Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Constant Hack every hour every day


  • Please log in to reply
1 reply to this topic

#1 berzerko

berzerko

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 22 November 2014 - 10:32 PM

Can someone please look at this log that was created by some program that I had run today please? Please take note of Running processes and the Pseudo HJT Report, which are one after another in the beginning of the report. No matter what I do, get a new router, fresh install of windows, or linux, change my passwords to difficult ones, use nothing but ethernet, I constantly am finding strange things on my computer that I did not put there. The recent files folder always is showing a list of strange files i never even knew existed before and the screen will flash for like 2 seconds every now and then. I feel a neighbor is ssh'ing into my machines and I don't know how to stop this. I am just so sick of having to reinstall over and over and over! Below is the report. Thank you
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16518
Run by Brendan at 12:37:42 on 2014-11-22
#Option Extended Search is enabled.
#Option Whitelisting is disabled.
Microsoft Windows 8.1 Pro  6.3.9600.0.1252.1.1033.18.8076.5618 [GMT -8:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWow64\IntelCpHeciSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\XCloudSystems\DataProtecto\DPProtectService.exe
C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe
C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\dwm.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\Explorer.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe
E:\SurfEasy.exe
E:\bin\browser\surfeasy.exe
G:\hirens\HBCDMenu.exe
C:\Users\Brendan\AppData\Local\Temp\HBCD\smsniff.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
C:\Program Files (x86)\GlassWire\GWIdlMon.exe
C:\Program Files (x86)\GlassWire\glasswire.exe
C:\Program Files (x86)\7-Zip\7zFM.exe
C:\Program Files (x86)\XCloudSystems\DataProtecto\DPController.exe
C:\Program Files (x86)\XCloudSystems\DataProtecto\DPVaultServer.exe
C:\Windows\SysWow64\dptray.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
uLocal Page = C:\Windows\System32\blank.htm
uSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
mStart Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
mLocal Page = C:\Windows\SysWOW64\blank.htm
mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
mDefault_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
mDefault_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
uURLSearchHooks: Microsoft Url Search Hook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
mWinlogon: Shell = explorer.exe
mWinlogon: Userinit = userinit.exe
uRun: [xcpcontroller] C:\Program Files (x86)\XCloudSystems\DataProtecto\DPController.exe
uRun: [dptray] C:\Windows\SysWow64\dptray.exe
uRun: [GlassWire] "C:\Program Files (x86)\GlassWire\glasswire.exe" -hide
StartupFolder: C:\Users\Brendan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\Heimdal.lnk - C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe
mPolicies-Explorer: ForceActiveDesktopOn = dword:0
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: EnableVirtualization = dword:1
mPolicies-System: EnableInstallerDetection = dword:1
mPolicies-System: PromptOnSecureDesktop = dword:1
mPolicies-System: EnableLUA = dword:1
mPolicies-System: EnableSecureUIAPaths = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ValidateAdminCodeSignatures = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableCursorSuppression = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: dontdisplaylastusername = dword:0
mPolicies-System: scforceoption = dword:0
mPolicies-System: shutdownwithoutlogon = dword:1
mPolicies-System: undockwithoutlogon = dword:1
mPolicies-System: FilterAdministratorToken = dword:0
LSP: %SystemRoot%\system32\mswsock.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{F4FD4873-4E99-47B0-BBCC-BDBE206902F5} : DHCPNameServer = 192.168.0.1
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll
SSODL: WebCheck - <orphaned>
SecurityProviders: SecurityProviders = credssp.dll
LSA: Authentication Packages =  msv1_0
LSA: Notification Packages =  scecli
LSA: Security Packages =  ""
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 sxssrv,4
mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\unregmp2.exe /ShowWMP
mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "C:\Program Files (x86)\Windows Mail\WinMail.exe" OCInstallUserConfigOE
mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\unregmp2.exe /FirstLogon
mASetup: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\shell32.dll
x64-mStart Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
x64-mLocal Page = C:\Windows\System32\blank.htm
x64-mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
x64-mDefault_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
x64-mDefault_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
x64-mWinlogon: Shell = explorer.exe
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-mPolicies-Explorer: ForceActiveDesktopOn = dword:0
x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-System: EnableVirtualization = dword:1
x64-mPolicies-System: EnableInstallerDetection = dword:1
