPCLOCK - ok
12:11:28.0807 0x1fb8  [ 4E5FB5BD76165A81EE181A82EB665C8A, 16C50027D92F059C07CCB28FDE339C3E35DE9BF1752B0F16577845C38B77B776 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
12:11:28.0810 0x1fb8  MSPQM - ok
12:11:28.0862 0x1fb8  [ C90BB8C3DC3F50FBA1A668B844C84315, 4ABA28B0047B2038E881583DB0F1A6A78FAB8ACF3759ECCB7A835D7F8944CC83 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
12:11:28.0882 0x1fb8  MsRPC - ok
12:11:28.0904 0x1fb8  [ CF61A813430B7F12452BCED287135676, D5400E8C47D6441830EA48E153BDB2CC70672176B69E90D89EC3DD6D17BCFAFA ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
12:11:28.0907 0x1fb8  mssmbios - ok
12:11:28.0920 0x1fb8  [ C323F63D61AD8CEC79B3CF4B8463B208, FE1E91267B1050EDF05E89B33AFBEE2F6A5912251024A2130D756DE53C93BD81 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
12:11:28.0921 0x1fb8  MSTEE - ok
12:11:28.0947 0x1fb8  [ 06442D8CA4425EFF66F47D8F82493450, 82D3698938B2CA169C0564F90941423FC4F87261CCD1A214517DA95605671A32 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
12:11:28.0949 0x1fb8  MTConfig - ok
12:11:28.0970 0x1fb8  [ 6CD6189DFA649EEBFCBE81CB30030355, 7F50DD0ACDFC2AFFF1FA8BA5065B7B232C491D7AE7E67AE833BB02105AB7AF77 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
12:11:28.0973 0x1fb8  Mup - ok
12:11:28.0991 0x1fb8  [ 8122A46E9A5EBD2E001FF5FB34A12A47, 8CC747B11E77AB0F15A7F08D48160FB66AD26C81021D25A10335ECE967A847F4 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
12:11:28.0995 0x1fb8  mvumis - ok
12:11:29.0044 0x1fb8  [ E5B61DB218E01A850C7A92616E97F5EB, 26EA66D8EB058EB9CE8D2913D5A1397D26653E26AB0261119B802D8DFC11AE87 ] napagent        C:\WINDOWS\system32\qagentRT.dll
12:11:29.0078 0x1fb8  napagent - ok
12:11:29.0121 0x1fb8  [ F443E09D7076D93ACC69D751960AE744, C79A5F858483B97939C260F6878A9085F61E1FDC2C8ABAA7700A7EFA808CC223 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:11:29.0152 0x1fb8  NativeWifiP - ok
12:11:29.0277 0x1fb8  [ B498A14133BD09AD0817590ACE4470AD, 14CCC922C6596C97A5CF580209C4AFB6138A8FFD3A0E60CD506810DFCBC43A1A ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
12:11:29.0328 0x1fb8  NBService - ok
12:11:29.0362 0x1fb8  [ 54C905054922B43A91521D075E34024B, 4B2DF68DF11B26D2A224930CE2B8FAF40B19D960BCFDF5D523B52A82125B487A ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
12:11:29.0369 0x1fb8  NcaSvc - ok
12:11:29.0386 0x1fb8  [ F81A77CF6B0C9513AC20A24DD2997E26, 756818D6DEB6B7D036C2BF6B442EC8C435F9FB3E384E109FCCD9740F7651B3AB ] NcbService      C:\WINDOWS\System32\ncbservice.dll
12:11:29.0393 0x1fb8  NcbService - ok
12:11:29.0409 0x1fb8  [ 10A61CCF540D1E2260D3AE76377810F5, DFF0F1EAF03518220500C70BCC52286CA599EA2E00D3AB97D88D9BF15F1E26AD ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
12:11:29.0415 0x1fb8  NcdAutoSetup - ok
12:11:29.0492 0x1fb8  [ 14F983A265A9A84B13C8F03F1BE639B0, CA2C7BE7C998F14B7EF5EE20C170E1144DDD0098E9EEDAFDBD9E3B592EB586A0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
12:11:29.0548 0x1fb8  NDIS - ok
12:11:29.0582 0x1fb8  [ 9FA562E35A0263FBD01D44559224D46B, 9C8CBDDFA09EA86B025BD7F04F63C5517296FF7EDAC9E87C096766054C448F1E ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
12:11:29.0585 0x1fb8  NdisCap - ok
12:11:29.0607 0x1fb8  [ E0E3F52E028D5AEB0AAEA4DEBFE5F696, 7CDA2500C3440B8A5EF0C4D64DB27E91A08A1D143CA6FA6568E5C7FBBD277B02 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
12:11:29.0612 0x1fb8  NdisImPlatform - ok
12:11:29.0633 0x1fb8  [ BD856EB36898EFA1B11346996ECA764C, 52CF7CC4DEB3CC0F3B09E8A4D83E20538765C44DD04FE0746BD17B09C67AC78C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:11:29.0635 0x1fb8  NdisTapi - ok
12:11:29.0654 0x1fb8  [ 1D34650E97E74DF51BD86E0A102DB241, B4B6A2C073348C3829E5CD0565A0B44CA6A0AD05E3744767FA8D89134ED8002E ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:11:29.0657 0x1fb8  Ndisuio - ok
12:11:29.0676 0x1fb8  [ 53D21FFC20728406A20BCCF145DC2AD4, 116B06A3827C6EB584C8DC13FE2554EFC1CE5A96BA298C4C7766B700E56C282F ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:11:29.0678 0x1fb8  NdisVirtualBus - ok
12:11:29.0708 0x1fb8  [ 11312D35028616E585DCF02AFAFA56DC, E7B0503FAA2B93F6751FD792D2F424B40E2F9A20D9E827253563B916A1CFAC06 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:11:29.0715 0x1fb8  NdisWan - ok
12:11:29.0726 0x1fb8  [ 11312D35028616E585DCF02AFAFA56DC, E7B0503FAA2B93F6751FD792D2F424B40E2F9A20D9E827253563B916A1CFAC06 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:11:29.0730 0x1fb8  NdisWanLegacy - ok
12:11:29.0745 0x1fb8  [ 9F76B41778F62A7E582ADA902E8D149E, 140A62ACA0B198A23A4236AE28CD4E32D5378F4D21CBE55FD05684EEE91C1B4E ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
12:11:29.0750 0x1fb8  NDProxy - ok
12:11:29.0776 0x1fb8  [ C6003C8BB723B4D7FCDFB4C419D676A1, 9D2639A104D962C899CC9EBB40BF8AA6FB9E440AD5DB6861C9723BDB4B9361FE ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
12:11:29.0781 0x1fb8  Ndu - ok
12:11:29.0797 0x1fb8  [ F0F2377D72E48EBCA9B9BE5F3DE3F355, 89C05AB573C0F97FD3F0C43024212A0A55BFA3698598DABFD33FC481D5D58E3C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
12:11:29.0800 0x1fb8  NetBIOS - ok
12:11:29.0821 0x1fb8  [ BC242922B0D08F61CF7C87FD08FAFA8B, D9E96D9C01FD9FFF80C60E76950B31E5D010EDE1A6CF0E4B5A85BD5E7A5DB715 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:11:29.0830 0x1fb8  NetBT - ok
12:11:29.0847 0x1fb8  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:11:29.0850 0x1fb8  Netlogon - ok
12:11:29.0905 0x1fb8  [ B587D8BBD8FB55FEA7C6CCE86D98DDA7, AC0EFCECF14B680A260D32BA13AA29E94663171E6EE2B9E1F3BD6BFD7997FE3D ] Netman          C:\WINDOWS\System32\netman.dll
12:11:29.0914 0x1fb8  Netman - ok
12:11:29.0965 0x1fb8  [ 9C005769C00F380DBEB33C0164BBB7F8, C67498DBB6EB1B71CCA11E29D5CFDE77748201A3B3AB68770E43B82F221FCEC6 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
12:11:29.0987 0x1fb8  netprofm - ok
12:11:30.0063 0x1fb8  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:11:30.0105 0x1fb8  NetTcpPortSharing - ok
12:11:30.0133 0x1fb8  [ 6A90783186DA0F93D21C805F6FAFD9CE, EABCD828F1BB745E80AA6B8FDCD32BD644F63FDD724809D8B94CBB90EE16F48E ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
12:11:30.0137 0x1fb8  netvsc - ok
12:11:30.0171 0x1fb8  [ 6DF13740F8E98AD840B13D056CA86511, 08C2491C82E1733C4317E565298BD8C19508F415A9B544044D57CC1C3E596590 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
12:11:30.0184 0x1fb8  NlaSvc - ok
12:11:30.0264 0x1fb8  [ A328A46D87BB92CE4D8A4528E9D84787, D3245ED700151111592BA82FB675B284DA7FCE52B07A7F68352F64A402CAB37C ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
12:11:30.0279 0x1fb8  NMIndexingService - ok
12:11:30.0310 0x1fb8  [ 25401B0C9576C8456B3E0BBD74FF0771, BB569C99360A631850537DC2EDA0BF85D091CC30BD98B3FD2AC9DABDFB7741DA ] NPF             C:\WINDOWS\system32\drivers\npf.sys
12:11:30.0312 0x1fb8  NPF - ok
12:11:30.0347 0x1fb8  [ 6CB2336E1C247A8164ADFF8A0D2FBCA4, 2EEE5E0754E01615D56EA9FC3A76195B3A9B7E32536F67C9394B452FC64697CD ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:11:30.0350 0x1fb8  Npfs - ok
12:11:30.0375 0x1fb8  [ 1B134DECC25E59D0C8AD95B64D475297, 7656D18FF1BBC83900109039F78DBC156A8E651638DBE3C6A6189408A0DF4511 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
12:11:30.0377 0x1fb8  npsvctrig - ok
12:11:30.0401 0x1fb8  [ 4763A0EC9B205B32E1194024E50F0C32, 10DCC2099B971661045F9D9224316E7D72D96E0DB642DC65FA8FA546CEE98FC8 ] nsi             C:\WINDOWS\system32\nsisvc.dll
12:11:30.0405 0x1fb8  nsi - ok
12:11:30.0423 0x1fb8  [ 3D383D0C64FFC3D3DDE2ED4EF828CFAB, 3F24F3E1874C5B1A1426C85D531580A30073CFCFA180DAFAD655BC6BC58428A5 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
12:11:30.0426 0x1fb8  nsiproxy - ok
12:11:30.0509 0x1fb8  [ BAFDB3519A9D1A6A0665A70696BA98D5, FA7F861139C4805F6D59D397D7AEBC69DEA96AFBACA4466336343EC5873A7B6B ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
12:11:30.0617 0x1fb8  Ntfs - ok
12:11:30.0635 0x1fb8  [ C68CBBB69A8C611EFA668FA36DE542D9, 2026BA1505619F62DBD06B293DD061A53B824FFD962D18B89297353F48D88017 ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:11:30.0662 0x1fb8  Null - ok
12:11:30.0689 0x1fb8  [ CE9BC6B9B2D5A9782B20B8EF1D48FC6E, D91145F57A4E2A6F03523C215B211BB5B431D29D3B8E0D15685967A01EC33D95 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
12:11:30.0695 0x1fb8  nvraid - ok
12:11:30.0713 0x1fb8  [ 8BC42FC48C9DB301025D7A5C6B20ECD9, 97A79CB628F1F806E7874CEAA3B9232DC56C2171AD1A50C07FE8246E3799C013 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
12:11:30.0719 0x1fb8  nvstor - ok
12:11:30.0741 0x1fb8  [ 5FC39F8B065128F2A59F92EE9AE3F286, 0BDA69197BAD4151DF895E3869E310D1E1C513332C0BADDF99D4C40E02232F46 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
12:11:30.0745 0x1fb8  nv_agp - ok
12:11:30.0771 0x1fb8  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:11:30.0798 0x1fb8  ose - ok
12:11:30.0843 0x1fb8  [ 51B0BA395EE58B2088F03162B3D3208C, 1F6676D168D18727061B756C333C2BA0F0489F5CCA3942984885E70FEE209599 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
12:11:30.0856 0x1fb8  p2pimsvc - ok
12:11:30.0899 0x1fb8  [ 2F3FD70DBD4CA80C20E0354E1B71FCF2, 66B31A2FC594C9B61806A550E5D28AD9EEAE220D6FBB684A64AAEF9468BBE403 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
12:11:30.0955 0x1fb8  p2psvc - ok
12:11:30.0988 0x1fb8  [ 4F30970F15ADCC382544B31D5D7E368E, F8A66D12796887A60015466A6EC1932EE9F63C5C7F83E1F0E65D338D23F89602 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
12:11:30.0993 0x1fb8  Parport - ok
12:11:31.0014 0x1fb8  [ C503DA12698E7F775F8252F7A6FEA47F, F85664D23549B6485A6CDEFDC9362A13A688EBB8998F7A1A4AEE6E95C0EB3229 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
12:11:31.0019 0x1fb8  partmgr - ok
12:11:31.0039 0x1fb8  [ 60450D9CA16603770DFCA15E68D8EAD3, 37DAC10DC550D0A1A2F44A95E9C4E0EDE69E29F6162C4C17BD356E6FAF10D9F6 ] Parvdm          C:\WINDOWS\System32\drivers\parvdm.sys
12:11:31.0041 0x1fb8  Parvdm - ok
12:11:31.0073 0x1fb8  [ 81F10577DBE53F1F6990280D1926DAC9, 9FC674CADAC6DCD40F8AD9891199B8ADF7873667377BA12F67EB9EF2156A5561 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
12:11:31.0095 0x1fb8  PcaSvc - ok
12:11:31.0132 0x1fb8  [ 8F8DB22F78C74514A42A51211DAE24E9, BA32DAC0784D2634065303F3703A383F3B0A2FA0CE2C2B32A6D29336ED4AE13F ] pci             C:\WINDOWS\system32\drivers\pci.sys
12:11:31.0141 0x1fb8  pci - ok
12:11:31.0158 0x1fb8  [ 05C7426981598F0E45824BC912D5177B, 46559C2A0EF523E89AAAB0670700263A2D5580D8A35BBA5404BB4E2BFBA29B4F ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
12:11:31.0160 0x1fb8  pciide - ok
12:11:31.0185 0x1fb8  [ F404AA7E499C83117C7442C2C2801C03, 4E30D0B41550FECECD7957822398E0E1897B5DB12A6799B7E1119CC7626E6959 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
12:11:31.0190 0x1fb8  pcmcia - ok
12:11:31.0206 0x1fb8  [ E0F759702BBA5095CB0AE570333B194B, BC8882F24038A83487C88569EFDD1407A55FA45778E4AF630167F4B2EB927DB5 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
12:11:31.0209 0x1fb8  pcw - ok
12:11:31.0234 0x1fb8  [ ACDB8C7FDD48AA326B6D1D681275237F, FD1116B0AB07D4959FD241432BABC2DE068EA061F46D1646AB50DEC0677C0126 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
12:11:31.0238 0x1fb8  pdc - ok
12:11:31.0273 0x1fb8  [ 1A9DFE5854BD66E28178431E9C96E77D, 8731CAB4C426FC641864A868AADC33EAED00E08A2E2F9B9F31484EE3852C1D6D ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
12:11:31.0501 0x1fb8  PEAUTH - ok
12:11:31.0624 0x1fb8  [ 685A51594574DA70A4305C7ADE6F9649, FA3C9F383DC4A89473F7EA09C3FE71C13739291883D1EF5C9746808F903503FE ] pla             C:\WINDOWS\system32\pla.dll
12:11:31.0684 0x1fb8  pla - ok
12:11:31.0713 0x1fb8  [ 7F4B79568DD6BEC3ECC80C2AE93DC749, E21DFE1B4D3B2BF3B4C65AB5D2A875453EED66AD9958CB3FD4840EA057756474 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
12:11:31.0719 0x1fb8  PlugPlay - ok
12:11:31.0746 0x1fb8  [ 713E294439D982BB161317DE0136FAA0, 439DE38F993B3EBFAE7053A90AE5EA47BEEF02E28E261F23CA6A6037FC3676C4 ] pneteth         C:\WINDOWS\system32\DRIVERS\pneteth.sys
12:11:31.0844 0x1fb8  pneteth - ok
12:11:31.0876 0x1fb8  [ 7A232CD15E6DF06044C8782FC6532B58, C46D1C5ACE232592380E87E0D5D5735082A4E977AD92A06EF927BA553713D3C0 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
12:11:31.0884 0x1fb8  PNRPAutoReg - ok
12:11:31.0916 0x1fb8  [ 51B0BA395EE58B2088F03162B3D3208C, 1F6676D168D18727061B756C333C2BA0F0489F5CCA3942984885E70FEE209599 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
12:11:31.0932 0x1fb8  PNRPsvc - ok
12:11:31.0976 0x1fb8  [ CABCC1083EC2BD8503385080F02C1901, 6A602FD80D10EC1E68ECA1194B1A46E0CC073ACBFA8CF8C0D4BD6D539930A702 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
12:11:31.0988 0x1fb8  PolicyAgent - ok
12:11:32.0022 0x1fb8  [ A35DF6D1C00783CEFA0ADC975B09BE7E, 1C137583E2669081FDA43186DFB7896BCAB3AC92B7185EE717FD5FBE28173671 ] Power           C:\WINDOWS\system32\umpo.dll
12:11:32.0028 0x1fb8  Power - ok
12:11:32.0093 0x1fb8  [ AB94C4DC37785915FF3F18DB9C55638F, CFA13FB68F803EB4315DE334D3664E613163AC1827B361C201D98F497B0C6922 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:11:32.0097 0x1fb8  PptpMiniport - ok
12:11:32.0237 0x1fb8  [ 7B90821B8384201C706A19ABE901B72D, A5D9F3B398FCC3067817834EFDB529606393C3502CAAF1BD231BF11426EE92B6 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\W32X86\3\PrintConfig.dll
12:11:32.0330 0x1fb8  PrintNotify - ok
12:11:32.0367 0x1fb8  [ 0BE3706EE01AA76D1583E82AE2E680D6, 05B86010B88BA13ADE4A9A3ECDEC376D833C7FB6BAC61ACD9E3B406CF007E46E ] Processor       C:\WINDOWS\System32\drivers\processr.sys
12:11:32.0372 0x1fb8  Processor - ok
12:11:32.0402 0x1fb8  [ 7298FC235A76EDC1D03272B24FD1B33E, FB56223F92671EA308588E81E97CBEE72CEB9B9BBCD497C523AA1D11FAB556CA ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
12:11:32.0411 0x1fb8  ProfSvc - ok
12:11:32.0437 0x1fb8  [ 9F6173E6F8E4034C008FCE29BFD4FBB2, E91251433567035F0EDA5971A8D154E9FC911222365C3BAD16DC10A5CDC38860 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
12:11:32.0441 0x1fb8  Psched - ok
12:11:32.0475 0x1fb8  [ 0C8DA0A8B0D227319C285E0EAE65DEFD, 461C0ABBFBB7884FEFDD0FE228C429C7D13620A8289FD598D4459EA297F16BCA ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:11:32.0478 0x1fb8  PxHelp20 - ok
12:11:32.0531 0x1fb8  [ BC63CB1761AEC25186C4E707C4A23ED4, D12F55F1445AF325A247B02B016A4F321CDDB8616D9A5432479085F3B10FE365 ] QWAVE           C:\WINDOWS\system32\qwave.dll
12:11:32.0542 0x1fb8  QWAVE - ok
12:11:32.0554 0x1fb8  [ C619F26983C63B2BB1F6FDD6B52490E0, D35D7AF400133D6E6CE75C963285E13DABCD1F7EE46E96629EED9466DC999048 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
12:11:32.0557 0x1fb8  QWAVEdrv - ok
12:11:32.0587 0x1fb8  [ 91D50E991F182B40E10E06A9D21D8779, 00F584B07BD3366D4DB6AD80A9AE6BC61572B163C74888A399DF85940D2F9A50 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:11:32.0589 0x1fb8  RasAcd - ok