x64-mPolicies-System: PromptOnSecureDesktop = dword:1
x64-mPolicies-System: EnableLUA = dword:1
x64-mPolicies-System: EnableSecureUIAPaths = dword:1
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
x64-mPolicies-System: ValidateAdminCodeSignatures = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-mPolicies-System: EnableCursorSuppression = dword:1
x64-mPolicies-System: ConsentPromptBehaviorUser = dword:3
x64-mPolicies-System: dontdisplaylastusername = dword:0
x64-mPolicies-System: scforceoption = dword:0
x64-mPolicies-System: shutdownwithoutlogon = dword:1
x64-mPolicies-System: undockwithoutlogon = dword:1
x64-mPolicies-System: FilterAdministratorToken = dword:0
x64-Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll
x64-Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll
x64-Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
x64-Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll
x64-Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\unregmp2.exe /ShowWMP
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "C:\Program Files (x86)\Windows Mail\WinMail.exe" OCInstallUserConfigOE
x64-mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\unregmp2.exe /FirstLogon
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
x64-mASetup: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\shell32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 ACPI;Microsoft ACPI Driver;C:\Windows\System32\drivers\acpi.sys [2014-11-22 523096]
R0 CLFS;Common Log (CLFS);C:\Windows\System32\drivers\clfs.sys [2014-11-22 377176]
R0 CNG;CNG;C:\Windows\System32\drivers\cng.sys [2013-8-22 564520]
R0 disk;Disk Driver;C:\Windows\System32\drivers\disk.sys [2013-8-22 100192]
R0 FileInfo;File Information FS MiniFilter;C:\Windows\System32\drivers\fileinfo.sys [2013-8-22 79200]
R0 FltMgr;FltMgr;C:\Windows\System32\drivers\fltMgr.sys [2013-8-22 358752]
R0 fvevol;BitLocker Drive Encryption Filter Driver;C:\Windows\System32\drivers\fvevol.sys [2014-11-22 579416]
R0 intelpep;Intel® Power Engine Plug-in Driver;C:\Windows\System32\drivers\intelpep.sys [2014-11-22 39768]
R0 KSecDD;KSecDD;C:\Windows\System32\drivers\ksecdd.sys [2014-11-22 101208]
R0 KSecPkg;KSecPkg;C:\Windows\System32\drivers\ksecpkg.sys [2013-8-22 192864]
R0 mountmgr;Mount Point Manager;C:\Windows\System32\drivers\mountmgr.sys [2013-8-22 101728]
R0 msisadrv;msisadrv;C:\Windows\System32\drivers\msisadrv.sys [2013-8-22 17248]
R0 Mup;Mup;C:\Windows\System32\drivers\mup.sys [2013-8-22 78688]
R0 NDIS;NDIS System Driver;C:\Windows\System32\drivers\ndis.sys [2014-11-22 1119064]
R0 partmgr;Partition Manager;C:\Windows\System32\drivers\partmgr.sys [2013-8-22 88928]
R0 pci;PCI Bus Driver;C:\Windows\System32\drivers\pci.sys [2013-8-22 285536]
R0 pcw;Performance Counters for Windows Driver;C:\Windows\System32\drivers\pcw.sys [2013-8-22 50016]
R0 rdyboost;ReadyBoost;C:\Windows\System32\drivers\rdyboost.sys [2014-11-22 258904]
R0 Tcpip;TCP/IP Protocol Driver;C:\Windows\System32\drivers\tcpip.sys [2014-11-22 2543960]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver;C:\Windows\System32\drivers\TVALZ_O.SYS [2013-8-15 32832]
R0 vdrvroot;Microsoft Virtual Drive Enumerator;C:\Windows\System32\drivers\vdrvroot.sys [2013-8-22 37728]
R0 volmgr;Volume Manager Driver;C:\Windows\System32\drivers\volmgr.sys [2013-8-22 73568]
R0 volmgrx;Dynamic Volume Manager;C:\Windows\System32\drivers\volmgrx.sys [2013-8-22 377696]
R0 volsnap;Storage volumes;C:\Windows\System32\drivers\volsnap.sys [2014-11-22 311640]
R0 Wdf01000;Kernel Mode Driver Frameworks service;C:\Windows\System32\drivers\Wdf01000.sys [2013-8-22 839488]
R1 AFD;Ancillary Function Driver for Winsock;C:\Windows\System32\drivers\afd.sys [2013-8-22 567296]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2013-8-22 76800]
R1 Beep;Beep;C:\Windows\System32\drivers\beep.sys [2013-8-22 7680]
R1 cdrom;CD-ROM Driver;C:\Windows\System32\drivers\cdrom.sys [2013-8-22 164352]
R1 CSC;Offline Files Driver;C:\Windows\System32\drivers\csc.sys [2013-8-22 559616]
R1 Dfsc;DFS Namespace Client Driver;C:\Windows\System32\drivers\dfsc.sys [2013-8-22 134656]
R1 gwdrv;GlassWire Driver;C:\Windows\System32\drivers\gwdrv.sys [2014-11-22 33296]
R1 Msfs;Msfs;C:\Windows\System32\drivers\msfs.sys [2013-8-22 30208]
R1 mssmbios;Microsoft System Management BIOS Driver;C:\Windows\System32\drivers\mssmbios.sys [2013-8-22 37728]
R1 NetBIOS;NetBIOS Interface;C:\Windows\System32\drivers\netbios.sys [2013-8-22 48128]
R1 NetBT;NetBT;C:\Windows\System32\drivers\netbt.sys [2013-8-22 282624]
R1 Npfs;Npfs;C:\Windows\System32\drivers\npfs.sys [2013-8-22 58880]
R1 nsiproxy;NSI Proxy Service Driver;C:\Windows\System32\drivers\nsiproxy.sys [2013-8-22 39936]
R1 Null;Null;C:\Windows\System32\drivers\null.sys [2013-8-22 5632]
R1 Psched;QoS Packet Scheduler;C:\Windows\System32\drivers\pacer.sys [2013-8-22 151552]
R1 rdbss;Redirected Buffering Sub System;C:\Windows\System32\drivers\rdbss.sys [2014-11-22 408576]
R1 tdx;NetIO Legacy TDI Support Driver;C:\Windows\System32\drivers\tdx.sys [2013-8-22 107520]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2013-8-22 71680]
R2 AudioEndpointBuilder;Windows Audio Endpoint Builder;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R2 Audiosrv;Windows Audio;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2013-8-22 37768]
R2 BFE;Base Filtering Engine;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2013-8-22 37768]
R2 BITS;Background Intelligent Transfer Service;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
R2 CryptSvc;Cryptographic Services;C:\Windows\System32\svchost.exe -k NetworkService [2013-8-22 37768]
R2 DcomLaunch;DCOM Server Process Launcher;C:\Windows\System32\svchost.exe -k DcomLaunch [2013-8-22 37768]
R2 Dhcp;DHCP Client;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2013-8-22 37768]
R2 Dnscache;DNS Client;C:\Windows\System32\svchost.exe -k NetworkService [2013-8-22 37768]
R2 DPProtectService;DPProtectService;C:\Program Files (x86)\XCloudSystems\DataProtecto\DPProtectService.exe [2014-11-22 725816]
R2 DPS;Diagnostic Policy Service;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2013-8-22 37768]
R2 EventLog;Windows Event Log;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2013-8-22 37768]
R2 EventSystem;COM+ Event System;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
R2 GlassWire;GlassWire Control Service;C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [2014-11-5 6279976]
R2 HeimdalSecureDNS;Heimdal Secure DNS Service;C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DNSService.exe [2014-9-24 94368]
R2 HeimdalService;Heimdal Service;C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe [2014-9-24 133792]
R2 iphlpsvc;IP Helper;C:\Windows\System32\svchost.exe -k NetSvcs [2013-8-22 37768]
R2 LanmanServer;Server;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
R2 LanmanWorkstation;Workstation;C:\Windows\System32\svchost.exe -k NetworkService [2013-8-22 37768]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;C:\Windows\System32\drivers\lltdio.sys [2013-8-22 59392]
R2 lmhosts;TCP/IP NetBIOS Helper;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2013-8-22 37768]
R2 luafv;UAC File Virtualization;C:\Windows\System32\drivers\luafv.sys [2013-8-22 123904]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-22 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-22 968504]
R2 MMCSS;Multimedia Class Scheduler;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
R2 MpsSvc;Windows Firewall;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2013-8-22 37768]
R2 mrxsmb10;SMB 1.x MiniRedirector;C:\Windows\System32\drivers\mrxsmb10.sys [2013-8-22 283648]
R2 NativeWifiP;NativeWiFi Filter;C:\Windows\System32\drivers\nwifi.sys [2014-11-22 442368]
R2 NlaSvc;Network Location Awareness;C:\Windows\System32\svchost.exe -k NetworkService [2013-8-22 37768]
R2 nsi;Network Store Interface Service;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
R2 PcaSvc;Program Compatibility Assistant Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R2 PEAUTH;PEAUTH;C:\Windows\System32\drivers\PEAuth.sys [2013-8-22 663040]
R2 Power;Power;C:\Windows\System32\svchost.exe -k DcomLaunch [2013-8-22 37768]
R2 ProfSvc;User Profile Service;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
R2 RpcEptMapper;RPC Endpoint Mapper;C:\Windows\System32\svchost.exe -k RPCSS [2013-8-22 37768]
R2 RpcSs;Remote Procedure Call (RPC);C:\Windows\System32\svchost.exe -k rpcss [2013-8-22 37768]
R2 rspndr;Link-Layer Topology Discovery Responder;C:\Windows\System32\drivers\rspndr.sys [2013-8-22 80384]
R2 SamSs;Security Accounts Manager;C:\Windows\System32\lsass.exe [2013-8-22 45008]
R2 Schedule;Task Scheduler;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
R2 secdrv;Security Driver;C:\Windows\System32\drivers\secdrv.sys [2013-8-22 23040]
R2 SENS;System Event Notification Service;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
R2 ShellHWDetection;Shell Hardware Detection;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
R2 Spooler;Print Spooler;C:\Windows\System32\spoolsv.exe [2013-8-22 798208]
R2 srv;Server SMB 1.xxx Driver;C:\Windows\System32\drivers\srv.sys [2014-11-22 454656]
R2 SysMain;Superfetch;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R2 tcpipreg;TCP/IP Registry Compatibility;C:\Windows\System32\drivers\tcpipreg.sys [2013-8-22 48640]
R2 Themes;Themes;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
R2 TrkWks;Distributed Link Tracking Client;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R2 WinDefend;Windows Defender Service;C:\Program Files\Windows Defender\MsMpEng.exe [2014-11-22 23824]
R2 Winmgmt;Windows Management Instrumentation;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
R2 WlanSvc;WLAN AutoConfig;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R2 wscsvc;Security Center;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2013-8-22 37768]
R2 WSearch;Windows Search;C:\Windows\System32\SearchIndexer.exe [2013-8-22 844800]
R2 xvdesafedp;xvdesafedp;C:\Windows\SysWOW64\xvdesafedp.sys [2014-11-22 232064]
R3 AeLookupSvc;Application Experience;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
R3 Appinfo;Application Information;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
R3 bowser;Browser Support Driver;C:\Windows\System32\drivers\bowser.sys [2013-8-22 102912]
R3 BTHUSB;Bluetooth Radio USB Driver;C:\Windows\System32\drivers\BTHUSB.SYS [2014-11-22 81920]