12:11:32.0614 0x1fb8  [ BD066C3A7DDDA2BB7F06384DB05A3AE8, AB104A2094F166916E848AF6805C8D2F797126208B9C60F00158031E8B735ACF ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
12:11:32.0618 0x1fb8  RasAgileVpn - ok
12:11:32.0651 0x1fb8  [ 13867EC172CDA1E4278EF98F3822B5E1, BD5BF2E622F1B075758D29EEBFA779807244545E3BEFFD7A4E4AD36FD9DF4EE9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:11:32.0658 0x1fb8  RasAuto - ok
12:11:32.0671 0x1fb8  [ C51AB62AB41A2E8560D12472B204CC00, 7304FCB45E0EB374A3D8DBF05D4AA4A83E1E4B1C1735D68A42C72694D2425C78 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:11:32.0675 0x1fb8  Rasl2tp - ok
12:11:32.0722 0x1fb8  [ 80812558CF8E87F248B9BA0C4825945B, 4DA89447C31A5EC8B5C21941D47EECB767673201859B72B33E3145E6D3B6DA26 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:11:32.0745 0x1fb8  RasMan - ok
12:11:32.0829 0x1fb8  [ 1B6351227867FBD8917769479F7D84A3, E38EF2291CE47956DC1A3F0C7D98E5FF97CA1EB515267A451ED99AA22370DC8E ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:11:32.0833 0x1fb8  RasPppoe - ok
12:11:32.0865 0x1fb8  [ 8381166CCC89EB6875DEFDA4A3B8CE37, BA59E2A18B568B8310396636372F42E38C0514FDE963DB674B019917A4F02794 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
12:11:32.0868 0x1fb8  RasSstp - ok
12:11:32.0903 0x1fb8  [ 8810FA3D36B8922B7BD1935378CD1667, 483DBA29212149D14E6EF873CF71B32A89C36E018E6F424C67699735B233858A ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:11:32.0914 0x1fb8  rdbss - ok
12:11:32.0951 0x1fb8  [ 4E3C895DB9831A925CAFAF9F04FE89CC, 9F518A1A046082FFDC6E171385B36EEBBE8A7C6D0234660D00A69CB327B2D869 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
12:11:32.0953 0x1fb8  rdpbus - ok
12:11:32.0974 0x1fb8  [ 67E91843B0344411820A012063E876B2, BFD92EEB961BDE9AE4324F8FDB01597B5D334FAAD6990324E2839687DC3A4E0E ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
12:11:32.0981 0x1fb8  RDPDR - ok
12:11:33.0011 0x1fb8  [ EA6B3264660145F588643C5B65C7C9EB, AE9B9A8D92F9CC3CCD53AA2A46521E6FF8DCF28EBD22073A4C9F427E3EF4D5B7 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:11:33.0013 0x1fb8  RdpVideoMiniport - ok
12:11:33.0043 0x1fb8  [ ED5DA057B5C00042CDF0E705C59B3CB1, 195F37E7C6D748C4190C3E55594B4E48BD87F0BE6C3F4D0F2E316F6C7696027F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
12:11:33.0051 0x1fb8  rdyboost - ok
12:11:33.0079 0x1fb8  [ FE591904131230C3FB98E9F97AAABE4A, C7C108E384F2F27A9AA58DDC0CCDC63D32629E11AEC7E2FC2F1A3F609BC94390 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:11:33.0088 0x1fb8  RemoteAccess - ok
12:11:33.0118 0x1fb8  [ 148CA6950C5F9385B67F18C0584376B3, 1EC021529C15420E5E1646520FC78119236FD01FA1065FBA16672D07D53BD7CB ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
12:11:33.0125 0x1fb8  RemoteRegistry - ok
12:11:33.0152 0x1fb8  [ B9BB8E2093C1615AD6EA55AD96214354, 57A2EEA52E2A670B712C4446F1A6379D1B79454A09A7B79455CA08894FD4B21F ] Revoflt         C:\WINDOWS\system32\DRIVERS\revoflt.sys
12:11:33.0207 0x1fb8  Revoflt - ok
12:11:33.0249 0x1fb8  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files\WinPcap\rpcapd.exe
12:11:33.0254 0x1fb8  rpcapd - ok
12:11:33.0288 0x1fb8  [ 67138062CED5A0E30DC42EBC087EA76C, F43FBCA3475A63145DB487C8852CB0AB7C5EB844303C7565E5F4FE238AC5E2DC ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
12:11:33.0294 0x1fb8  RpcEptMapper - ok
12:11:33.0328 0x1fb8  [ 56C6CFC3375CAA49E0DAE65472FD028F, CE19E793E7ACDBCC5C8486361E14BFC86458BCC55C8E56BE31CDA442BB76FEBE ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:11:33.0331 0x1fb8  RpcLocator - ok
12:11:33.0379 0x1fb8  [ 05C0337538BEECC04FC695808EFF201C, DC32234686D38A7DD35DFE6AC9CB55F0DDAD8B463EE6B20857CC45884F00C093 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:11:33.0395 0x1fb8  RpcSs - ok
12:11:33.0432 0x1fb8  [ A7B0D780D365635525B8A2B10CE493C4, D27F12DAB4B6BD7BE2E72650ED5BD48790E706B290A838882C6A34123B67D70E ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
12:11:33.0436 0x1fb8  rspndr - ok
12:11:33.0455 0x1fb8  [ 14FC57F255EB705ECA023FB85D70BF7B, C05CEF9583C5EC04E291F65293E843FAEFE8BA1FC6B4EC0C26789ACB39BBD5C6 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
12:11:33.0458 0x1fb8  s3cap - ok
12:11:33.0479 0x1fb8  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] SamSs           C:\WINDOWS\system32\lsass.exe
12:11:33.0481 0x1fb8  SamSs - ok
12:11:33.0514 0x1fb8  [ 98A297A744DDF9B2E14B05E511439ABC, E1399BC222E02F5EBCB00F6A6C4FD52BFAD10F70F42063C7C8BAB55ED33D1F3A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
12:11:33.0519 0x1fb8  sbp2port - ok
12:11:33.0548 0x1fb8  [ 54F017E5C8B7B5DDEA1878F4A0CF3B9C, 91B676F4371BE1FECE630BA97C341D2B15F56939E806F26842A9997A38B700C9 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
12:11:33.0557 0x1fb8  SCardSvr - ok
12:11:33.0581 0x1fb8  [ BC673C31F2665788938F85073BEBEDEA, 90F96D1FFA9D269CA198DD79576C468204D263257F68FF0FB4DB2541AE4EA234 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
12:11:33.0588 0x1fb8  ScDeviceEnum - ok
12:11:33.0600 0x1fb8  [ 631F9D546CD6D206F2D1273EFDA8B048, 2C7BBF8EA6D45D0B5456102E83B54BD126D443D7BEB8BAC8F4E4FFA5D9DCF1B0 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:11:33.0602 0x1fb8  scfilter - ok
12:11:33.0656 0x1fb8  [ AECDD11299C9814382A259E18385C927, CEDAACBECC452A135D78D715DE6F50B8A5E9C7996FE0588432498AE27DA975AB ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:11:33.0701 0x1fb8  Schedule - ok
12:11:33.0734 0x1fb8  [ 8EA77992FACEB94182B9610FA4A06A68, 18AC5B03A3B7FA783596B8BD63DC01F9C36520AEA5264AFD99CD9207F538C931 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
12:11:33.0737 0x1fb8  SCPolicySvc - ok
12:11:33.0776 0x1fb8  [ 83811B6DFB3154338DB07C1452F13C36, C5EA94BA28F3E10DA987B70A2BBFB5BE7708500CADC399C9CC8A4B51A125B102 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
12:11:33.0785 0x1fb8  sdbus - ok
12:11:33.0818 0x1fb8  [ 6A90C0C56CABEAA19779434BA6A9875B, 42EA31F112D555F47D02D85922DE4C8415882FC2FB6CFF408D3DD390E6A1EB08 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
12:11:33.0822 0x1fb8  sdstor - ok
12:11:33.0862 0x1fb8  [ A8CC993CED4DF9710ADAABC9DA66B660, 76D64D0D762DCF05AE494749514D91D3F0FF4EC2D0A1FFEA8A5F8708832DF17C ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
12:11:33.0864 0x1fb8  secdrv - ok
12:11:33.0890 0x1fb8  [ 8B3C0BDAF6CAE7DC52B38054BC2D3ADD, 15EE0827485E30442A920BAC20DFED50B2659BC14B6A56EFD6317072764DB0E1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
12:11:33.0895 0x1fb8  seclogon - ok
12:11:33.0908 0x1fb8  [ 68E8C6017442C4D2FB20032239878B4C, 24568AEF503DB6D214767E13A4C106818556E97A55932CCBF0DB332553544F0B ] SENS            C:\WINDOWS\System32\sens.dll
12:11:33.0913 0x1fb8  SENS - ok
12:11:33.0955 0x1fb8  [ F9A0314ED1FB0318C417299841D8A235, 2E4B129101DF70B07F310CE18B482622BC0100523AA0E6AF0974AE12927AFFA5 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
12:11:33.0964 0x1fb8  SensrSvc - ok
12:11:34.0008 0x1fb8  [ B9B7306D989D3B205EE9637ABB937978, 1CDEDB934381C64052AD2BF71F092D2A2CCFEC99CA1907F0B96897D0BCC12F9A ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
12:11:34.0012 0x1fb8  SerCx - ok
12:11:34.0042 0x1fb8  [ 617029159ED22EF9CB3F83FE5AF968CB, 4D89F71CCBF521EA9C83EE1ADF74AC4BFB9CB03ACAE5A4812771B0E0661097B7 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
12:11:34.0048 0x1fb8  SerCx2 - ok
12:11:34.0069 0x1fb8  [ DE87128CFA9AED45BC26B7422B06CE06, B6C7AB6BE6260047176FEB14838B859A3601326F2FD34E3594A7F1901DFD7E56 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
12:11:34.0072 0x1fb8  Serenum - ok
12:11:34.0097 0x1fb8  [ 8C86C60A471B4E6DF644B07FD30957C4, CC15109CE20ACEB0A5E10A96051CAAEE796F1DB640C6622B81D6CB76B8C9959D ] Serial          C:\WINDOWS\System32\drivers\serial.sys
12:11:34.0102 0x1fb8  Serial - ok
12:11:34.0121 0x1fb8  [ 83F70AC05D00530EFAE71C913AEB5F3B, BA50F3F120D5514FE17E2FFF4BDEA07CA7B46EE8EA8AB0BC890B862AA0626B84 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
12:11:34.0124 0x1fb8  sermouse - ok
12:11:34.0167 0x1fb8  [ ADC071E4F65BAC3AEF4807B23438472A, D45DEAE2AA7CD1D2627C80252D0024CDD932E760FD6346C74EA60CFE0538FC24 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
12:11:34.0191 0x1fb8  SessionEnv - ok
12:11:34.0214 0x1fb8  [ 4FC275DBBE9F48EB07418E066843058D, AF550B24A7B4EE55259D45DDECFDAB61AE0D2E4E1874E6693A62EC66AEE6096E ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
12:11:34.0216 0x1fb8  sfloppy - ok
12:11:34.0252 0x1fb8  [ F17175CD44231011EC33F3F62F8A9314, EE172A54BA33340D8C0B6C8C08D67C44016F9734FD851AB7DBFB7AAB93EC8E36 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:11:34.0276 0x1fb8  SharedAccess - ok
12:11:34.0334 0x1fb8  [ EBE31F23BF3EF06EE08CE4AC4F26DC80, 64C58B6AA318C4DF2EF8E2E8EB0D13B518775AE89C5F3BC60003C1510A5A70FE ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:11:34.0369 0x1fb8  ShellHWDetection - ok
12:11:34.0403 0x1fb8  [ 0EFBAF5C195B78D7897701EA3084AFA8, 82E539F7697AA9A57B74EFFDA1D9D9865890EAB9EBAEE3843D3DC9C7AD2621FC ] sisagp          C:\WINDOWS\system32\drivers\sisagp.sys
12:11:34.0408 0x1fb8  sisagp - ok
12:11:34.0428 0x1fb8  [ 447DAF85E9F4D53710636468AD9911EA, B1A3840E2A671FEE9D0F17BFFEBEE1EED04EB736A6150389A09E5B6156DF99E3 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:11:34.0431 0x1fb8  SiSRaid2 - ok
12:11:34.0451 0x1fb8  [ 5C08041AA0DB4FE983D496D820AFACB7, 2E513D9B6FA0B27D9A2A4CD1C57AD98C1A8C50D4DAD75AC384793F3A697E671F ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
12:11:34.0455 0x1fb8  SiSRaid4 - ok
12:11:34.0493 0x1fb8  [ 980D0CBAE757EEB1C9B21DEB4FA3B5F8, 5357033FAA1624549E84F6B5AB40345CD2C82353173F0FCE317EEEF0F59663F2 ] smphost         C:\WINDOWS\System32\smphost.dll
12:11:34.0497 0x1fb8  smphost - ok
12:11:34.0532 0x1fb8  [ 4A0B28346252F1165FD6FB38B2177F18, A9D754F11DBED4DB886CAB6DEDBD4B3FB01FF5F0FA2DE226A6D8F970D9C15A3E ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
12:11:34.0536 0x1fb8  SNMPTRAP - ok
12:11:34.0640 0x1fb8  [ EAF47B59FDEA68BC21963E3F05C0B0FE, B1016594F1123CE7AB7DF4FD3BBD8C2C21FBBBC9A11F7F3E0244A370FD3869D3 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
12:11:34.0658 0x1fb8  spaceport - ok
12:11:34.0686 0x1fb8  [ E0A6F5DA31A1B0F3C8D8A4802F97667D, 65770A9C2442522BD122AA2036E1EDAFBCDA2D7F9661412D90DCA01A5D676D01 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
12:11:34.0690 0x1fb8  SpbCx - ok
12:11:34.0732 0x1fb8  [ B9EA3BE9957037FC5EA972621FB7EE36, 30CA80EBE2A7CC8CE5E700A53F1931DC6479A94E2ED5D4B23A312C977A344E5F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
12:11:34.0763 0x1fb8  Spooler - ok
12:11:34.0992 0x1fb8  [ B269FCFAE6A576139BBDA4E805AAEDC4, 1CD8EC94B35EBDA7161FBB6C73EECE5330F458E59B17C7D1FCD52D353ACCC8F9 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
12:11:35.0204 0x1fb8  sppsvc - ok
12:11:35.0234 0x1fb8  SPUVCbv - ok
12:11:35.0276 0x1fb8  [ 4B6B140C66BC2B095E4B1CC0AB2C1A6E, A89B2E55CF6F2CE54268E494EAB4070CC07B1935714584DC0DE2E32A9CFC4F52 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:11:35.0288 0x1fb8  srv - ok
12:11:35.0341 0x1fb8  [ 35F1B1CC0562B40151C809F563CFCD9A, 6B5147BDED2A02A2FECCE269CA409C738E204591554C11636668F75529452C66 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
12:11:35.0373 0x1fb8  srv2 - ok
12:11:35.0409 0x1fb8  [ E64760EE4341393C3895AD3FC1C8581D, 5856914BE8D65831399ACAF76D823B62D49E1092B5546007B7EA63D7D4FAB84D ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:11:35.0416 0x1fb8  srvnet - ok
12:11:35.0449 0x1fb8  [ 6CBF9EBA48E820CC19742919B2FAF67B, 87658A7D24BAFA653373C0599AC3756F1D44B77F2189B2CCA813ED4A06A9D564 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:11:35.0459 0x1fb8  SSDPSRV - ok
12:11:35.0493 0x1fb8  [ 60F21B841226BF06EA420A5322A4279E, FDC563B5AFCCFB1DDC5FB39187BCAACB2B91528426E8A198A527379CC3EB5C89 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
12:11:35.0501 0x1fb8  SstpSvc - ok
12:11:35.0535 0x1fb8  [ 585FDB94DB04AC1C56298D1FD1F1389E, 5CEBAAF3B649E580B3EF2B9B38426D6EE13B244BE1274BA0C0A468EC4CFB680C ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:11:35.0542 0x1fb8  ssudmdm - ok
12:11:35.0588 0x1fb8  [ 16B2984D7D17ABD2B26DC353C679E520, 51880EF880D1627E666F422185A32AF9A9EB42265688EABB1ABD0A408B09E446 ] Start8          C:\Program Files\Stardock\Start8\Start8Srv.exe
12:11:35.0594 0x1fb8  Start8 - ok
12:11:35.0622 0x1fb8  [ B4489EA5810BF73778CD8BDC305109CE, E42EC87D2B8622AA25E9DAA64F98EA4129FC231BEDAD5D2ECF6DD7F19C710E07 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
12:11:35.0625 0x1fb8  stexstor - ok
12:11:35.0659 0x1fb8  [ 8F96D826AFDDCDBA871BF0423F44890B, 35FBBDD5FDCB2A824D0E54D52EC8BCCAAF7B23B68FBC6067738FFDB318F41C3E ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
12:11:35.0728 0x1fb8  StillCam - ok
12:11:35.0783 0x1fb8  [ AE30DD60D851221BC26A4D6848AD78CC, 593CD0E77942472112E359A2FB156E5CD04E5003DB67B0B989DDF0C7A00089E1 ] StiSvc          C:\WINDOWS\System32\wiaservc.dll
12:11:35.0814 0x1fb8  StiSvc - ok
12:11:35.0852 0x1fb8  [ BA47EC0DC91660274059C437DC53D82B, 49BC1483F92457F5EDA40B598CCC64F0379C49EEA1E21CA1E182F670AA6959ED ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
12:11:35.0854 0x1fb8  storahci - ok
12:11:35.0876 0x1fb8  [ FA5A48CAB745A7A8CB83ECFE26BD2A11, DBF39A5D4663DE7F8809B2E21EDD5DE4EC291F023CFFBBDEC33AD569245F8B52 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
12:11:35.0879 0x1fb8  storflt - ok
12:11:35.0914 0x1fb8  [ 54614BE0F68CD3E9C6DEB8E8FBD12397, 2C3CDAF70BF5165965B03A83B7161862A4D5590EEFF34B4A71281DC8DA7EA2CD ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
12:11:35.0918 0x1fb8  stornvme - ok
12:11:35.0943 0x1fb8  [ 01DC138AF03B0DF86044D29BA6FA20C8, 608A1220154256AA5C1FDA43B32F852E1C277D445C1CA24E72CCE946C0A60291 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
12:11:35.0954 0x1fb8  StorSvc - ok
12:11:35.0986 0x1fb8  [ 19AC4D3BB088AA4561036B220FEB99DE, ECD0071B7229BEB1CEC80A1F302A9864E35958AB7EF659780695E80A14B9E647 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
12:11:35.0989 0x1fb8  storvsc - ok
12:11:36.0012 0x1fb8  [ 77BBD7D3F9229A4FA1F4B61D12A06762, 2500C903E1EC45D31F54CE4B4ED4F2052C55396AC4DA29D2DDBBCC347FF9F535 ] svsvc           C:\WINDOWS\system32\svsvc.dll
12:11:36.0016 0x1fb8  svsvc - ok
12:11:36.0034 0x1fb8  [ BDD8121BEB8227A65D83C87FD4BE5AFE, 3B2C207180349752E39128316EEFA95B080333FC057E48A0F260D3224ED67B48 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
12:11:36.0036 0x1fb8  swenum - ok
12:11:36.0070 0x1fb8  [ 756E1472CB3BE829A8555869469074DE, 75379CB7D996DD0F5293A3AD7FBE7AEB3C51B75C046CE971E751019444212C70 ] swprv           C:\WINDOWS\System32\swprv.dll
12:11:36.0093 0x1fb8  swprv - ok
12:11:36.0157 0x1fb8  [ A08AEDA37F3BC5A7E72C2D7732C26FC0, B9521CC77BB8001142C64A7D1B8480F52A4ADC0AE0A94D04578EDAE67F2BEF65 ] SysMain         C:\WINDOWS\system32\sysmain.dll