R3 cleanhlp;cleanhlp;C:\Program Files\EEK\bin\cleanhlp64.sys [2014-11-22 57024]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver;C:\Windows\System32\drivers\CmBatt.sys [2013-8-22 25472]
R3 CompositeBus;Composite Bus Enumerator Driver;C:\Windows\System32\drivers\CompositeBus.sys [2013-8-22 36352]
R3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2013-11-4 279000]
R3 DXGKrnl;LDDM Graphics Subsystem;C:\Windows\System32\drivers\dxgkrnl.sys [2014-11-22 1530712]
R3 fastfat;FAT12/16/32 File System Driver;C:\Windows\System32\drivers\fastfat.sys [2013-8-22 217952]
R3 FwLnk;FwLnk Driver;C:\Windows\System32\drivers\FwLnk.sys [2012-7-20 9216]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service;C:\Windows\System32\drivers\HdAudio.sys [2013-8-22 395776]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio;C:\Windows\System32\drivers\hdaudbus.sys [2013-8-22 78336]
R3 hidserv;Human Interface Device Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R3 HidUsb;Microsoft HID Class Driver;C:\Windows\System32\drivers\hidusb.sys [2013-8-22 33792]
R3 HTTP;HTTP Service;C:\Windows\System32\drivers\http.sys [2013-8-22 994144]
R3 i8042prt;PS/2 Keyboard and Mouse Port Driver;C:\Windows\System32\drivers\i8042prt.sys [2013-8-22 107520]
R3 igfx;igfx;C:\Windows\System32\drivers\igdkmd64.sys [2013-11-4 4195840]
R3 intelppm;Intel Processor Driver;C:\Windows\System32\drivers\intelppm.sys [2013-8-22 98816]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2013-10-17 27032]
R3 kbdclass;Keyboard Class Driver;C:\Windows\System32\drivers\kbdclass.sys [2013-8-22 58208]
R3 kbdhid;Keyboard HID Driver;C:\Windows\System32\drivers\kbdhid.sys [2013-8-22 32256]
R3 ksthunk;Kernel Streaming Thunks;C:\Windows\System32\drivers\ksthunk.sys [2013-8-22 21248]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C63x64.sys [2013-8-21 129224]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-11-22 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-11-22 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-11-22 64216]
R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\System32\drivers\HECIx64.sys [2012-7-17 62784]
R3 monitor;Microsoft Monitor Class Function Driver Service;C:\Windows\System32\drivers\monitor.sys [2013-8-22 30208]
R3 mouclass;Mouse Class Driver;C:\Windows\System32\drivers\mouclass.sys [2013-8-22 51040]
R3 mouhid;Mouse HID Driver;C:\Windows\System32\drivers\mouhid.sys [2013-8-22 30208]
R3 mpsdrv;Windows Firewall Authorization Driver;C:\Windows\System32\drivers\mpsdrv.sys [2013-8-22 74240]
R3 mrxsmb;SMB MiniRedirector Wrapper and Engine;C:\Windows\System32\drivers\mrxsmb.sys [2014-11-22 403456]
R3 mrxsmb20;SMB 2.0 MiniRedirector;C:\Windows\System32\drivers\mrxsmb20.sys [2014-11-22 207360]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;C:\Windows\System32\drivers\mshidkmdf.sys [2013-8-22 8192]
R3 NcbService;Network Connection Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R3 Ndisuio;NDIS Usermode I/O Protocol;C:\Windows\System32\drivers\ndisuio.sys [2013-8-22 60416]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\Windows\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]
R3 netprofm;Network List Service;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
R3 Ntfs;Ntfs;C:\Windows\System32\drivers\ntfs.sys [2014-11-22 2008408]
R3 PlugPlay;Plug and Play;C:\Windows\System32\svchost.exe -k DcomLaunch [2013-8-22 37768]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver;C:\Windows\System32\drivers\rdpbus.sys [2013-8-22 22528]
R3 srv2;Server SMB 2.xxx Driver;C:\Windows\System32\drivers\srv2.sys [2014-11-22 675328]
R3 srvnet;srvnet;C:\Windows\System32\drivers\srvnet.sys [2014-11-22 244224]
R3 SSDPSRV;SSDP Discovery;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2013-8-22 37768]
R3 stornvme;Microsoft Standard NVM Express Driver;C:\Windows\System32\drivers\stornvme.sys [2014-11-22 57176]
R3 swenum;Software Bus Driver;C:\Windows\System32\drivers\swenum.sys [2013-8-22 14176]
R3 SynTP;Synaptics TouchPad Driver;C:\Windows\System32\drivers\SynTP.sys [2014-8-6 528112]
R3 Thotkey;Toshiba Hotkey Driver;C:\Windows\System32\drivers\Thotkey.sys [2013-8-19 32624]
R3 tosrfec;Bluetooth ACPI;C:\Windows\System32\drivers\tosrfec.sys [2013-11-1 27032]
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver;C:\Windows\System32\drivers\tunnel.sys [2013-8-22 154112]
R3 umbus;UMBus Enumerator Driver;C:\Windows\System32\drivers\umbus.sys [2013-8-22 46080]
R3 usbccgp;Microsoft USB Generic Parent Driver;C:\Windows\System32\drivers\usbccgp.sys [2014-11-22 155480]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;C:\Windows\System32\drivers\usbehci.sys [2013-8-22 89952]
R3 usbhub;Microsoft USB Standard Hub Driver;C:\Windows\System32\drivers\usbhub.sys [2013-8-22 422240]
R3 USBSTOR;USB Mass Storage Driver;C:\Windows\System32\drivers\USBSTOR.SYS [2014-11-22 142680]
R3 usbvideo;USB Video Device (WDM);C:\Windows\System32\drivers\usbvideo.sys [2013-8-22 212224]
R3 VaultSvc;Credential Manager;C:\Windows\System32\lsass.exe [2013-8-22 45008]
R3 WdiServiceHost;Diagnostic Service Host;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
R3 WdiSystemHost;Diagnostic System Host;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\Windows\System32\drivers\WdNisDrv.sys [2014-11-22 124760]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2014-11-22 348392]
R3 WinHttpAutoProxySvc;WinHTTP Web Proxy Auto-Discovery Service;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI;C:\Windows\System32\drivers\wmiacpi.sys [2013-8-22 16384]
R3 WudfPf;User Mode Driver Frameworks Platform Driver;C:\Windows\System32\drivers\WUDFPf.sys [2013-8-22 117760]
R3 WUDFRd;Windows Driver Foundation - User-mode Driver Framework Reflector;C:\Windows\System32\drivers\WUDFRd.sys [2013-8-22 230912]
R3 wudfsvc;Windows Driver Foundation - User-mode Driver Framework;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R3 WUDFWpdFs;WUDFWpdFs;C:\Windows\System32\drivers\WUDFRd.sys [2013-8-22 230912]
R4 cdfs;CD/DVD File System Reader;C:\Windows\System32\drivers\cdfs.sys [2013-8-22 88576]
R4 udfs;udfs;C:\Windows\System32\drivers\udfs.sys [2013-8-22 316928]
S0 hwpolicy;Hardware Policy Driver;C:\Windows\System32\drivers\hwpolicy.sys [2013-8-22 24416]
S2 gpsvc;Group Policy Client;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S2 sppsvc;Software Protection;C:\Windows\System32\sppsvc.exe [2014-11-22 6353960]
S3 1394ohci;1394 OHCI Compliant Host Controller;C:\Windows\System32\drivers\1394ohci.sys [2013-8-22 231424]
S3 AcpiPmi;ACPI Power Meter Driver;C:\Windows\System32\drivers\acpipmi.sys [2013-8-22 12288]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2013-8-21 782176]
S3 agp440;Intel AGP Bus Filter;C:\Windows\System32\drivers\AGP440.sys [2013-8-22 62304]
S3 ALG;Application Layer Gateway Service;C:\Windows\System32\alg.exe [2013-8-22 92672]
S3 AmdK8;AMD K8 Processor Driver;C:\Windows\System32\drivers\amdk8.sys [2013-8-22 95744]
S3 AmdPPM;AMD Processor Driver;C:\Windows\System32\drivers\amdppm.sys [2013-8-22 98816]
S3 amdsata;amdsata;C:\Windows\System32\drivers\amdsata.sys [2013-8-21 79200]
S3 amdsbs;amdsbs;C:\Windows\System32\drivers\amdsbs.sys [2013-8-21 259424]
S3 amdxata;amdxata;C:\Windows\System32\drivers\amdxata.sys [2013-8-21 25952]
S3 AppID;AppID Driver;C:\Windows\System32\drivers\appid.sys [2014-11-22 83456]
S3 AppIDSvc;Application Identity;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2013-8-22 37768]
S3 AppMgmt;Application Management;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 AppReadiness;App Readiness;C:\Windows\System32\svchost.exe -k AppReadiness [2013-8-22 37768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2013-8-22 37768]
S3 arcsas;Adaptec SAS/SATA-II RAID Storport's Miniport Driver;C:\Windows\System32\drivers\arcsas.sys [2013-8-21 114016]
S3 atapi;IDE Channel;C:\Windows\System32\drivers\atapi.sys [2013-8-22 26464]
S3 AxInstSV;ActiveX Installer (AxInstSV);C:\Windows\System32\svchost.exe -k AxInstSVGroup [2013-8-22 37768]
S3 b06bdrv;Broadcom NetXtreme II VBD;C:\Windows\System32\drivers\bxvbda.sys [2013-8-21 531296]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2013-8-21 17624]
S3 BDESVC;BitLocker Drive Encryption Service;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 Browser;Computer Browser;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 BthEnum;Bluetooth Enumerator Service;C:\Windows\System32\drivers\bthenum.sys [2013-8-22 53248]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\drivers\BthLEEnum.sys [2013-8-22 224768]
S3 BTHMODEM;Bluetooth Serial Communications Driver;C:\Windows\System32\drivers\bthmodem.sys [2013-8-22 63488]
S3 BthPan;Bluetooth Device (Personal Area Network);C:\Windows\System32\drivers\bthpan.sys [2013-8-22 118272]
S3 BTHPORT;Bluetooth Port Driver;C:\Windows\System32\drivers\bthport.sys [2014-11-22 1200640]
S3 bthserv;Bluetooth Support Service;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 CertPropSvc;Certificate Propagation;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 circlass;Consumer IR Devices;C:\Windows\System32\drivers\circlass.sys [2013-8-22 44032]
S3 COMSysApp;COM+ System Application;C:\Windows\System32\dllhost.exe [2013-8-22 19296]
S3 CscService;Offline Files;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 defragsvc;Optimize drives;C:\Windows\System32\svchost.exe -k defragsvc [2013-8-22 37768]
S3 dot3svc;Wired AutoConfig;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 drmkaud;Microsoft Trusted Audio Drivers;C:\Windows\System32\drivers\drmkaud.sys [2013-8-22 14560]
S3 Eaphost;Extensible Authentication Protocol;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;C:\Windows\System32\drivers\evbda.sys [2013-8-21 3357024]
S3 EFS;Encrypting File System (EFS);C:\Windows\System32\lsass.exe [2013-8-22 45008]
S3 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\System32\drivers\errdev.sys [2013-8-22 10240]
S3 exfat;exFAT File System Driver;C:\Windows\System32\drivers\exfat.sys [2013-8-22 200704]
S3 Fax;Fax;C:\Windows\System32\FXSSVC.exe [2013-8-22 655360]
S3 fdc;Floppy Disk Controller Driver;C:\Windows\System32\drivers\fdc.sys [2013-8-22 30720]
S3 fdPHost;Function Discovery Provider Host;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 FDResPub;Function Discovery Resource Publication;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2013-8-22 37768]
S3 Filetrace;Filetrace;C:\Windows\System32\drivers\filetrace.sys [2013-8-22 34816]
S3 flpydisk;Floppy Disk Driver;C:\Windows\System32\drivers\flpydisk.sys [2013-8-22 25088]