12:11:36.0202 0x1fb8  SysMain - ok
12:11:36.0241 0x1fb8  [ 2DAFC7A0D89C3EC5B0163CFD2A115778, 25684AEB5B54B413EFBFA6F893D1F7A5B308DBC8D29EE403765B0A9D744D1BFD ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:11:36.0295 0x1fb8  SystemEventsBroker - ok
12:11:36.0318 0x1fb8  [ 89BAFF8F0D332009A95EA5F217C57DE1, 6BB67736A8F15A218924060FC927EBDB524305550EAAFA5EFD228228353CE1F3 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:11:36.0326 0x1fb8  TabletInputService - ok
12:11:36.0346 0x1fb8  [ 4FCDFA214133956B0DA8358D366F536B, E243B05AA9C0D2FB7FBD6774ADE2251C9A9ED6B3460956321E4388E2C0FDAE4E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:11:36.0358 0x1fb8  TapiSrv - ok
12:11:36.0435 0x1fb8  [ A0404DFE33A089B3C535EFE62D617672, 48B2163FBB72382A03E32621839D19E95E9E251952A00FD742D43E11EBF36AEF ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
12:11:36.0530 0x1fb8  Tcpip - ok
12:11:36.0643 0x1fb8  [ A0404DFE33A089B3C535EFE62D617672, 48B2163FBB72382A03E32621839D19E95E9E251952A00FD742D43E11EBF36AEF ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:11:36.0682 0x1fb8  TCPIP6 - ok
12:11:36.0726 0x1fb8  [ 31D0E1BF76AA85F5A72F4FD488C3B508, AADDDAB1B41356EDDE6BE7091BAC24345C4D0BEC4DABD2B4F50D753320A6E1AE ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
12:11:36.0826 0x1fb8  tcpipreg - ok
12:11:36.0874 0x1fb8  [ DB0C184142CF9FA1746F598A16EE92B2, 27341EDDB764FE978AB0B4E6E89A9BA41E064578CCEA5AC56AA83CD99828DB93 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
12:11:36.0878 0x1fb8  tdx - ok
12:11:36.0909 0x1fb8  [ 87F4612CBEF6CD97043911BA43ABB53B, FFC4B03D5450782EAFA4E91B1F4F64B37E5ECEA3762A15768D068D80FB5F5941 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
12:11:36.0911 0x1fb8  terminpt - ok
12:11:36.0977 0x1fb8  [ 7A8E1158291CF4C8D8474A2091B9BF6D, D6A8C3A92AFC26AA0F710EF51E28943EC658AD7738A5C7EE65F1D9CC3288132E ] TermService     C:\WINDOWS\System32\termsrv.dll
12:11:37.0024 0x1fb8  TermService - ok
12:11:37.0053 0x1fb8  [ 97DDFC419054D0B0D6C5AE698F840307, 5131563E607BA121BA491434CB02E82B63AD8DFCFF30C899C971507445053D43 ] Themes          C:\WINDOWS\system32\themeservice.dll
12:11:37.0058 0x1fb8  Themes - ok
12:11:37.0085 0x1fb8  [ 01946468EA6196F9C54A245354C1240A, 96BE9EF1D791417BFBD9AC9F24D38F128DEE409C95F25138B8CDAE3F86E17D4A ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
12:11:37.0088 0x1fb8  THREADORDER - ok
12:11:37.0109 0x1fb8  [ 63B6FF7650AD844484624541772CCEBA, ADE044BDB9FE02EBEF17F3F0542B2FBBDBFFD0570A0FF53CB754BA8FC248E4AF ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
12:11:37.0119 0x1fb8  TimeBroker - ok
12:11:37.0154 0x1fb8  [ 7441A1E10500AC6229DDCE369A953929, E0C5863A7B89F86A09DBCC602907A3EF3D4511B593A9878FEF559737075FA280 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
12:11:37.0160 0x1fb8  TPM - ok
12:11:37.0186 0x1fb8  [ AEB123A17BE77809C23DA9422505A356, F80D8A3BEB72C719DBE216061B45E00AA97D36175F4A84082A5AF12BDB5D31E0 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
12:11:37.0192 0x1fb8  TrkWks - ok
12:11:37.0240 0x1fb8  [ 37EA57301CE18BEAB54417989450D9E1, 0DAD10998F66149189E79343D880330C33856464582FC81C4F4810F4BF3C7625 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:11:37.0244 0x1fb8  TrustedInstaller - ok
12:11:37.0266 0x1fb8  [ 3E87B8167BA1CA5274DFACC4856B3FD9, ED06CD0BC2E525BC7F4467EECEF361CE4DBC456156AD1D4440FDA144B8310983 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
12:11:37.0270 0x1fb8  TsUsbFlt - ok
12:11:37.0294 0x1fb8  [ 3F6FA4385342780468C0FEE5D09BB431, DB820F8A0B8443871F0EF1817D9516FDA8A3A6C71112951B52641C318176FCD5 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:11:37.0296 0x1fb8  TsUsbGD - ok
12:11:37.0324 0x1fb8  [ C9AF1C4C24DA2FF092B1A4548EEC5ACB, CD638FECB87AA8A6861CE248EBBD18AB42F2A71FB06446E28A7E9496968100DE ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
12:11:37.0329 0x1fb8  tunnel - ok
12:11:37.0366 0x1fb8  [ 61FC1405334298EFE7D49970C5346551, 5068C5D1A8F08140A5FC2FA1122D86E146C7F10AEAF41C314EB85383E5C72560 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
12:11:37.0370 0x1fb8  uagp35 - ok
12:11:37.0395 0x1fb8  [ 0E919230A74FA541CC5C2D3F917340B7, 0C960B511C1AB67C8556604EAAE994B9366F5ED90B0C4C6C44D6F88E244C4C79 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
12:11:37.0399 0x1fb8  UASPStor - ok
12:11:37.0434 0x1fb8  [ BC87FFF7ACB60F25CEE11C03856D2BFD, 440854D481E170A1D0D9DB915823E87C35A2D0D2B274CA4ED56AE08646E34D31 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
12:11:37.0441 0x1fb8  UCX01000 - ok
12:11:37.0467 0x1fb8  [ 070CDA00BE4D9E4E92F5471B8D24CBD8, B8407DCBF5E878FA440EA229E2FED457C27BD53CA47EC5326F7A8917CD6AC529 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
12:11:37.0477 0x1fb8  udfs - ok
12:11:37.0492 0x1fb8  [ 31C53FFBFD9977D3F2061627A69274D2, 6B95519B26C0B588E2D8973B838E03DF658C95BBF2D5940116E4256462518E63 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
12:11:37.0495 0x1fb8  UEFI - ok
12:11:37.0527 0x1fb8  [ 0424574BB406E7B793D122D0F1A198CE, 7A3084E6EE1F4FFDD7B61F4D4E1AFC9B7439BC6C3C9F358C9CFD1C1232A8E302 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
12:11:37.0663 0x1fb8  UI0Detect - ok
12:11:37.0776 0x1fb8  [ 202F1C6EBA7D84F59C03E708F45A28C3, 009D0E5D342929B0489D10AA4CBE704D11C1E81CB8FE8E55B50DCF5D246A469B ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
12:11:37.0782 0x1fb8  uliagpkx - ok
12:11:37.0812 0x1fb8  [ 8CB5D86BDB3890CFC4D94593935C2F4B, A1C26146D1FA78E66C878287D27BAC1E474EB7A3BC82A5FF2EF19223AAF5498A ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
12:11:37.0816 0x1fb8  umbus - ok
12:11:37.0839 0x1fb8  [ C4115675F53E9E853294C15131D5EBBC, 1E9EFBAAFDDA6BCCABAD2CA0F0D48019AFA7299A5E4D5E56ED5364F7398DFC26 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
12:11:37.0842 0x1fb8  UmPass - ok
12:11:37.0872 0x1fb8  [ 6843992F07DE867B29277B422F08A72B, 60588DFFDE7A20D0685BFF5FB0E94D8729CDCBC878968181BE4467EECF7FF576 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
12:11:37.0885 0x1fb8  UmRdpService - ok
12:11:37.0918 0x1fb8  [ B9DDAEA3770B3752B6AA7191B5AA16AA, 27D8ED0F417E57E242E6758639A2FFC7E5CF43B6AB8D4A9074273CF046355FC6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:11:37.0972 0x1fb8  upnphost - ok
12:11:38.0009 0x1fb8  [ 8651DACA9D5A52378E6E53282E5F3F84, 8581D32DD13E2BFD7CB53F3A3BBE3B8966032641838494E13603A62F65DCE9F6 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
12:11:38.0015 0x1fb8  usbccgp - ok
12:11:38.0045 0x1fb8  [ 9D941A00FD49FBC8670EFE0B48F41994, 947643E72D70E62C42DB39762D0668FF2151ED9B12CFB5B7B62203E8C2E48332 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
12:11:38.0050 0x1fb8  usbcir - ok
12:11:38.0109 0x1fb8  [ 5DB5AACE25B1E08E958AE2C001182B0F, 68A686085C2BFDDDFC3C5E1A3815D74E92E2AA0096B57F1DBBD7877B2B3930F1 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
12:11:38.0113 0x1fb8  usbehci - ok
12:11:38.0224 0x1fb8  [ CD4C957E0CE3D4EF75E5970DD41C1007, FE634BEFB5773B2C21243E50FF0AA440F04921073C02A29E994D01A0E689FC47 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
12:11:38.0257 0x1fb8  usbhub - ok
12:11:38.0373 0x1fb8  [ A0A51CFBE5BDBB62662BD4979A324166, 364DF27453CF47683B86526BC5B844D70C6F590BEC833D8DB6082C9D501C5DDE ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
12:11:38.0429 0x1fb8  USBHUB3 - ok
12:11:38.0502 0x1fb8  [ B1E835C5F75F98B0439ED0A56B85C3E8, 427313F3847C056DBCF6CF58EE7CC5BF1F22CA73C711D1A63537F3B18FB04FBA ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
12:11:38.0506 0x1fb8  usbohci - ok
12:11:38.0543 0x1fb8  [ F4FA8FC5577F5F603FD79663BD8F3005, 3D91D7312EFEEFA002C805F9A679EE50A3D8C7BF45C06A514BE5177582B156C0 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
12:11:38.0546 0x1fb8  usbprint - ok
12:11:38.0564 0x1fb8  [ C8AE50D46AB17CA1327E2F81FE587F65, 4D4D2B29D15689126CACDB6775EF1B1E48E3322AD16D26E18469F4A125898F79 ] usbrndis6       C:\WINDOWS\system32\DRIVERS\usb80236.sys
12:11:38.0582 0x1fb8  usbrndis6 - ok
12:11:38.0614 0x1fb8  [ 0524DB987E8BCB5D42B42F723AB60AC0, AA39F44AF92082FFFF5BB39690261E866434ECB7900092D80469513D775B7986 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:11:38.0682 0x1fb8  usbscan - ok
12:11:38.0730 0x1fb8  [ C76EEA7AE00350204BAA04CB2F3A9C52, 66EBBBC5E9BE5A9F934E537B0D4CDB55E9DC142F05263AAED6974AE44AE77AA6 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:11:38.0736 0x1fb8  USBSTOR - ok
12:11:38.0762 0x1fb8  [ 4173F451FD9B78164F60D74265B16C77, B72E0962040510A7A1242C7175EC1CCCE6DCB7718A9CBF6010E6F5EFEC21B951 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
12:11:38.0765 0x1fb8  usbuhci - ok
12:11:38.0794 0x1fb8  [ DCEF75D41DD4FE665FA2F41F901E67AF, C946CFA766081BE2645DAA07557001EA2593686CD1E94998CA47312ABB840DB3 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
12:11:38.0802 0x1fb8  usbvideo - ok
12:11:38.0825 0x1fb8  [ 0CEA7C4EC8BAB5DEFC8F7198BEE03850, AB5933A4C89CF2C2975A24119DC30A122C17572D74565DE0F5C895CF29EEED06 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:11:38.0848 0x1fb8  USBXHCI - ok
12:11:38.0885 0x1fb8  [ 858E4052317754D281D0643B9573F7B7, D888E78E8F23A69CCD4A50B201D75D3C652A4C9CF07F200D49EADE6329624507 ] usb_rndisx      C:\WINDOWS\system32\DRIVERS\usb8023x.sys
12:11:38.0894 0x1fb8  usb_rndisx - ok
12:11:38.0926 0x1fb8  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] VaultSvc        C:\WINDOWS\system32\lsass.exe
12:11:38.0929 0x1fb8  VaultSvc - ok
12:11:38.0998 0x1fb8  [ 3D06B8D4A1ED1B91C8566DF7AC510AF2, 1639DA43B066D5D615133178AAB3251EF1F80B2330994C02B11122D8F1EC5C64 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
12:11:39.0003 0x1fb8  vdrvroot - ok
12:11:39.0129 0x1fb8  [ 22DF64B9DA3F480FB78C886B329A1048, 0E2708A91818313501472BAF829703EE9EB6AA019C725DA36E0A13ED432063FF ] vds             C:\WINDOWS\System32\vds.exe
12:11:39.0163 0x1fb8  vds - ok
12:11:39.0255 0x1fb8  [ E0915FFD3BDFB98B723C46FEB8070B8A, 7D9B52E4D35E92823E3D8DE24DF8A405E23B34C84BF0E42DD04001C49C1F0EC0 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
12:11:39.0263 0x1fb8  VerifierExt - ok
12:11:39.0432 0x1fb8  [ 3AF00F5A0742B10CB10F54A4D6E17D8B, B6CABE42363AC8F797594879117EF1B352BAC5612F46F0930F966F4D6A2D5222 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
12:11:39.0534 0x1fb8  vhdmp - ok
12:11:39.0566 0x1fb8  [ 33CA244E0808BBD784EA6938605FED28, 381F320300D558261C79ED62EEB187D31E3606222B9B7B24EBDD00E782F03F87 ] viaagp          C:\WINDOWS\system32\drivers\viaagp.sys
12:11:39.0570 0x1fb8  viaagp - ok
12:11:39.0629 0x1fb8  [ EBBBCBC27D7F391188CDF4196ED80D63, 2493F56BE61DFA54138C2FFAEEB13ED40E168E345CE4B381EF7F34DEBC6152EC ] ViaC7           C:\WINDOWS\System32\drivers\viac7.sys
12:11:39.0633 0x1fb8  ViaC7 - ok
12:11:39.0655 0x1fb8  [ 75B08537DCF231A7B536ACE2ED8E8A35, 520D87B7AE1E351AF4C1798528D371188102F6552F2C576C40D6A2AB55B8A718 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
12:11:39.0657 0x1fb8  viaide - ok
12:11:39.0678 0x1fb8  [ 744DBD744910FAB62EACD05F25471D61, 99ED66D0E47976F1AA8C999032E0CF1649B91ED47AFCD4AEE880F4D926CD4D80 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
12:11:39.0689 0x1fb8  vmbus - ok
12:11:39.0713 0x1fb8  [ 1F02B273254268F975612210D8CB6859, BB5EAC399CD3D7ACC5A20DB0EA4BD6DBF5D2D475A4A206E3CD1F31FBAE3C88D2 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
12:11:39.0716 0x1fb8  VMBusHID - ok
12:11:39.0768 0x1fb8  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
12:11:39.0792 0x1fb8  vmicguestinterface - ok
12:11:39.0821 0x1fb8  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
12:11:39.0832 0x1fb8  vmicheartbeat - ok
12:11:39.0857 0x1fb8  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:11:39.0867 0x1fb8  vmickvpexchange - ok
12:11:39.0898 0x1fb8  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
12:11:39.0908 0x1fb8  vmicrdv - ok
12:11:39.0933 0x1fb8  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
12:11:39.0943 0x1fb8  vmicshutdown - ok
12:11:39.0962 0x1fb8  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
12:11:39.0972 0x1fb8  vmictimesync - ok
12:11:39.0990 0x1fb8  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
12:11:40.0001 0x1fb8  vmicvss - ok
12:11:40.0035 0x1fb8  [ D78640FCD9043EEFE3DDE69855A72567, 0668F913E5F3D21BC921E5344AE9D354CCAC0FB1962A74D4BE95822F7F4BC228 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
12:11:40.0038 0x1fb8  volmgr - ok
12:11:40.0068 0x1fb8  [ 57566A1F8D39071BB56AA0B083A75544, 3B63E53B05A5417084A1BC4ECB118FAC3DE4C5FA1EE30834564F670CCD79352E ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
12:11:40.0089 0x1fb8  volmgrx - ok
12:11:40.0186 0x1fb8  [ F4138DC230FC3DFE9E31201561D0491B, EDCE4AA2794F6D022A424A29021712A25D60A093D2C98BB6F5C4CF4092AAFA97 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
12:11:40.0204 0x1fb8  volsnap - ok
12:11:40.0234 0x1fb8  [ 10B78A2D45B1330C162FDE8FEE78F315, F3D790D2352422F335432BA50198C192F397BAAC713BAB99B577ED7C33C0348B ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
12:11:40.0240 0x1fb8  vsmraid - ok
12:11:40.0319 0x1fb8  [ 044B27361CEE42AD0662B04D57CDB716, 7B267D0EF4991C3E4D8FEE10455AFF12037B2C72F42FA6E57343643D29CD95A0 ] VSS             C:\WINDOWS\system32\vssvc.exe
12:11:40.0364 0x1fb8  VSS - ok
12:11:40.0432 0x1fb8  [ 761B3F51660CD3D9F815E5C916235D0B, 64DA061674047ECC3D0A034CFCB3D926712C14599807E06194688ED7E9F8ADCA ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
12:11:40.0442 0x1fb8  VSTXRAID - ok
12:11:40.0493 0x1fb8  [ 47BF83648E9FBD88A8CDB7C2A169D100, C00971C6DC1EA10FBB8D3291BF196DE45C66E234D143D08F3B9A97DDE08547FF ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
12:11:40.0495 0x1fb8  vwifibus - ok
12:11:40.0531 0x1fb8  [ 937FC132094684F8F41DA89CECC1D427, B0048733D1B02F5DE2F28B4C35F6E4EB0D4B2E651ED7258929596A81C1DED807 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
12:11:40.0535 0x1fb8  vwififlt - ok
12:11:40.0548 0x1fb8  [ 438082724F84703C00DA503131A89055, C81FCFC7A04E7F656F0DCA3D1E0BFC3D9AAC25FA35C9DF98A33FEAE86FE2B303 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
12:11:40.0550 0x1fb8  vwifimp - ok
12:11:40.0605 0x1fb8  [ 6300EDA4700C9BEEA42867D4F0A1F9E5, 8258ECE4E8B2A989F392B2E69AFE54BB3F444753ACE7E7990307EBCA143B6868 ] W32Time         C:\WINDOWS\system32\w32time.dll
12:11:40.0628 0x1fb8  W32Time - ok
12:11:40.0650 0x1fb8  [ 67B211F7AB2D49C6403E7FD970421806, B81E270723397450A9689F7EE9D014F2623FC90A5051D671484F141DC116D5CF ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
12:11:40.0652 0x1fb8  WacomPen - ok
12:11:40.0677 0x1fb8  [ 4686214315127725738113C0B1779E0A, 9DE6CBC9762BFC3EE879686A93FE25C95904EFAAAF5E90D265D57EAEC98DCA79 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:11:40.0681 0x1fb8  Wanarp - ok
12:11:40.0689 0x1fb8  [ 4686214315127725738113C0B1779E0A, 9DE6CBC9762BFC3EE879686A93FE25C95904EFAAAF5E90D265D57EAEC98DCA79 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:11:40.0691 0x1fb8  Wanarpv6 - ok
12:11:40.0761 0x1fb8  [ A3A21FF9BE9C183F1AF9B538B9D37DD1, F959E22580425BF9C0FE9C72776EFF1934575021DFDBD1834E6BB881D3BA4A97 ] wbengine        C:\WINDOWS\system32\wbengine.exe
12:11:40.0816 0x1fb8  wbengine - ok
12:11:40.0862 0x1fb8  [ CE81100317C426F778651FD1D5C16492, 91CE2B6C43632D48859B9961F6CAF3F519D06C3A13FF23E906E1ED93DEB896B2 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
12:11:40.0884 0x1fb8  WbioSrvc - ok
12:11:40.0917 0x1fb8  [ 30DBF746D895BC3A6EC4CF55B81A8A81, 3CED8ED3D260A2F95B956CE0B962C5F6D90BADAB489C8B9724016E4DBEBF7662 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
12:11:40.0939 0x1fb8  Wcmsvc - ok
12:11:40.0981 0x1fb8  [ 531A627D02CAEC304B30A1EBDE99DADE, 410B2FEB23333861E61107C64F628FAA0A3FC8C62C17D4F5854EC891D8D83516 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
12:11:41.0002 0x1fb8  wcncsvc - ok
12:11:41.0025 0x1fb8  [ 69059CD0ABD70C3884117652E3B70431, 8568210E62C827C43377C09F40974628FF25CFD35A45EA4D4E3FDD5884F91617 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:11:41.0030 0x1fb8  WcsPlugInService - ok
12:11:41.0054 0x1fb8  [ 5B9AEA959D59C5F2DAEC2E6FD6DDFB0F, 3B7C857DC272860FDCD3216C524BBFA65B26F1AEB37B562EBB7F9068891DCB01 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
12:11:41.0058 0x1fb8  WdBoot - ok
12:11:41.0105 0x1fb8  [ C49F1B047C2080FC5AA662A769887631, 55BC1C77250B0B2AF2B81120DDBE41C25B875FCD72040A529D1BA88D5BFD5E7F ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
12:11:41.0139 0x1fb8  Wdf01000 - ok
12:11:41.0159 0x1fb8  [ BBD6DF3FC00CACBFA92A4C98CE5C0CCD, CB62FB1E28D6F00546C339C6D3A24B430315E78575FCDEB520D9F0963ADC74D1 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
12:11:41.0167 0x1fb8  WdFilter - ok
12:11:41.0186 0x1fb8  [ DACD90541CBF7DE095801B05ABB4F355, 2CB55E01DE3603DFA91CB151C7EE4E978EB3DD0F818BDC8277D3C9407751F7B5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
12:11:41.0194 0x1fb8  WdiServiceHost - ok
12:11:41.0201 0x1fb8  [ DACD90541CBF7DE095801B05ABB4F355, 2CB55E01DE3603DFA91CB151C7EE4E978EB3DD0F818BDC8277D3C9407751F7B5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
12:11:41.0206 0x1fb8  WdiSystemHost - ok
12:11:41.0232 0x1fb8  [ D7B8475F59FD0C9C395151E5BB5DCC2E, E49E161606B86819759213DC37D4D43C157A65EBED77686783F0FA85AB7C614B ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:11:41.0236 0x1fb8  WdNisDrv - ok
12:11:41.0290 0x1fb8  [ 2DFB6808124ED1DADE451D845AC61559, 432DCE00F281FC9C97EFC314266591DE0854B9623B95C3EE2FC463389D187CE7 ] WdNisSvc        C:\Program Files\Windows Defender\NisSrv.exe
12:11:41.0300 0x1fb8  WdNisSvc - ok
12:11:41.0320 0x1fb8  [ A750BB0258ECF6265A903905A0B14EB3, F92A7C4649E1496C5493EAF39C873EC475145BB37959FD902F9ED783C8CB3D36 ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:11:41.0378 0x1fb8  WebClient - ok
12:11:41.0435 0x1fb8  [ 03EA9E300DCDF78E8A92625F0BA1CCB2, B8C73C05D2955400800B5D36DC20E8973F75411E32CCD8B2CFA03B6283A50A44 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
12:11:41.0463 0x1fb8  Wecsvc - ok
12:11:41.0491 0x1fb8  [ E4016FA4757738263BD714190FB26BA6, C5B121ED9EFFC5C040CF5F658AF9CC63A6FFEDC4C62F7D28D6B474632DC0178B ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
12:11:41.0497 0x1fb8  WEPHOSTSVC - ok
12:11:41.0527 0x1fb8  [ B83AC02F1FF0137AB3CB2B5B1AC801DA, 6F871E9A8EAA979D3624FDD3088DD37C3411BFBB43A8FFF75B39DF07B1A95D05 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
12:11:41.0533 0x1fb8  wercplsupport - ok
12:11:41.0561 0x1fb8  [ 7EC47083E7470A4BC538FA1EBE60BF58, 4AF817DAB7192182D0A782EA058E3916D22A44C6AB9F89371E1327E8D27C379A ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
12:11:41.0569 0x1fb8  WerSvc - ok
12:11:41.0592 0x1fb8  [ CBF73734B883C712BC07796708FCB0CD, 8DA54162866A71E7CEE188A49400964100E58D194B21F86821B01407C4334CA6 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
12:11:41.0596 0x1fb8  WFPLWFS - ok
12:11:41.0616 0x1fb8  [ 5876A572A52FA14CEE2F11D7A71ABA2D, 159883D0F10FE6FA05DAB56B598C12000BC25B977329E81BD67DE329B80F79B4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
12:11:41.0622 0x1fb8  WiaRpc - ok
12:11:41.0649 0x1fb8  [ A4A63DD4E1B72B8C8189AD3F09914AF0, 9B9773C8FB84A224FA6A48D93D46ACE2761E3AC123544C86B50D3895C8A39B41 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
12:11:41.0652 0x1fb8  WIMMount - ok
12:11:41.0674 0x1fb8  [ 8CC83221870DD07144E63DF594C391D9, 33BC14D231A4AFAA18F06513766D5F69D8B88F1E697CD127D24FB4B72AD44C7A ] WinDefend       C:\Program Files\Windows Defender\MsMpEng.exe
12:11:41.0676 0x1fb8  WinDefend - ok
12:11:41.0722 0x1fb8  [ 984B3226C7A4CFC9FE91D7BACA133D8D, B8058FC049217DE89F13730425207C19B1967194F3BE3C8CAE2F8AA3BD932721 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:11:41.0756 0x1fb8  WinHttpAutoProxySvc - ok
12:11:41.0806 0x1fb8  [ D08485FAEA1C3505A22FB5C1EBEBC062, 7377B0FE90C60A67789A12FEBBA7FD38C2580BB09F406CED3DD2E1F5EEF123CC ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:11:41.0818 0x1fb8  winmgmt - ok
12:11:41.0918 0x1fb8  [ 5B8D7F29CA815E6DB156DF9853F0472D, 8E343EC8241C146F7ECB85361BF1AD78C718552B42115A6EE1577B7959901F3D ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
12:11:42.0042 0x1fb8  WinRM - ok
12:11:42.0107 0x1fb8  [ 7683DEBE4329EF289BC2B1FC709ED629, F4353FF4E52457058FAE64B9EBAE59563D1E60E8D4CC2C1EF04CC4C3E9C03C78 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
12:11:42.0111 0x1fb8  WinUsb - ok
12:11:42.0178 0x1fb8  [ 69F326FAE43423A4EDC1FA975C15FEF3, CD06FD275DCFA469780A4A333ED442CF1B47B5A62EE14030A46B30339F7920E4 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
12:11:42.0234 0x1fb8  WlanSvc - ok
12:11:42.0326 0x1fb8  [ 8885B2E1A62EC9C6BA7C6CDEEBF0C6E4, AF543870A8DAEA095E8543B32E5628C4F0F47034EF8764F85D0FCF29ABE33782 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
12:11:42.0383 0x1fb8  wlidsvc - ok
12:11:42.0412 0x1fb8  [ AF01C55490366930DFAF1D3655C763BD, 59081AC6B83E0A4A376A62417458C520ABA7DB4FB1AEEEC4C45FC8C0AF61FC20 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
12:11:42.0414 0x1fb8  WmiAcpi - ok
12:11:42.0451 0x1fb8  [ 57D8CE143395C99E185EA7D753F5C04F, 5778CD5B6EF11071C728416192353C3143C7E875AA8555E1F2CDB26F5B0FA08A ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:11:42.0457 0x1fb8  wmiApSrv - ok
12:11:42.0538 0x1fb8  [ A511D963C744DD2C86FFF20ADEEE49F9, D3DB5ADF7C32706FC386C608E73F93D03DA4CFDB0B5F80B1C35B30348B76CC31 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:11:42.0629 0x1fb8  WMPNetworkSvc - ok
12:11:42.0662 0x1fb8  [ DB3F0877E5C225693A131AE82C262957, BEE887EC134F7A27120915F709670FBDC9223E70EA928A0FDC4284FBDFD65ADB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
12:11:42.0668 0x1fb8  Wof - ok
12:11:42.0742 0x1fb8  [ EA7A99A15E809938A6D44E0C4CB00B57, 522B443721529C642BBC9010DFBD1636B617121643D1CCA8C5AE18F3302F98CD ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
12:11:42.0822 0x1fb8  workfolderssvc - ok
12:11:42.0867 0x1fb8  [ 7E7207FF951BDAA10781D758628EC1B9, AD6E7D95AD188A9104AEC52DBA8562F0F194BBC45201B5774B9727CF7B01F52E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:11:42.0871 0x1fb8  wpcfltr - ok
12:11:42.0899 0x1fb8  [ D7C14B416FC4F76A596A01A76FC5F873, 15D6D10186173F6CEFED503AC061F74F85A0C92B8C0D44684FF57B878AB96D5B ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
12:11:42.0904 0x1fb8  WPCSvc - ok
12:11:42.0921 0x1fb8  [ 942AA793A262EB8A6A94DB087D29E744, D52AE53AE985F527657CB22F202AE3007E319B22AA89BA2CDEBDC529A18CFB2D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
12:11:42.0928 0x1fb8  WPDBusEnum - ok
12:11:42.0958 0x1fb8  [ 6D8FA63A8C9765A853264D3977EECC19, F8172DA54DC417E9DA812469A3CD677932F82CCA676DB09187E5A201660D1E83 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:11:42.0961 0x1fb8  WpdUpFltr - ok
12:11:42.0994 0x1fb8  [ 12BCBE7CA69586AF483C86255739793F, 25714CD7ED802C70AD3580E2C26150392EA452BA355EB3426170B94ABEDDC172 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:11:42.0996 0x1fb8  ws2ifsl - ok
12:11:43.0032 0x1fb8  [ 7A0CFACFDF18C5A44D05F91656AB2C70, C15AC8200647B86199F0A547046059D9864EAA87711CD8F3034A8D3ECEDB4370 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
12:11:43.0039 0x1fb8  wscsvc - ok
12:11:43.0060 0x1fb8  [ D6CC95C9AB741215C54B231043045D0A, 61112A6BF8C93C0240B87B0CDC615B924219C435C803F9CF5FB5BEBB3A62991C ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
12:11:43.0065 0x1fb8  WSDPrintDevice - ok
12:11:43.0092 0x1fb8  [ 66040C953845533DDACA721E2900C226, 03A60C5951A1FC0169E64C399000ACD2DD5CCCA0427726B798EF1A587844A329 ] WSDScan         C:\WINDOWS\System32\drivers\WSDScan.sys
12:11:43.0132 0x1fb8  WSDScan - ok
12:11:43.0139 0x1fb8  WSearch - ok
12:11:43.0347 0x1fb8  [ 2535EE24CC1BB639A7639B4CA5BDE7C5, B855B693D413144CA26286CE49825F608870AE23DEAC641DAFD693F5F70D9ECB ] WSService       C:\WINDOWS\System32\WSService.dll
12:11:43.0458 0x1fb8  WSService - ok
12:11:43.0595 0x1fb8  [ A6DB316A49F0B8DDA2147516039874A2, 2DFCBD2685B0E7B9A4B0CB662279F383DEF0EA9ADEF7CDC100ED362C8AB05F8F ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
12:11:43.0696 0x1fb8  wuauserv - ok
12:11:43.0749 0x1fb8  [ C0D25C818F1B4F559442E3BC92B18F8D, 88A9B01CDEBD90072B31905BBF02FA02DBD9B923B8B8B96F261A53A8527FEDC6 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
12:11:43.0791 0x1fb8  WudfPf - ok
12:11:43.0841 0x1fb8  [ 39C5340AE404C9B566D406B8DF5CE758, AFF23CCAD6A8263578783E2221CA8CEF525C92D8AA56BF8F020D9FD5F24EFBF1 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
12:11:43.0848 0x1fb8  WUDFRd - ok
12:11:43.0858 0x1fb8  [ 39C5340AE404C9B566D406B8DF5CE758, AFF23CCAD6A8263578783E2221CA8CEF525C92D8AA56BF8F020D9FD5F24EFBF1 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
12:11:43.0863 0x1fb8  WUDFSensorLP - ok
12:11:43.0883 0x1fb8  [ FB61AE2377DBF6855018204EBDF288FC, E818104AB882BE926FE75A27BFC9D987CE3730E96296A2D3FE8ED0698EB9E474 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
12:11:43.0889 0x1fb8  wudfsvc - ok
12:11:43.0903 0x1fb8  [ 39C5340AE404C9B566D406B8DF5CE758, AFF23CCAD6A8263578783E2221CA8CEF525C92D8AA56BF8F020D9FD5F24EFBF1 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:11:43.0907 0x1fb8  WUDFWpdFs - ok
12:11:43.0924 0x1fb8  [ 39C5340AE404C9B566D406B8DF5CE758, AFF23CCAD6A8263578783E2221CA8CEF525C92D8AA56BF8F020D9FD5F24EFBF1 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:11:43.0929 0x1fb8  WUDFWpdMtp - ok
12:11:43.0958 0x1fb8  [ 0D3C738EC8FF12C8B69925229949ED05, 5E7A28F35D83B29925CAA663E12DF970961C10AD5887997E543D1C0ADA11345B ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
12:11:43.0981 0x1fb8  WwanSvc - ok
12:11:44.0006 0x1fb8  ================ Scan global ===============================
12:11:44.0055 0x1fb8  [ BEC87D938F9B07206DC39535D99F6771, F29468A3BE54CDA8EE7DBEFCC5CB2322D81C1E2B41D37EF91196CBA6DE442C2A ] C:\WINDOWS\system32\basesrv.dll
12:11:44.0082 0x1fb8  [ DBD08C890F4148C2C26D2247FA36E947, 505182658C0E6DC39197BFB8D25885274B3948E548E3618796FF3AF64E626326 ] C:\WINDOWS\system32\winsrv.dll
12:11:44.0119 0x1fb8  [ 9C56B7F2F68F73F735E367BBCF39D15B, D7370BE7D57A5A7EB1719241365946C35E321EF28EC640648103AA13FAA89CEA ] C:\WINDOWS\system32\sxssrv.dll
12:11:44.0159 0x1fb8  [ BE8FB66895B5475B09F5907D875CD47D, B9B13330F7BA49271AF4DC7FE917E5366A1052A644D0F5D2C506D282F2865F95 ] C:\WINDOWS\system32\services.exe
12:11:44.0181 0x1fb8  [ Global ] - ok
12:11:44.0182 0x1fb8  ================ Scan MBR ==================================
12:11:44.0223 0x1fb8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:11:44.0650 0x1fb8  \Device\Harddisk0\DR0 - ok
12:11:44.0651 0x1fb8  ================ Scan VBR ==================================
12:11:44.0654 0x1fb8  [ 1D706DF8BD418E40FDFA7AE98D171FEA ] \Device\Harddisk0\DR0\Partition1
12:11:44.0664 0x1fb8  \Device\Harddisk0\DR0\Partition1 - ok
12:11:44.0668 0x1fb8  [ B19277422EDB57508603871B3B9FACD5 ] \Device\Harddisk0\DR0\Partition2
12:11:44.0671 0x1fb8  \Device\Harddisk0\DR0\Partition2 - ok
12:11:44.0698 0x1fb8  [ 68BFB177D49BE22E2DDCE6C6625C0060 ] \Device\Harddisk0\DR0\Partition3
12:11:44.0700 0x1fb8  \Device\Harddisk0\DR0\Partition3 - ok
12:11:44.0723 0x1fb8  [ 55ADA0A91E11A2C3514AAAB72A1B027F ] \Device\Harddisk0\DR0\Partition4
12:11:44.0725 0x1fb8  \Device\Harddisk0\DR0\Partition4 - ok
12:11:44.0725 0x1fb8  ================ Scan generic autorun ======================
12:11:44.0803 0x1fb8  [ DDACBCA1D0E66BBA5C984842F372A6D4, C6E1EC17CB5A249BA5D911CBB9603FDE1B24BECBF95AE4D75E236AFFA75862F9 ] C:\Program Files\iTunes\iTunesHelper.exe
12:11:44.0825 0x1fb8  iTunesHelper - ok
12:11:44.0880 0x1fb8  [ F7DD2D785280DB73DC9060F80361BEFB, 7AF1114FFA46290DC77CC5D562034287A0E617BD4747F58E65CDF70244C402CB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:11:44.0883 0x1fb8  APSDaemon - ok
12:11:44.0932 0x1fb8  [ AF43C4F7F3C8BC95DAD95024F96CDC4A, 6348F6D8F301C5F7290B963D6923E389414ADFBCF6AED562A32245BCADC05580 ] C:\Program Files\QuickTime\QTTask.exe
12:11:44.0954 0x1fb8  QuickTime Task - ok
12:11:44.0999 0x1fb8  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
12:11:45.0008 0x1fb8  SunJavaUpdateSched - ok
12:11:45.0049 0x1fb8  [ 8112D0DACAE746290FC87B3A980FA719, 43CA8CED6AB58EDD97AD476C791D49C7ECD40EB8DA627E8412C0A27699A58F01 ] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
12:11:45.0055 0x1fb8  NeroFilterCheck - ok
12:11:45.0124 0x1fb8  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
12:11:45.0142 0x1fb8  HP Software Update - ok
12:11:45.0180 0x1fb8  [ 86F0D0B3A07C142C81DAB47E8495A822, DA214C967FFE0B3E2BBCE99E7330DBB74EB0BB7F21833FE689277109B0FF92B5 ] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
12:11:45.0189 0x1fb8  BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
12:11:45.0319 0x1fb8  [ 395BCC9122E705F6586217E32CD01CC9, 0A2E3BF0E626A65B9FF1BEFB35FFBC9CCAA3C75DB395D175AAE2DD014A8E8A34 ] C:\Program Files\Hp\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
12:11:45.0436 0x1fb8  HP Officejet 4620 series (NET) #2 - ok
12:11:45.0441 0x1fb8  Waiting for KSN requests completion. In queue: 98
12:11:46.0442 0x1fb8  Waiting for KSN requests completion. In queue: 98
12:11:47.0443 0x1fb8  Waiting for KSN requests completion. In queue: 98
12:11:48.0838 0x1fb8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x61100 ( enabled : updated )
12:11:48.0919 0x1fb8  Win FW state via NFP2: enabled
12:11:51.0417 0x1fb8  ============================================================
12:11:51.0417 0x1fb8  Scan finished
12:11:51.0417 0x1fb8  ============================================================
12:11:51.0434 0x17c8  Detected object count: 0
12:11:51.0435 0x17c8  Actual detected object count: 0