S3 FsDepends;File System Dependency Minifilter;C:\Windows\System32\drivers\fsdepends.sys [2013-8-22 56672]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms;C:\Windows\System32\drivers\GAGP30KX.SYS [2013-8-22 65888]
S3 HidBatt;HID UPS Battery Driver;C:\Windows\System32\drivers\hidbatt.sys [2013-8-22 26624]
S3 HidBth;Microsoft Bluetooth HID Miniport;C:\Windows\System32\drivers\hidbth.sys [2013-8-22 96768]
S3 HidIr;Microsoft Infrared HID Driver;C:\Windows\System32\drivers\hidir.sys [2013-8-22 45568]
S3 hkmsvc;Health Key and Certificate Management;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 HomeGroupListener;HomeGroup Listener;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 HomeGroupProvider;HomeGroup Provider;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2013-8-22 37768]
S3 HpSAMD;HpSAMD;C:\Windows\System32\drivers\HpSAMD.sys [2013-8-21 64352]
S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2013-8-21 24568]
S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2013-8-21 99320]
S3 iaStorAV;Intel® SATA RAID Controller Windows;C:\Windows\System32\drivers\iaStorAV.sys [2013-8-21 651248]
S3 iaStorV;Intel RAID Controller Windows 7;C:\Windows\System32\drivers\iaStorV.sys [2013-8-21 412000]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-22 111616]
S3 IKEEXT;IKE and AuthIP IPsec Keying Modules;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2013-10-17 39320]
S3 intelide;intelide;C:\Windows\System32\drivers\intelide.sys [2013-8-22 18272]
S3 IpFilterDriver;IP Traffic Filter Driver;C:\Windows\System32\drivers\ipfltdrv.sys [2013-8-22 84992]
S3 IPMIDRV;IPMIDRV;C:\Windows\System32\drivers\IPMIDrv.sys [2013-8-22 79360]
S3 IPNAT;IP Network Address Translator;C:\Windows\System32\drivers\ipnat.sys [2014-11-22 142848]
S3 IRENUM;IR Bus Enumerator;C:\Windows\System32\drivers\irenum.sys [2013-8-22 17920]
S3 isapnp;isapnp;C:\Windows\System32\drivers\isapnp.sys [2013-8-22 21856]
S3 iScsiPrt;iScsiPort Driver;C:\Windows\System32\drivers\msiscsi.sys [2013-8-22 274784]
S3 kbldfltr;kbldfltr;C:\Windows\System32\drivers\kbldfltr.sys [2013-8-22 22272]
S3 KeyIso;CNG Key Isolation;C:\Windows\System32\lsass.exe [2013-8-22 45008]
S3 KtmRm;KtmRm for Distributed Transaction Coordinator;C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation [2013-8-22 37768]
S3 lfsvc;Windows Location Framework Service;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 lltdsvc;Link-Layer Topology Discovery Mapper;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 LSI_SAS;LSI_SAS;C:\Windows\System32\drivers\lsi_sas.sys [2013-8-21 109408]
S3 LSI_SAS2;LSI_SAS2;C:\Windows\System32\drivers\lsi_sas2.sys [2013-8-21 93536]
S3 LSI_SAS3;LSI_SAS3;C:\Windows\System32\drivers\lsi_sas3.sys [2013-8-21 81760]
S3 megasas;megasas;C:\Windows\System32\drivers\megasas.sys [2013-8-21 56672]
S3 megasr;megasr;C:\Windows\System32\drivers\megasr.sys [2013-8-21 575840]
S3 Modem;Modem;C:\Windows\System32\drivers\modem.sys [2013-8-22 40960]
S3 MRxDAV;WebDav Client Redirector Driver;C:\Windows\System32\drivers\mrxdav.sys [2013-8-22 140288]
S3 MSDTC;Distributed Transaction Coordinator;C:\Windows\System32\msdtc.exe [2013-8-22 142848]
S3 MSiSCSI;Microsoft iSCSI Initiator Service;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 msiserver;Windows Installer;C:\Windows\System32\msiexec.exe [2013-8-22 62464]
S3 MSKSSRV;Microsoft Streaming Service Proxy;C:\Windows\System32\drivers\mskssrv.sys [2013-8-22 10624]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy;C:\Windows\System32\drivers\mspclock.sys [2013-8-22 7040]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy;C:\Windows\System32\drivers\mspqm.sys [2013-8-22 6784]
S3 MsRPC;MsRPC;C:\Windows\System32\drivers\msrpc.sys [2013-8-22 366432]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter;C:\Windows\System32\drivers\mstee.sys [2013-8-22 7936]
S3 MTConfig;Microsoft Input Configuration Driver;C:\Windows\System32\drivers\MTConfig.sys [2013-8-22 13312]
S3 napagent;Network Access Protection Agent;C:\Windows\System32\svchost.exe -k NetworkService [2013-8-22 37768]
S3 NdisCap;Microsoft NDIS Capture;C:\Windows\System32\drivers\ndiscap.sys [2013-8-22 43008]
S3 NdisTapi;Remote Access NDIS TAPI Driver;C:\Windows\System32\drivers\ndistapi.sys [2013-8-22 24576]
S3 NdisWan;Remote Access NDIS WAN Driver;C:\Windows\System32\drivers\ndiswan.sys [2013-8-22 220672]
S3 NDProxy;NDIS Proxy;C:\Windows\System32\drivers\ndproxy.sys [2013-8-22 72192]
S3 Netlogon;Netlogon;C:\Windows\System32\lsass.exe [2013-8-22 45008]
S3 Netman;Network Connections;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc63.sys [2013-8-22 87040]
S3 nv_agp;NVIDIA nForce AGP Bus Filter;C:\Windows\System32\drivers\NV_AGP.SYS [2013-8-22 124768]
S3 nvraid;nvraid;C:\Windows\System32\drivers\nvraid.sys [2013-8-21 150368]
S3 nvstor;nvstor;C:\Windows\System32\drivers\nvstor.sys [2013-8-21 168288]
S3 p2pimsvc;Peer Networking Identity Manager;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2013-8-22 37768]
S3 p2psvc;Peer Networking Grouping;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2013-8-22 37768]
S3 Parport;Parallel port driver;C:\Windows\System32\drivers\parport.sys [2013-8-22 94208]
S3 pciide;pciide;C:\Windows\System32\drivers\pciide.sys [2013-8-22 14688]
S3 pcmcia;pcmcia;C:\Windows\System32\drivers\pcmcia.sys [2013-8-22 114528]