#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:01 PM

Posted 21 October 2014 - 08:04 AM

Please post the addition.txt by FRST as well.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 beggersrun

beggersrun
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa Bay, Florida
  • Local time:06:01 PM

Posted 21 October 2014 - 10:26 AM

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-10-2014
Ran by Dale at 2014-10-17 10:56:36
Running from C:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.29812 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Advanced IP Scanner 2.3 (HKLM\...\{A02F51A7-1982-4B69-8BD3-7D2B86179752}) (Version: 2.3.2161 - Famatech)
Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}) (Version: 3.2.0.47 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AudioConverter Studio 8.2 (HKLM\...\AudioConverter Studio_is1) (Version:  - ManiacTools.com)
AviSynth (HKLM\...\AviSynth) (Version: 2.6.0 MT - )
Bonjour (HKLM\...\{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}) (Version: 2.0.3.0 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Cisco Connect (HKLM\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Foxit Advanced PDF Editor 3 (HKLM\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Free Keylogger Pro (HKLM\...\Free Keylogger Pro_is1) (Version:  - Free Keylogger Pro)
Free MKV to AVI Converter (HKLM\...\{E262A0A7-F5E9-4532-9C23-E88755886510}) (Version: 2.1.0.0 - http://freedomsoftwarecompany.com/)
Free MP4 To AVI Converter (HKLM\...\{40803B44-2D66-4981-83F5-8CEE8193F308}) (Version: 1.0.0 - convertaudiofree)
Free Studio version 2014 (HKLM\...\Free Studio_is1) (Version: 6.2.4.1230 - DVDVideoSoft Ltd.)
Free Video Flip and Rotate version 2.1.9.822 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.822 - DVDVideoSoft Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 4620 series Basic Device Software (HKLM\...\{C4E2A2F2-2A53-42C7-920A-169713776631}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Help (HKLM\...\{606C37AB-EB04-4270-A592-201A03C2DB36}) (Version: 6.0.0 - Hewlett Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IP Camera Viewer 2 (HKLM\...\IP Camera Viewer_is1) (Version:  - DeskShare Inc.)
IPcamera (HKLM\...\{584607EC-B6DE-4F33-A380-E525167CDDCE}) (Version: 1.2.9 - Foscam)
iTunes (HKLM\...\{350FB27C-CF62-4EF3-AF9D-70FF313FE221}) (Version: 10.0.0.68 - Apple Inc.)
iTunesFolderWatch (HKLM\...\{42CA9D92-E0D2-4514-A59A-C0C6CD9E1679}) (Version: 2.1.05 - JezSoft)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Karen's Directory Printer (HKLM\...\Karen's Directory Printer) (Version: 5.3.0.2 - Karen Kenworthy)
K-Lite Codec Pack 10.6.5 Basic (HKLM\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
LameACM (HKLM\...\LameACM) (Version:  - )
Magic ISO Maker v5.5 (build 0281) (HKLM\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office FrontPage 2003 (HKLM\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
mIRC (HKLM\...\mIRC) (Version:  - )
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mp3tag v2.58 (HKLM\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{CF097717-F174-4144-954A-FBC4BF301033}) (Version: 7.02.9753 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
Open Broadcaster Software (HKLM\...\Open Broadcaster Software) (Version:  - )
Paint Shop Pro 7 (HKLM\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
PdaNet+ for Android 4.15 (HKLM\...\PdaNet_is1) (Version:  - June Fabrics Technology Inc)
Photo Gallery (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Security Monitor Pro 5 (HKLM\...\Security Monitor Pro DotNet5_is1) (Version:  - DeskShare Inc.)
Show Presenter (HKLM\...\{2E510276-F614-4AC5-9ACC-465735484A4F}) (Version: 3.0 - Digital Entertainer Ltd)
SoulseekQt (HKLM\...\SoulseekQt) (Version:  - )
Stardock ModernMix (HKLM\...\ModernMix_is1) (Version: 1.12 - Stardock Software, Inc.)
Stardock Start8 (HKLM\...\Start8_is1) (Version: 1.41 - Stardock Software, Inc.)
SWiSH Jukebox (HKLM\...\SWiSH Jukebox) (Version:  - )
SWiSH Max2 (HKLM\...\SWiSH Max2) (Version: 09.06.09.000 - SWiSHzone.com)
SWiSH Video2 (HKLM\...\SWiSH Video2) (Version:  - )
Update for Microsoft en-us Dictionary (Version: 16.1.1164.1 - Microsoft Corporation) Hidden
Update Service YourFileDownloader (HKCU\...\Update Service YourFileDownloader) (Version: 2.14.41 - http://www.yourfiledownloader.com) <==== ATTENTION
VSFilter 2.41.322 (0c3a1ea) Nightly (HKLM\...\vsfilter_is1) (Version: 2.41.322 - MPC-HC Team)
Winamp (remove only) (HKLM\...\Winamp) (Version:  - )
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Xiph.Org Open Codecs 0.85.17777 (HKLM\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3807231785-4007385617-3935110610-1001_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)

==================== Restore Points  =========================

14-10-2014 01:04:27 Scheduled Checkpoint
15-10-2014 01:17:05 Revo Uninstaller Pro's restore point - PrieceLesss
15-10-2014 17:01:26 Plex Media Server

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 02:13 - 2014-03-18 12:49 - 00450639 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00BC77BF-3352-4FE8-9617-4F1B27BEC19A} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {1916506E-162A-4676-9C45-6E105EEBE48A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {20F822BA-1BDD-4815-8861-B82C0D21CE5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-27] (Google Inc.)
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {2BE65564-89D1-4396-A5CC-D7D9283FC4A1} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {2E30D0A5-C5F6-4FFC-A598-3712653FAE34} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3807231785-4007385617-3935110610-1001Core => C:\Users\Dale\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {302C98FE-CDB8-46AA-88D5-8D1720410797} - System32\Tasks\SpeedFixTool_Start => C:\Program Files\Speed Fix Tool\SpeedFixTool.exe
Task: {336EDE5A-5654-40EB-BB7E-E26AA43FC392} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {392EB017-207C-42BF-A061-F3BE721F456C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {4B7EF56A-8A42-4BD2-BB5C-7C389AC54A37} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {4DCB199F-84D4-4639-841C-9CC4A2FDF1D3} - System32\Tasks\SpeedFixTool_Popup => C:\Program Files\Speed Fix Tool\Splash.exe
Task: {50C95B7F-4056-4B20-B95E-132B76891751} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {5700ACE8-D0AF-4BA7-98B6-1033521A877A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {59C6F624-10A2-4A3A-B79B-407CDF4324BD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {6DC2C166-CF46-4262-8C89-42A415574B94} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3807231785-4007385617-3935110610-1001UA => C:\Users\Dale\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {6E84A59B-1863-4B21-8BD8-C9B20FD15484} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {7C7CF1DA-F461-4850-96B2-ADCA8A67E59C} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {8B5819AE-7B44-478B-A3D3-8846AF160A8F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {8FDD9155-4CB8-467B-AB08-10819AF11DFD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-15] (Microsoft Corporation)
Task: {92ED6570-4654-4BFA-9A6C-1084C6939C16} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {997C8BBD-710B-4E66-B5BC-CC09575A58D2} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {A5D45ED3-F524-4574-8F39-527F3729D1E2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\WINDOWS\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {B38614AD-FD60-4BDA-BD9F-FD2066BE6081} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
Task: {C0D0F7C4-419F-41B3-90A2-FE79270B828A} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {C32DF497-8502-49ED-9DC4-EFD3B133FDEE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {C5C0331F-E13F-480A-9710-0834C1EC0154} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\WINDOWS\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {CF5A1DDC-D14D-4D59-AD49-A19A645B087B} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DB288918-B5EF-4DBA-ADF5-4D575F3F00AC} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {DB6B816A-00B2-405A-846A-AB37FCF466FC} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {DCF55BED-B1DF-4ABF-8D85-6542C7007799} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E4C8774A-2818-45A4-8A6D-11DDF6348886} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {ED2F239B-BC52-4F1A-B464-F3BEDA40320B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-27] (Google Inc.)
Task: {FAB49829-3EE7-4234-BE84-277862F2A57C} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3807231785-4007385617-3935110610-1001Core.job => C:\Users\Dale\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3807231785-4007385617-3935110610-1001UA.job => C:\Users\Dale\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-10-07 23:42 - 2014-10-01 01:54 - 01042760 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\libglesv2.dll
2014-10-07 23:41 - 2014-10-01 01:54 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\libegl.dll
2014-10-07 23:42 - 2014-10-01 01:54 - 08911176 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\pdf.dll
2014-10-07 23:41 - 2014-10-01 01:54 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\ffmpegsumo.dll
2014-01-19 15:39 - 2014-01-19 15:39 - 00162920 _____ () C:\Windows\Downloaded Program Files\DVM_IPCam2.ocx
2014-10-07 23:42 - 2014-10-01 01:54 - 14891848 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:956DBA92
AlternateDataStreams: C:\Users\Dale\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Iolo Macro Magic.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Universal Media Server.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "APSDaemon"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "QuickTime Task"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "FileZilla Server Interface"
HKLM\...\StartupApproved\Run: => "NeroFilterCheck"
HKLM\...\StartupApproved\Run: => "HP Software Update"
HKCU\...\StartupApproved\StartupFolder: => "PdaNet Desktop.lnk"
HKCU\...\StartupApproved\StartupFolder: => "Sidebar416.lnk"
HKCU\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

========================= Accounts: ==========================

Administrator (S-1-5-21-3807231785-4007385617-3935110610-500 - Administrator - Disabled)
Dale (S-1-5-21-3807231785-4007385617-3935110610-1001 - Administrator - Enabled) => C:\Users\Dale
Guest (S-1-5-21-3807231785-4007385617-3935110610-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3807231785-4007385617-3935110610-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Officejet 4620 series
Description: Officejet 4620 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/17/2014 10:48:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17031, time stamp: 0x53085904
Faulting module name: LibWrap.dll, version: 3.1.0.1005, time stamp: 0x53da0d31
Exception code: 0xc000001d
Fault offset: 0x001d9c82
Faulting process id: 0x1078
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5

Error: (10/17/2014 10:33:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17031, time stamp: 0x53085904
Faulting module name: LibWrap.dll, version: 3.1.0.1005, time stamp: 0x53da0d31
Exception code: 0xc000001d
Fault offset: 0x001d9c82
Faulting process id: 0x163c
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5

Error: (10/17/2014 10:18:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17031, time stamp: 0x53085904
Faulting module name: LibWrap.dll, version: 3.1.0.1005, time stamp: 0x53da0d31
Exception code: 0xc000001d
Fault offset: 0x001d9c82
Faulting process id: 0x1720
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5

Error: (10/17/2014 10:03:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17031, time stamp: 0x53085904
Faulting module name: LibWrap.dll, version: 3.1.0.1005, time stamp: 0x53da0d31
Exception code: 0xc000001d
Fault offset: 0x001d9c82
Faulting process id: 0x6ec
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5

Error: (10/17/2014 09:48:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17031, time stamp: 0x53085904
Faulting module name: LibWrap.dll, version: 3.1.0.1005, time stamp: 0x53da0d31
Exception code: 0xc000001d
Fault offset: 0x001d9c82
Faulting process id: 0xa60
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5

Error: (10/17/2014 09:33:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17031, time stamp: 0x53085904
Faulting module name: LibWrap.dll, version: 3.1.0.1005, time stamp: 0x53da0d31
Exception code: 0xc000001d
Fault offset: 0x001d9c82
Faulting process id: 0x5f4
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5

Error: (10/17/2014 09:18:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17031, time stamp: 0x53085904
Faulting module name: LibWrap.dll, version: 3.1.0.1005, time stamp: 0x53da0d31
Exception code: 0xc000001d
Fault offset: 0x001d9c82
Faulting process id: 0xc70
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5

Error: (10/17/2014 09:03:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17031, time stamp: 0x53085904
Faulting module name: LibWrap.dll, version: 3.1.0.1005, time stamp: 0x53da0d31
Exception code: 0xc000001d
Fault offset: 0x001d9c82
Faulting process id: 0x11fc
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5

Error: (10/17/2014 08:48:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17031, time stamp: 0x53085904
Faulting module name: LibWrap.dll, version: 3.1.0.1005, time stamp: 0x53da0d31
Exception code: 0xc000001d
Fault offset: 0x001d9c82
Faulting process id: 0xa58
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5

Error: (10/17/2014 08:33:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17031, time stamp: 0x53085904
Faulting module name: LibWrap.dll, version: 3.1.0.1005, time stamp: 0x53da0d31
Exception code: 0xc000001d
Fault offset: 0x001d9c82
Faulting process id: 0xf18
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5


System errors:
=============
Error: (10/17/2014 00:27:28 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (10/17/2014 00:26:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (10/16/2014 06:33:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:53:21 PM on ‎10/‎16/‎2014 was unexpected.

Error: (10/16/2014 05:04:11 PM) (Source: DCOM) (EventID: 10010) (User: DALES-LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/16/2014 05:03:41 PM) (Source: DCOM) (EventID: 10010) (User: DALES-LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/16/2014 01:10:03 PM) (Source: DCOM) (EventID: 10010) (User: DALES-LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/16/2014 01:09:33 PM) (Source: DCOM) (EventID: 10010) (User: DALES-LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/16/2014 01:09:03 PM) (Source: DCOM) (EventID: 10010) (User: DALES-LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/16/2014 01:08:33 PM) (Source: DCOM) (EventID: 10010) (User: DALES-LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/16/2014 01:05:36 PM) (Source: DCOM) (EventID: 10010) (User: DALES-LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================
Error: (10/17/2014 10:48:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904LibWrap.dll3.1.0.100553da0d31c000001d001d9c82107801cfea19783db057C:\WINDOWS\system32\wwahost.exeC:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c\LibWrap.dllb73f21e7-560c-11e4-97a0-002622e128aaMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (10/17/2014 10:33:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904LibWrap.dll3.1.0.100553da0d31c000001d001d9c82163c01cfea175fc6ad7aC:\WINDOWS\system32\wwahost.exeC:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c\LibWrap.dll9e23d5e7-560a-11e4-97a0-002622e128aaMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (10/17/2014 10:18:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904LibWrap.dll3.1.0.100553da0d31c000001d001d9c82172001cfea15475bc300C:\WINDOWS\system32\wwahost.exeC:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c\LibWrap.dll86070c94-5608-11e4-97a0-002622e128aaMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (10/17/2014 10:03:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904LibWrap.dll3.1.0.100553da0d31c000001d001d9c826ec01cfea132ee00946C:\WINDOWS\system32\wwahost.exeC:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c\LibWrap.dll6d410252-5606-11e4-97a0-002622e128aaMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (10/17/2014 09:48:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904LibWrap.dll3.1.0.100553da0d31c000001d001d9c82a6001cfea1116729cebC:\WINDOWS\system32\wwahost.exeC:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c\LibWrap.dll5512e9ce-5604-11e4-97a0-002622e128aaMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (10/17/2014 09:33:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904LibWrap.dll3.1.0.100553da0d31c000001d001d9c825f401cfea0efe02b336C:\WINDOWS\system32\wwahost.exeC:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c\LibWrap.dll3c622955-5602-11e4-97a0-002622e128aaMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (10/17/2014 09:18:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904LibWrap.dll3.1.0.100553da0d31c000001d001d9c82c7001cfea0ce58da842C:\WINDOWS\system32\wwahost.exeC:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c\LibWrap.dll24111d80-5600-11e4-97a0-002622e128aaMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (10/17/2014 09:03:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904LibWrap.dll3.1.0.100553da0d31c000001d001d9c8211fc01cfea0acd2046bfC:\WINDOWS\system32\wwahost.exeC:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c\LibWrap.dll0b822a1e-55fe-11e4-97a0-002622e128aaMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (10/17/2014 08:48:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904LibWrap.dll3.1.0.100553da0d31c000001d001d9c82a5801cfea08b4aed175C:\WINDOWS\system32\wwahost.exeC:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c\LibWrap.dllf380ba9e-55fb-11e4-97a0-002622e128aaMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp

Error: (10/17/2014 08:33:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904LibWrap.dll3.1.0.100553da0d31c000001d001d9c82f1801cfea069c3b0053C:\WINDOWS\system32\wwahost.exeC:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c\LibWrap.dlldaaf338e-55f9-11e4-97a0-002622e128aaMicrosoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp


CodeIntegrity Errors:
===================================
  Date: 2014-10-16 04:34:11.943
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-04 17:55:22.040
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-04 17:55:21.990
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-04 17:55:21.917
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-04 17:55:21.840
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-04 17:54:26.384
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-04 17:54:26.332
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-04 17:54:26.160
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-04 17:54:26.025
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-04 17:54:25.802
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.



#9 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:11:01 PM

Posted 29 October 2014 - 02:56 AM

Hi beggersrun,
 
Marius is not available at the moment, so I will work with you from now on.


Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#10 beggersrun

beggersrun
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa Bay, Florida
  • Local time:06:01 PM

Posted 29 October 2014 - 10:41 AM

# AdwCleaner v4.002 - Report created 29/10/2014 at 11:33:13
# Updated 27/10/2014 by Xplode
# Database : 2014-10-26.6
# Operating System : Windows 8.1  (32 bits)
# Username : Dale - DALES-LAPTOP
# Running from : C:\Downloads\adwcleaner_4.002.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\Software\adawarebp
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17344
 
 
-\\ Google Chrome v38.0.2125.111
 
 
*************************
 
AdwCleaner[R2].txt - [998 octets] - [29/10/2014 11:33:13]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1057 octets] ##########


#11 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:11:01 PM

Posted 29 October 2014 - 02:23 PM

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the esetBack.png button.
  • Push esetFinish.png
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt



How is the system running now?
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#12 beggersrun

beggersrun
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa Bay, Florida
  • Local time:06:01 PM

Posted 29 October 2014 - 03:27 PM

# AdwCleaner v4.002 - Report created 29/10/2014 at 16:16:19
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows 8.1  (32 bits)
# Username : Dale - DALES-LAPTOP
# Running from : C:\Users\Dale\Desktop\adwcleaner_4.002.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\TidyNetwork
Folder Deleted : C:\Users\Dale\AppData\Local\TidyNetwork
File Deleted : C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17344
 
 
-\\ Google Chrome v38.0.2125.111
 
 
*************************
 
AdwCleaner[R2].txt - [1137 octets] - [29/10/2014 11:33:13]
AdwCleaner[R5].txt - [1355 octets] - [29/10/2014 15:57:27]
AdwCleaner[S2].txt - [1283 octets] - [29/10/2014 16:16:19]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1343 octets] ##########


#13 beggersrun

beggersrun
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa Bay, Florida
  • Local time:06:01 PM

Posted 29 October 2014 - 05:52 PM

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# product=EOS
# version=8
# iexplore.exe=11.00.9600.16384 (winblue_rtm.130821-1623)
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=4a2b96639bd7b7479accb4068e7cecd9
# engine=20619
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-10-16 06:14:46
# local_time=2014-10-16 02:14:46 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.3.9600 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 16898355 0 0
# scanned=266824
# found=4
# cleaned=4
# scan_time=11371
sh=F60F0CCDE24D23E2F18A9B8114D981C65F15C8F0 ft=1 fh=98fe99c0e6d27d48 vn="a variant of Win32/YourFileDownloader.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-3807231785-4007385617-3935110610-1001\$ROX5E4S\Quarantine\C\Program Files\YourFileDownloaderUpdater\YourFileDownloaderUpdater.exe.vir"
sh=291632BEE20CFE07B2441CA4CECAD3442B7D4235 ft=1 fh=e75704adb5464c42 vn="a variant of Win32/KeyLogger.FreeKeyloggerPro.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\Free Keylogger Pro\Free KLP.exe"
sh=6C8CEC1FFA566492C56B7D962AC2B18FDFE6CF15 ft=1 fh=43baf2b8bc72a264 vn="a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files\KMSnano\KMSELDI.exe"
sh=06D315E206C62B3041C943EFC3A774CF3934CCDD ft=0 fh=0000000000000000 vn="a variant of Java/JShrink.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Dale\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\4b87730a-3588716c"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=4a2b96639bd7b7479accb4068e7cecd9
# engine=20631
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-10-16 08:06:43
# local_time=2014-10-16 04:06:43 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 16948272 0 0
# scanned=252905
# found=0
# cleaned=0
# scan_time=10518
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=4a2b96639bd7b7479accb4068e7cecd9
# engine=20840
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-29 10:28:01
# local_time=2014-10-29 06:28:01 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 0 18079950 0 0
# scanned=178582
# found=10
# cleaned=10
# scan_time=6739
sh=AD0D1676EC329D6F1014932EF964C5061E23B4E4 ft=1 fh=de9bd944ff9bc28e vn="Win32/TidyNetwork.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Dale\AppData\Local\TidyNetwork\petnupdate.exe.vir"
sh=C611AAA2921363A6F23CDF485378150E694229AA ft=1 fh=f8702cdd525f62b3 vn="a variant of Win32/DownloadAdmin.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Downloads\horizon-setup.exe"
sh=458FEF6D1A9874309182F3ECEDA928EB94158A07 ft=0 fh=0000000000000000 vn="Win32/UnlimitedDownloads.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\Common Files\Common dictionary\node\conf.js"
sh=BDDEE66D41C87747ADB70FD03169292F921C6E8A ft=1 fh=b37e4bfffe91bbb1 vn="Win32/UnlimitedDownloads.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\Common Files\Common dictionary\node\copy.exe"
sh=FCF0EA9E39808F86EE24583E550740D21C56F036 ft=0 fh=0000000000000000 vn="Win32/UnlimitedDownloads.E potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\Common Files\Common dictionary\node\nsis.json"
sh=0640D6DD873771517F410C5896E3F2477B016309 ft=1 fh=749a87a2690cffff vn="Win32/AdWare.1ClickDownload.AW application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000"
sh=0640D6DD873771517F410C5896E3F2477B016309 ft=1 fh=749a87a2690cffff vn="Win32/AdWare.1ClickDownload.AW application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000001"
sh=7ABA4DC9BC22D9605675C22CEC12A0DB7EAF0937 ft=1 fh=e11cb87d8b8a9b76 vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Dale\AppData\Local\Microsoft\Windows\INetCache\IE\23T5TGEW\SPSetup[1].exe"
sh=7028F239FAC673EE7DC7772ACC75D759EA73837D ft=1 fh=e769f095fe49f653 vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Dale\AppData\Local\Microsoft\Windows\INetCache\IE\DM4HWO7E\spstub[1].exe"
sh=20C0C67BEC26AB5F38871EC450C8D92F9BB2F089 ft=1 fh=ae2421342709a695 vn="Win32/UnlimitedDownloads.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Dale\AppData\Local\Temp\nsd1065.tmp\19\commondictionary_10102014.exe"


#14 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:11:01 PM

Posted 30 October 2014 - 01:17 AM

How is the system running now? Any problems left?

also please post back with a fresh FRST logfile.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#15 beggersrun

beggersrun
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa Bay, Florida
  • Local time:06:01 PM

Posted 30 October 2014 - 11:52 AM

Sorry to say it's no better. I think it's worse because I've been getting a persistent outdated Java popup warnings. Note that if I disable the extension in Chrome there are no problems. I've been tempted to completely un-install Chrome and re-install, but I'll wait.