S3 PeerDistSvc;BranchCache;C:\Windows\System32\svchost.exe -k PeerDist [2013-8-22 37768]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2013-8-21 21504]
S3 pla;Performance Logs & Alerts;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2013-8-22 37768]
S3 PNRPAutoReg;PNRP Machine Name Publication Service;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2013-8-22 37768]
S3 PNRPsvc;Peer Name Resolution Protocol;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2013-8-22 37768]
S3 PolicyAgent;IPsec Policy Agent;C:\Windows\System32\svchost.exe -k NetworkServiceNetworkRestricted [2013-8-22 37768]
S3 Processor;Processor Driver;C:\Windows\System32\drivers\processr.sys [2013-8-22 92160]
S3 QWAVE;Quality Windows Audio Video Experience;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2013-8-22 37768]
S3 QWAVEdrv;QWAVE driver;C:\Windows\System32\drivers\qwavedrv.sys [2013-8-22 47104]
S3 RasAcd;Remote Access Auto Connection Driver;C:\Windows\System32\drivers\rasacd.sys [2013-8-22 17408]
S3 RasAuto;Remote Access Auto Connection Manager;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 RasMan;Remote Access Connection Manager;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 RasPppoe;Remote Access PPPOE Driver;C:\Windows\System32\drivers\raspppoe.sys [2013-8-22 84992]
S3 RDPDR;Remote Desktop Device Redirector Driver;C:\Windows\System32\drivers\rdpdr.sys [2013-8-22 195584]
S3 ReFS;ReFS;C:\Windows\System32\drivers\refs.sys [2013-8-22 924512]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI);C:\Windows\System32\drivers\rfcomm.sys [2014-11-22 167424]
S3 RpcLocator;Remote Procedure Call (RPC) Locator;C:\Windows\System32\Locator.exe [2013-8-22 10240]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\Windows\System32\drivers\rtwlane.sys [2013-8-21 1936088]
S3 s3cap;s3cap;C:\Windows\System32\drivers\vms3cap.sys [2013-8-22 7168]
S3 sbp2port;SBP-2 Transport/Protocol Bus Driver;C:\Windows\System32\drivers\sbp2port.sys [2013-8-22 107872]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 scfilter;Smart card PnP Class Filter Driver;C:\Windows\System32\drivers\scfilter.sys [2013-8-22 40960]
S3 SCPolicySvc;Smart Card Removal Policy;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 sdbus;sdbus;C:\Windows\System32\drivers\sdbus.sys [2014-11-22 236376]
S3 seclogon;Secondary Logon;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 SensrSvc;Sensor Monitoring Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2013-8-22 37768]
S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2014-11-22 146776]
S3 Serenum;Serenum Filter Driver;C:\Windows\System32\drivers\serenum.sys [2013-8-22 23040]
S3 Serial;Serial port driver;C:\Windows\System32\drivers\serial.sys [2013-8-22 83456]
S3 sermouse;Serial Mouse Driver;C:\Windows\System32\drivers\sermouse.sys [2013-8-22 26112]
S3 SessionEnv;Remote Desktop Configuration;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 sfloppy;High-Capacity Floppy Disk Drive;C:\Windows\System32\drivers\sfloppy.sys [2013-8-22 17408]
S3 SiSRaid2;SiSRaid2;C:\Windows\System32\drivers\sisraid2.sys [2013-8-21 44896]
S3 SiSRaid4;SiSRaid4;C:\Windows\System32\drivers\sisraid4.sys [2013-8-21 81760]
S3 smphost;Microsoft Storage Spaces SMP;C:\Windows\System32\svchost.exe -k smphost [2013-8-22 37768]
S3 SNMPTRAP;SNMP Trap;C:\Windows\System32\snmptrap.exe [2013-8-22 14848]
S3 SstpSvc;Secure Socket Tunneling Protocol Service;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 stexstor;stexstor;C:\Windows\System32\drivers\stexstor.sys [2013-8-21 31072]
S3 stisvc;Windows Image Acquisition (WIA);C:\Windows\System32\svchost.exe -k imgsvc [2013-8-22 37768]
S3 storflt;Hyper-V Storage Accelerator;C:\Windows\System32\drivers\vmstorfl.sys [2013-8-22 49984]
S3 storvsc;storvsc;C:\Windows\System32\drivers\storvsc.sys [2013-8-22 45888]
S3 swprv;Microsoft Software Shadow Copy Provider;C:\Windows\System32\svchost.exe -k swprv [2013-8-22 37768]
S3 TabletInputService;Touch Keyboard and Handwriting Panel Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 TapiSrv;Telephony;C:\Windows\System32\svchost.exe -k NetworkService [2013-8-22 37768]
S3 TCPIP6;Microsoft IPv6 Protocol Driver;C:\Windows\System32\drivers\tcpip.sys [2014-11-22 2543960]
S3 TermService;Remote Desktop Services;C:\Windows\System32\svchost.exe -k NetworkService [2013-8-22 37768]
S3 THREADORDER;Thread Ordering Server;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 TPM;TPM;C:\Windows\System32\drivers\tpm.sys [2013-8-22 159584]
S3 TrustedInstaller;Windows Modules Installer;C:\Windows\servicing\TrustedInstaller.exe [2013-8-22 98816]
S3 uagp35;Microsoft AGPv3.5 Filter;C:\Windows\System32\drivers\UAGP35.SYS [2013-8-22 64864]
S3 UEFI;Microsoft UEFI Driver;C:\Windows\System32\drivers\uefi.sys [2013-8-22 26976]
S3 UI0Detect;Interactive Services Detection;C:\Windows\System32\UI0Detect.exe [2013-8-22 40960]
S3 uliagpkx;Uli AGP Bus Filter;C:\Windows\System32\drivers\ULIAGPKX.SYS [2013-8-22 65888]
S3 UmPass;Microsoft UMPass Driver;C:\Windows\System32\drivers\umpass.sys [2013-8-22 11776]
S3 UmRdpService;Remote Desktop Services UserMode Port Redirector;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 upnphost;UPnP Device Host;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2013-8-22 37768]