 

FRST results:

----------------------------

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2014
Ran by Dale (administrator) on DALES-LAPTOP on 30-10-2014 12:35:10
Running from C:\Users\Dale\Desktop
Loaded Profile: Dale (Available profiles: Dale)
Platform: Microsoft Windows 8.1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Stardock Software, Inc) C:\Program Files\Stardock\ModernMix\MMixSrv.exe
(Stardock Software, Inc) C:\Program Files\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files\Stardock\Start8\Start8.exe
(Stardock Software, Inc) C:\Program Files\Stardock\ModernMix\MMix_32.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Barnesandnoble.com llc) C:\Program Files\WindowsApps\BarnesNoble.Nook_1.9.0.359_x86__ahnzqzva31enc\NookClient.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x86__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(BitTorrent Inc.) C:\Users\Dale\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Jasc Software, Inc.) C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\PSP.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421160 2010-09-01] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle 
 
Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3807231785-4007385617-3935110610-1001\...\Run: [HP Officejet 4620 series (NET) #2] => C:\Program Files\Hp\HP Officejet 4620 
 
series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
Startup: C:\Users\Dale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files\PdaNet for Android\PdaNetPC.exe ()
Startup: C:\Users\Dale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar796.lnk
ShortcutTarget: Sidebar796.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: TidyNetwork -> {2A9CCEC0-3D47-3BB8-EE8D-E40A06845871} -> C:\Program Files\TidyNetwork\petn.dll No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle 
 
Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle 
 
Corporation)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} http://192.168.1.14:90/codebase/DVM_IPCam2.ocx
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval
 
\MSITSS.DLL (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Winsock: Catalog5 08 C:\WINDOWS\system32\wlidnsp.dll [49664] (Microsoft Corporation)
Winsock: Catalog5 09 C:\WINDOWS\system32\wlidnsp.dll [49664] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Dale\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No 
 
File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Dale\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No 
 
File
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "https://www.facebook.com/", "hxxp://www.cnn.com/"
CHR Profile: C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm 
 
[2014-10-12]
CHR Extension: (Google Drive) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf 
 
[2014-10-12]
CHR Extension: (TV) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-10-
 
12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-12]
CHR Extension: (James White) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm 
 
[2014-10-07]
CHR Extension: (YouTube) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo 
 
[2014-10-12]
CHR Extension: (Google Cast) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd 
 
[2014-10-12]
CHR Extension: (Gmail Offline) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk 
 
[2014-10-12]
CHR Extension: (Google Calendar) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\ejjicmeblgpmajnghnpcppodonldlgfn [2014-10-12]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\ghgnmgfdoiplfmhgghbmlphanpfmjble [2014-10-12]
CHR Extension: (AdBlock) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom 
 
[2014-10-14]
CHR Extension: (PrieceLesss) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\gimadnmjmhcbdbhdlpgfpepehadapmoh 
 
[2014-10-12]
CHR Extension: (Tabs to the front!) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\hjaooagfdhdhmbfchnkhggjmacjlacla [2014-10-12]
CHR Extension: (Crackle) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic 
 
[2014-10-12]
CHR Extension: (StumbleUpon) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg 
 
[2014-10-12]
CHR Extension: (Google Maps) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh 
 
[2014-10-12]
CHR Extension: (Poppit!) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi 
 
[2014-10-12]
CHR Extension: (Google Wallet) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda 
 
[2014-10-12]
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\nnbmlagghjjcbdhgmkedmbmedengocbn [2014-10-12]
CHR Extension: (Gmail) - C:\Users\Dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-
 
10-12]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
R2 HPSLPSVC; C:\Users\Dale\AppData\Local\Temp\7zS7C31\hpslpsvc32.dll [701288 2013-07-19] (Hewlett-Packard Co.)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [656376 
 
2014-10-15] ()
R2 ModernMix; C:\Program Files\Stardock\ModernMix\MMixSrv.exe [74864 2013-02-28] (Stardock Software, Inc)
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-21] (Microsoft Corporation)
R2 Start8; C:\Program Files\Stardock\Start8\Start8Srv.exe [143288 2014-04-04] (Stardock Software, Inc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [279784 2014-03-23] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2014-03-23] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2014-04-02] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
R3 ACPIVPC; C:\WINDOWS\System32\drivers\AcpiVpc.sys [23136 2010-01-20] (Lenovo Corporation)
R3 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [640560 2014-08-21] (BitDefender)
R3 avchv; C:\WINDOWS\system32\DRIVERS\avchv.sys [242944 2014-08-21] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [490144 2014-08-21] (BitDefender)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63l.sys [4715008 2013-07-01] (Broadcom Corporation)
R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [78216 2014-07-10] (BitDefender 
 
LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [93648 2014-07-10] (BitDefender 
 
LLC)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [165744 2014-07-10] (BitDefender LLC)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-10-23] (Malwarebytes Corporation)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 pneteth; C:\WINDOWS\system32\DRIVERS\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [46080 2006-05-16] (Sonic Solutions) [File not signed]
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [360376 2014-07-10] (BitDefender S.R.L.)
S3 usbrndis6; C:\WINDOWS\system32\DRIVERS\usb80236.sys [15872 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [92504 2014-03-23] (Microsoft Corporation)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
S3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
S3 SPUVCbv; \SystemRoot\System32\Drivers\SPUVCbv_x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be 
 
moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-30 12:35 - 2014-10-30 12:35 - 00015455 _____ () C:\Users\Dale\Desktop\FRST.txt
2014-10-30 12:34 - 2014-10-30 12:34 - 00000000 ____D () C:\Users\Dale\Desktop\FRST-OlderVersion
2014-10-29 16:17 - 2014-10-29 16:17 - 00003028 _____ () C:\WINDOWS\PFRO.log
2014-10-29 15:30 - 2014-10-29 15:30 - 00000000 ____D () C:\Users\Dale\AppData\Local\XBOX360_ISO_Extract
2014-10-29 15:23 - 2014-10-29 15:25 - 00000000 ____D () C:\Program Files\Common Files\Common dictionary
2014-10-29 11:33 - 2014-10-29 16:16 - 00000000 ____D () C:\AdwCleaner
2014-10-29 11:32 - 2014-10-29 11:32 - 01998336 _____ () C:\Users\Dale\Desktop\adwcleaner_4.002.exe
2014-10-28 13:54 - 2014-10-28 13:54 - 00000993 _____ () C:\Users\Dale\Desktop\Handbrake.lnk
2014-10-28 13:54 - 2014-10-28 13:54 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-10-28 13:54 - 2014-10-28 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-10-28 13:53 - 2014-10-28 13:54 - 00000000 ____D () C:\Program Files\Handbrake
2014-10-23 16:53 - 2014-10-23 16:53 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\Lavasoft
2014-10-23 16:33 - 2014-10-23 16:33 - 00000000 ____D () C:\ProgramData\BitDefender
2014-10-23 16:17 - 2014-10-23 16:17 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\LavasoftStatistics
2014-10-23 16:17 - 2014-07-10 14:09 - 01516488 _____ (Bitdefender) C:\WINDOWS\system32\bdnc.dll
2014-10-23 16:17 - 2014-07-10 14:08 - 00161544 _____ (BitDefender) C:\WINDOWS\system32\httproxy.dll
2014-10-23 16:17 - 2014-07-10 14:08 - 00136824 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\bdpop3p.dll
2014-10-23 16:16 - 2014-07-10 14:08 - 00842368 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\bdsmtpp.dll
2014-10-23 16:16 - 2014-07-10 14:08 - 00179560 _____ (BitDefender) C:\WINDOWS\system32\BdFirewallSDK.dll
2014-10-23 16:16 - 2014-07-10 14:08 - 00135288 _____ () C:\WINDOWS\system32\bdfwcore.dll
2014-10-23 16:16 - 2014-07-10 14:08 - 00110568 _____ (BitDefender) C:\WINDOWS\system32\OEMbdpredir.dll
2014-10-23 16:16 - 2014-07-10 14:08 - 00086896 _____ (BitDefender) C:\WINDOWS\system32\bdpredir.dll
2014-10-23 16:15 - 2014-10-29 16:19 - 00002329 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-23 16:15 - 2014-10-23 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-10-23 16:14 - 2014-10-23 16:14 - 00000299 _____ () C:\WINDOWS\setupact.log
2014-10-23 16:14 - 2014-10-23 16:14 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-10-23 16:14 - 2014-10-23 16:14 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-10-23 16:12 - 2014-10-23 16:12 - 00000000 ____D () C:\Program Files\Lavasoft
2014-10-23 16:10 - 2014-10-23 16:10 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-10-23 16:08 - 2014-10-23 16:08 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-23 14:58 - 2014-10-30 10:38 - 00564185 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-23 14:28 - 2014-10-23 14:28 - 00000000 ____D () C:\ProgramData\Absolutist
2014-10-23 14:26 - 2014-10-23 14:26 - 00001135 _____ () C:\Users\Public\Desktop\Bubble Shooter.lnk
2014-10-23 14:26 - 2014-10-23 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bubble Shooter
2014-10-23 14:25 - 2014-10-23 14:26 - 00000000 ____D () C:\Program Files\Bubble Shooter Deluxe DeLEGiON
2014-10-23 14:06 - 2014-10-23 14:07 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-10-20 12:09 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Dale\Desktop\TDSSKiller.exe
2014-10-17 10:53 - 2014-10-30 12:35 - 00000000 ____D () C:\FRST
2014-10-17 10:51 - 2014-10-30 12:34 - 01105408 _____ (Farbar) C:\Users\Dale\Desktop\FRST.exe
2014-10-16 21:16 - 2014-10-16 21:16 - 00000000 ____D () C:\rsit
2014-10-16 21:16 - 2014-10-16 21:16 - 00000000 ____D () C:\Program Files\trend micro
2014-10-16 21:15 - 2014-10-16 21:02 - 01107968 _____ () C:\Users\Dale\Desktop\RSIT.exe
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ___HD () C:\WINDOWS\PIF
2014-10-15 23:00 - 2014-10-15 23:00 - 00000000 ____D () C:\Program Files\ESET
2014-10-15 22:51 - 2014-10-15 22:51 - 00001847 _____ () C:\Users\Dale\Desktop\JRT.txt
2014-10-15 22:38 - 2014-10-15 22:38 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-15 14:19 - 2014-09-29 18:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-10-15 14:19 - 2014-09-29 18:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-10-15 00:51 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-15 00:51 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-15 00:51 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-15 00:51 - 2014-09-18 20:20 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 00:51 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-15 00:51 - 2014-09-18 20:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 00:51 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-15 00:51 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 00:51 - 2014-08-15 21:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-15 00:51 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-10-15 00:50 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-15 00:50 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-15 00:50 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-15 00:50 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-15 00:50 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 00:50 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-15 00:50 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-15 00:50 - 2014-09-13 01:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-15 00:50 - 2014-08-15 21:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 00:50 - 2014-08-15 20:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-15 00:50 - 2014-06-09 18:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-15 00:50 - 2014-05-05 00:02 - 02826240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-10-15 00:50 - 2014-05-03 02:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-10-15 00:49 - 2014-08-14 19:35 - 00122688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-10-15 00:49 - 2014-07-29 21:57 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-10-15 00:49 - 2014-07-29 01:06 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-10-15 00:49 - 2014-05-01 07:00 - 00046512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-10-15 00:49 - 2014-05-01 01:31 - 02366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-10-15 00:48 - 2014-06-19 20:36 - 00805136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-10-15 00:47 - 2014-09-03 20:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-15 00:47 - 2014-08-06 19:36 - 01090280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-10-15 00:47 - 2014-05-29 05:30 - 00481400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-10-15 00:47 - 2014-05-29 02:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-10-15 00:47 - 2014-05-29 00:38 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-10-15 00:47 - 2014-05-01 01:46 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-10-15 00:47 - 2014-04-29 23:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-15 00:47 - 2014-04-28 18:40 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-15 00:47 - 2014-04-26 16:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-10-15 00:47 - 2014-04-14 04:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-15 00:47 - 2014-03-23 21:34 - 00219992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-10-15 00:47 - 2014-03-23 21:34 - 00092504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-10-15 00:47 - 2014-03-23 21:33 - 00030224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-10-15 00:46 - 2014-05-13 01:21 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-15 00:46 - 2014-05-12 23:43 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-15 00:46 - 2014-05-03 00:57 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-15 00:46 - 2014-05-03 00:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-15 00:46 - 2014-05-03 00:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-15 00:46 - 2014-05-03 00:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-15 00:46 - 2014-05-02 19:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-15 00:46 - 2014-05-01 04:24 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-10-15 00:46 - 2014-04-30 01:32 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-15 00:46 - 2014-04-30 01:29 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-15 00:46 - 2014-04-30 01:29 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-15 00:46 - 2014-04-30 00:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-15 00:46 - 2014-04-29 23:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-10-15 00:46 - 2014-04-29 23:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-15 00:46 - 2014-04-29 23:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-15 00:46 - 2014-04-29 23:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-15 00:46 - 2014-04-29 23:43 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-10-15 00:46 - 2014-04-29 23:38 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-15 00:46 - 2014-04-29 23:25 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-15 00:46 - 2014-04-29 23:15 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-15 00:46 - 2014-04-14 01:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2014-10-15 00:46 - 2014-04-09 01:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-10-15 00:41 - 2014-09-07 22:41 - 00049528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-15 00:41 - 2014-09-07 19:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-15 00:41 - 2014-09-07 19:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-15 00:41 - 2014-09-07 19:57 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 00:41 - 2014-09-07 19:56 - 02815488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-15 00:41 - 2014-09-07 19:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-15 00:41 - 2014-09-07 19:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-15 00:41 - 2014-09-07 19:53 - 01634816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-15 00:41 - 2014-08-01 20:15 - 00976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-15 00:41 - 2014-07-24 06:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-15 00:41 - 2014-07-24 06:33 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-15 00:41 - 2014-06-06 08:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-10-15 00:40 - 2014-06-12 20:10 - 01326936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-10-15 00:40 - 2014-06-12 20:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-10-15 00:40 - 2014-06-05 09:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-10-15 00:40 - 2014-06-01 21:06 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2014-10-15 00:40 - 2014-06-01 21:06 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-15 00:40 - 2014-05-31 04:32 - 00382296 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-10-15 00:40 - 2014-05-31 04:32 - 00338264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-10-15 00:40 - 2014-05-31 04:32 - 00072536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-10-15 00:40 - 2014-05-31 04:32 - 00023384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-10-15 00:40 - 2014-05-31 01:33 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-10-15 00:40 - 2014-05-31 01:30 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-15 00:40 - 2014-05-31 01:29 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-15 00:40 - 2014-05-30 23:33 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-15 00:40 - 2014-05-30 23:33 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-15 00:40 - 2014-05-30 23:33 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-15 00:40 - 2014-05-27 05:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-15 00:40 - 2014-05-19 01:33 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-10-15 00:40 - 2014-05-19 01:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-10-15 00:40 - 2014-05-17 00:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-10-15 00:40 - 2014-05-08 00:37 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-10-15 00:39 - 2014-08-28 19:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-15 00:39 - 2014-08-15 23:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-15 00:39 - 2014-08-15 23:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-15 00:39 - 2014-08-15 23:08 - 00863528 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-15 00:39 - 2014-08-15 23:03 - 01858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-15 00:39 - 2014-08-15 23:03 - 01436888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-15 00:39 - 2014-08-15 23:03 - 00286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-15 00:39 - 2014-08-15 20:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-15 00:39 - 2014-08-15 20:39 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 00:39 - 2014-08-15 20:35 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-15 00:39 - 2014-08-15 20:31 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-15 00:39 - 2014-08-15 20:30 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-15 00:39 - 2014-08-15 20:29 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-15 00:39 - 2014-08-15 20:23 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 00:39 - 2014-08-15 20:21 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 00:39 - 2014-08-15 20:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS
 
\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 00:39 - 2014-08-15 20:15 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 00:39 - 2014-08-15 20:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 00:39 - 2014-08-15 20:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 00:39 - 2014-08-15 20:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 00:39 - 2014-08-15 20:11 - 03985408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 00:39 - 2014-08-15 20:11 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 00:39 - 2014-08-15 20:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-15 00:39 - 2014-08-15 20:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-15 00:39 - 2014-08-15 20:05 - 00877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 00:39 - 2014-07-31 19:23 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-15 00:39 - 2014-07-24 09:48 - 00376128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-10-15 00:39 - 2014-07-24 06:42 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-10-15 00:39 - 2014-07-24 05:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-10-15 00:39 - 2014-06-04 04:22 - 00107352 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-10-15 00:39 - 2014-05-29 23:05 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-10-15 00:39 - 2014-04-11 04:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-10-15 00:39 - 2014-04-11 01:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-10-15 00:39 - 2014-04-10 23:41 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-10-15 00:39 - 2014-04-10 23:02 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-10-15 00:38 - 2014-08-28 21:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-15 00:38 - 2014-08-28 20:59 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-15 00:38 - 2014-08-23 03:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-10-15 00:38 - 2014-08-23 01:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-15 00:38 - 2014-08-23 00:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-15 00:38 - 2014-08-23 00:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-15 00:38 - 2014-08-23 00:02 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-10-15 00:38 - 2014-06-16 18:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-10-15 00:38 - 2014-06-04 00:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-10-15 00:36 - 2014-07-11 23:43 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-15 00:36 - 2014-05-09 23:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-10-15 00:35 - 2014-04-18 09:43 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-10-15 00:35 - 2014-04-18 04:51 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-10-15 00:35 - 2014-04-18 04:01 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-10-15 00:35 - 2014-04-14 04:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-10-15 00:35 - 2014-04-11 00:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-10-15 00:35 - 2014-04-10 23:27 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-10-15 00:35 - 2014-04-09 06:47 - 00294744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-10-15 00:35 - 2014-04-09 01:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-10-15 00:35 - 2014-04-08 23:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-10-15 00:35 - 2014-04-07 19:47 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-10-15 00:35 - 2014-04-06 11:27 - 00311128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-10-15 00:35 - 2014-04-06 11:27 - 00240472 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-10-15 00:35 - 2014-04-06 11:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-10-15 00:35 - 2014-04-06 11:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-10-15 00:35 - 2014-04-06 11:18 - 00271192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-10-15 00:35 - 2014-04-06 11:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 01159520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-10-15 00:35 - 2014-04-06 11:16 - 00194752 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-10-15 00:35 - 2014-04-06 08:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-10-15 00:35 - 2014-04-06 08:00 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-10-15 00:35 - 2014-04-06 07:47 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-10-15 00:35 - 2014-04-06 07:40 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-10-15 00:35 - 2014-04-06 06:58 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-10-15 00:35 - 2014-04-06 06:55 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-10-15 00:35 - 2014-04-06 06:44 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-10-15 00:35 - 2014-04-06 06:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-15 00:35 - 2014-04-06 06:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-10-15 00:35 - 2014-04-06 05:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-10-15 00:35 - 2014-04-03 00:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-10-15 00:35 - 2014-04-03 00:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-10-15 00:35 - 2014-04-02 22:44 - 01210368 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-10-15 00:35 - 2014-04-02 22:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-10-15 00:35 - 2014-04-01 01:09 - 00333656 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-10-15 00:35 - 2014-03-30 23:34 - 05786968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-10-15 00:35 - 2014-03-30 19:26 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-10-15 00:35 - 2014-03-30 19:13 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-10-15 00:35 - 2014-03-30 18:37 - 01167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-10-15 00:35 - 2014-03-30 18:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-10-15 00:35 - 2014-03-28 05:04 - 00328984 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-10-15 00:35 - 2014-03-27 01:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-10-15 00:35 - 2014-03-27 00:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-10-15 00:35 - 2014-03-27 00:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-10-15 00:35 - 2014-03-26 23:22 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-10-15 00:35 - 2014-03-26 23:03 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-10-15 00:35 - 2014-03-26 22:59 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-10-15 00:35 - 2014-03-24 18:57 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-10-15 00:35 - 2014-03-19 21:20 - 00229344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-10-15 00:35 - 2014-03-19 03:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-10-15 00:35 - 2014-03-19 03:09 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-10-15 00:35 - 2014-03-19 01:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-10-15 00:35 - 2014-03-19 00:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-10-15 00:35 - 2014-03-19 00:47 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-10-15 00:35 - 2014-03-19 00:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-10-15 00:35 - 2014-03-19 00:14 - 02130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-15 00:35 - 2014-03-18 03:22 - 00069632 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-10-15 00:35 - 2014-03-18 00:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-10-15 00:35 - 2014-03-17 00:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-10-15 00:35 - 2014-03-16 22:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-10-15 00:35 - 2014-03-14 02:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-10-15 00:35 - 2014-03-06 06:37 - 00264536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-10-15 00:34 - 2014-09-27 18:25 - 03546624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-15 00:32 - 2014-07-23 23:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-15 00:32 - 2014-07-15 13:07 - 02257584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-10-15 00:32 - 2014-07-15 04:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-10-15 00:32 - 2014-07-15 03:55 - 02045440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-10-15 00:31 - 2014-05-30 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-10-13 22:29 - 2014-10-15 03:22 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-13 17:41 - 2014-10-17 17:28 - 00000400 _____ () C:\Users\Dale\AppData\Roaming\Microsoft\Windows\Start Menu\Device(Derp 
 
Cam).website
2014-10-12 17:11 - 2014-10-23 15:14 - 00000010 _____ () C:\Users\Dale\AppData\Local\sponge.last.runtime.cache
2014-10-12 16:50 - 2014-10-15 14:53 - 00000000 ____D () C:\ProgramData\PrieceLesss
2014-10-12 16:50 - 2014-10-14 21:18 - 00000000 ____D () C:\ProgramData\c57eb2ad03c59bcb
2014-10-12 16:50 - 2014-10-12 16:50 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Guest
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Dale\AppData\Local\Comodo
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-10-12 16:49 - 2014-10-12 16:49 - 00000000 ____D () C:\Users\Administrator
2014-10-12 16:48 - 2014-10-23 15:27 - 00020775 _____ () C:\Users\Dale\AppData\Local\census.cache
2014-10-12 16:48 - 2014-10-23 15:26 - 00000000 _____ () C:\Users\Dale\AppData\Local\ars.cache
2014-10-12 16:39 - 2014-10-12 16:39 - 00000036 _____ () C:\Users\Dale\AppData\Local\housecall.guid.cache
2014-10-12 03:02 - 2014-10-15 14:53 - 00000000 ____D () C:\Users\Dale\AppData\Local\27838
2014-10-12 02:05 - 2014-10-12 02:36 - 00000000 ____D () C:\Users\Dale\Documents\Security Monitor Pro
2014-10-12 02:04 - 2014-10-12 02:04 - 00001387 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Monitor Pro 5.lnk
2014-10-12 02:04 - 2014-10-12 02:04 - 00001375 _____ () C:\Users\Public\Desktop\Security Monitor Pro 5.lnk
2014-10-12 02:04 - 2014-10-12 02:04 - 00000000 ____D () C:\Program Files\Common Files\DeskShare Shared
2014-10-12 01:54 - 2014-10-12 02:05 - 00000000 ____D () C:\Users\Dale\AppData\Local\DeskShare Data
2014-10-12 01:51 - 2014-10-12 02:05 - 00000000 ____D () C:\ProgramData\DeskShare
2014-10-12 01:51 - 2014-10-12 02:04 - 00000000 ____D () C:\Program Files\Deskshare
2014-10-12 01:51 - 2014-10-12 01:51 - 00001329 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP Camera Viewer 2.lnk
2014-10-12 01:51 - 2014-10-12 01:51 - 00001317 _____ () C:\Users\Public\Desktop\IP Camera Viewer 2.lnk
2014-10-12 01:51 - 2014-08-29 13:04 - 00301568 _____ () C:\WINDOWS\system32\LiveWrapRTSP.dll
2014-10-11 19:25 - 2014-10-11 20:10 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\HpUpdate
2014-10-11 19:25 - 2014-10-11 19:25 - 00002256 _____ () C:\Users\Public\Desktop\HP Officejet 4620 series.lnk
2014-10-11 19:25 - 2012-10-17 04:04 - 00580712 ____H (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM6412.dll
2014-10-10 13:12 - 2014-10-10 13:13 - 00000000 ____D () C:\Users\Dale\Desktop\SysinternalsSuite
2014-10-09 22:16 - 2014-10-09 22:16 - 00000000 ____D () C:\Program Files\Lame For Audacity
2014-10-09 22:04 - 2014-10-09 22:44 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\Audacity
2014-10-09 22:04 - 2014-10-09 22:04 - 00000993 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-10-09 22:04 - 2014-10-09 22:04 - 00000981 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-10-09 22:04 - 2014-10-09 22:04 - 00000000 ____D () C:\Program Files\Audacity
2014-10-09 21:34 - 2014-10-09 21:34 - 00001077 _____ () C:\Users\Dale\Desktop\AudioConverter Studio.lnk
2014-10-09 21:33 - 2014-10-09 21:34 - 00000000 ____D () C:\Program Files\AudioConverter Studio
2014-10-09 21:33 - 2014-10-09 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioConverter Studio
2014-10-09 11:25 - 2014-10-09 14:02 - 00000000 ____D () C:\ProgramData\Stardock
2014-10-09 11:25 - 2014-10-09 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-10-09 11:25 - 2014-10-09 11:42 - 00000000 ____D () C:\Program Files\Stardock
2014-10-09 11:25 - 2014-10-09 11:25 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2014-10-07 14:41 - 2014-10-07 14:41 - 00038912 _____ () C:\Users\Dale\Desktop\XBox Sign.pub
2014-10-05 16:18 - 2000-04-06 20:10 - 00401462 _____ (Microsoft Corporation) C:\WINDOWS\system32\~GLH0023.TMP
2014-10-05 16:17 - 2014-10-05 16:16 - 00002583 _____ () C:\Users\Public\Desktop\Paint Shop Pro 7.lnk
2014-10-05 16:16 - 2014-10-05 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jasc Software
2014-10-05 16:16 - 2014-10-05 16:16 - 00000000 ____D () C:\Program Files\Jasc Software Inc
2014-10-04 15:04 - 2014-10-06 13:27 - 00000000 ____D () C:\wifidata
2014-10-03 02:37 - 2014-10-03 02:37 - 00000000 __SHD () C:\Users\Dale\AppData\Local\EmieUserList
2014-10-03 02:37 - 2014-10-03 02:37 - 00000000 __SHD () C:\Users\Dale\AppData\Local\EmieSiteList
2014-10-03 02:18 - 2014-10-03 14:25 - 00018432 _____ () C:\Users\Dale\Desktop\Book1.xls
2014-10-03 02:18 - 2014-10-03 02:18 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\Adobe
2014-10-03 01:47 - 2014-10-03 01:47 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-10-03 01:47 - 2014-10-03 01:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-10-03 01:47 - 2014-10-03 01:47 - 00000000 ____D () C:\Program Files\MP3Gain
2014-10-03 01:29 - 2014-10-03 01:30 - 00000000 ____D () C:\Program Files\EasyCapture
2014-10-03 01:24 - 2014-10-03 01:24 - 00000000 ____D () C:\Program Files\DirectoryListPrint
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-30 12:34 - 2013-12-28 01:50 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\uTorrent
2014-10-30 12:32 - 2011-09-01 14:06 - 00000000 ____D () C:\All Saved
2014-10-30 12:30 - 2014-01-30 14:05 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-30 12:01 - 2014-01-20 19:28 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3807231785-4007385617-3935110610-
 
1001UA.job
2014-10-30 12:00 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-30 11:43 - 2013-12-27 19:56 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-30 04:01 - 2014-01-20 19:28 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3807231785-4007385617-3935110610-
 
1001Core.job
2014-10-30 03:44 - 2014-09-23 16:03 - 00000000 ____D () C:\Movies
2014-10-30 02:45 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-10-29 23:43 - 2013-12-27 19:56 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-29 17:14 - 2013-12-27 17:49 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-29 16:19 - 2013-12-27 18:02 - 00000000 ___DO () C:\Users\Dale\SkyDrive
2014-10-29 16:17 - 2013-08-22 03:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-29 16:17 - 2013-08-22 02:13 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-29 15:22 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\Resources
2014-10-29 13:31 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-28 22:19 - 2014-03-15 13:41 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\HandBrake
2014-10-28 14:35 - 2014-05-01 10:10 - 00031841 _____ () C:\xls.html
2014-10-28 14:34 - 2014-01-02 08:06 - 00473600 ___SH () C:\Users\Dale\Desktop\Thumbs.db
2014-10-27 23:18 - 2014-05-25 13:38 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\FSC
2014-10-25 17:28 - 2011-09-17 14:10 - 00000000 ____D () C:\MP3s
2014-10-24 01:14 - 2014-09-12 13:36 - 00000000 ____D () C:\Users\Dale\AppData\Local\Plex Media Server
2014-10-24 00:47 - 2013-12-27 17:56 - 00000000 ____D () C:\Users\Dale\AppData\Local\VirtualStore
2014-10-22 13:23 - 2014-01-11 14:14 - 00118053 _____ () C:\ProgramData\ITFW.log
2014-10-22 13:09 - 2014-01-06 10:18 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-20 13:26 - 2014-01-11 14:23 - 00000000 ____D () C:\Users\Dale\AppData\Roaming\Mp3tag
2014-10-20 13:24 - 2014-01-31 16:59 - 00000000 ____D () C:\Users\Dale\AppData\Local\SoulseekQt
2014-10-17 14:37 - 2013-12-27 17:52 - 00000000 ____D () C:\Users\Dale
2014-10-16 13:03 - 2014-02-12 17:42 - 00000384 _____ () C:\Users\Dale\Desktop\Printer Info.txt
2014-10-16 04:54 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-16 02:14 - 2014-02-24 17:07 - 00000000 ____D () C:\Program Files\KMSnano
2014-10-15 14:54 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\InputMethod
2014-10-15 14:17 - 2013-08-22 03:22 - 00485808 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System 
 
Tools
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
 
\Accessibility
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
 
\System Tools
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
 
\Accessibility
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-15 14:13 - 2013-08-22 04:17 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-15 14:12 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-15 13:04 - 2014-05-26 15:21 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-15 03:22 - 2014-07-08 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-15 03:09 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\registration
2014-10-15 03:06 - 2013-12-27 19:56 - 00000000 ____D () C:\Program Files\Google
2014-10-15 01:14 - 2013-08-22 04:05 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-15 01:00 - 2013-09-29 23:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-15 00:59 - 2013-12-29 14:52 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-15 00:52 - 2013-12-29 14:52 - 100290944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-15 00:49 - 2014-02-12 04:16 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-10-15 00:49 - 2014-02-12 04:16 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-10-15 00:49 - 2014-02-12 04:16 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-10-15 00:49 - 2014-02-12 04:16 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-10-15 00:49 - 2014-02-12 04:15 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-10-15 00:49 - 2014-02-12 04:15 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-10-15 00:49 - 2014-02-12 04:15 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-10-15 00:34 - 2014-02-12 04:15 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-10-15 00:33 - 2014-09-10 10:34 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-10-12 16:50 - 2013-12-27 19:56 - 00000000 ____D () C:\Users\Dale\AppData\Local\Google
2014-10-12 16:50 - 2013-08-22 04:17 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-10-11 19:48 - 2014-09-08 16:51 - 00001986 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-10-11 19:35 - 2014-09-12 13:36 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-10-11 19:25 - 2014-04-05 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-10-11 19:25 - 2014-02-12 17:23 - 00000000 ____D () C:\Program Files\Hp
2014-10-11 19:06 - 2014-01-20 18:50 - 00001654 _____ () C:\Users\Dale\advanced_ip_scanner_MAC.bin
2014-10-06 19:26 - 2014-04-01 11:56 - 00040448 _____ () C:\Users\Dale\Desktop\Banking.xls
2014-10-05 15:34 - 2013-12-31 18:27 - 00000000 ____D () C:\Users\Dale\Documents\My PSP Files
2014-10-03 02:24 - 2013-08-22 04:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\zh-TW
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\zh-CN
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sv-SE
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ru-RU
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\pt-PT
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\pt-BR
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\pl-PL
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\nl-NL
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\nb-NO
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ko-KR
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ja-JP
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\it-IT
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\hu-HU
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\fr-FR
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\fi-FI
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\el-GR
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-10-03 02:23 - 2013-08-22 04:17 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
 
Some content of TEMP:
====================
C:\Users\Dale\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-21 04:35
 
==================== End Of Log ============================





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users