S3 usbcir;eHome Infrared Receiver (USBCIR);C:\Windows\System32\drivers\usbcir.sys [2013-8-22 98304]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver;C:\Windows\System32\drivers\usbohci.sys [2013-8-22 30208]
S3 usbprint;Microsoft USB PRINTER Class;C:\Windows\System32\drivers\usbprint.sys [2013-8-22 26112]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver;C:\Windows\System32\drivers\usbuhci.sys [2013-8-22 34816]
S3 vds;Virtual Disk;C:\Windows\System32\vds.exe [2013-8-22 1283584]
S3 vhdmp;vhdmp;C:\Windows\System32\drivers\vhdmp.sys [2013-8-22 551776]
S3 viaide;viaide;C:\Windows\System32\drivers\viaide.sys [2013-8-22 19808]
S3 vmbus;Virtual Machine Bus;C:\Windows\System32\drivers\vmbus.sys [2013-8-22 97088]
S3 VMBusHID;VMBusHID;C:\Windows\System32\drivers\VMBusHID.sys [2013-8-22 21760]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\drivers\vmbusr.sys [2013-8-22 129536]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 vsmraid;vsmraid;C:\Windows\System32\drivers\vsmraid.sys [2013-8-21 168800]
S3 VSS;Volume Shadow Copy;C:\Windows\System32\VSSVC.exe [2013-8-22 1436160]
S3 vwifibus;Virtual WiFi Bus Driver;C:\Windows\System32\drivers\vwifibus.sys [2013-8-22 24576]
S3 vwifimp;Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2013-8-22 36864]
S3 W32Time;Windows Time;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 WacomPen;Wacom Serial Pen HID Driver;C:\Windows\System32\drivers\wacompen.sys [2013-8-22 26752]
S3 wbengine;Block Level Backup Engine Service;C:\Windows\System32\wbengine.exe [2013-8-22 1542144]
S3 WbioSrvc;Windows Biometric Service;C:\Windows\System32\svchost.exe -k WbioSvcGroup [2013-8-22 37768]
S3 wcncsvc;Windows Connect Now - Config Registrar;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2013-8-22 37768]
S3 WcsPlugInService;Windows Color System;C:\Windows\System32\svchost.exe -k wcssvc [2013-8-22 37768]
S3 WebClient;WebClient;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 Wecsvc;Windows Event Collector;C:\Windows\System32\svchost.exe -k NetworkService [2013-8-22 37768]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768]
S3 wercplsupport;Problem Reports and Solutions Control Panel Support;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 WerSvc;Windows Error Reporting Service;C:\Windows\System32\svchost.exe -k WerSvcGroup [2013-8-22 37768]
S3 WIMMount;WIMMount;C:\Windows\System32\drivers\wimmount.sys [2013-8-22 33632]
S3 WinRM;Windows Remote Management (WS-Management);C:\Windows\System32\svchost.exe -k NetworkService [2013-8-22 37768]
S3 wlidsvc;Microsoft Account Sign-in Assistant;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 wmiApSrv;WMI Performance Adapter;C:\Windows\System32\wbem\WmiApSrv.exe [2013-8-22 195072]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service;C:\Program Files\Windows Media Player\wmpnetwk.exe [2013-8-22 1402368]
S3 workfolderssvc;Work Folders;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 WPCSvc;Family Safety;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2013-8-22 37768]
S3 WPDBusEnum;Portable Device Enumerator Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 wuauserv;Windows Update;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 WwanSvc;WWAN AutoConfig;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2013-8-22 37768]
S4 MsKeyboardFilter;Microsoft Keyboard Filter;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-8-21 139856]
S4 RemoteAccess;Routing and Remote Access;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S4 RemoteRegistry;Remote Registry;C:\Windows\System32\svchost.exe -k localService [2013-8-22 37768]
S4 SCardSvr;Smart Card;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2013-8-22 37768]
S4 SharedAccess;Internet Connection Sharing (ICS);C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S4 ws2ifsl;Winsock IFS Driver;C:\Windows\System32\drivers\ws2ifsl.sys [2013-8-22 21504]
.
=============== File Associations ===============
.
FileExt: .bat: batfile="%1" %*
FileExt: .cmd: cmdfile="%1" %*
FileExt: .com: comfile="%1" %*
FileExt: .exe: exefile="%1" %*
FileExt: .pif: piffile="%1" %*
FileExt: .scr: scrfile="%1" /S
FileExt: .reg: regfile=regedit.exe "%1"
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1
FileExt: .chm: chm.file="C:\Windows\hh.exe" %1
FileExt: .ini: inifile=C:\Windows\System32\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: iexplore.exe: open="C:\Program Files\Internet Explorer\iexplore.exe" %1
ShellExec: mspaint.exe: edit="C:\Windows\System32\mspaint.exe" "%1"
ShellExec: notepad.exe: edit=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: notepad.exe: open=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: photoviewer.dll: open=C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
ShellExec: photoviewer.dll: print=C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
ShellExec: wmplayer.exe: open="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Open "%L"
ShellExec: wmplayer.exe: play="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play "%L"
ShellExec: wordpad.exe: open="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1"
.
=============== Created Last 60 ================
.
2014-11-23 09:06:38    2407936    ----a-w-    C:\Windows\SysWow64\PrintConfig.dll
2014-11-23 09:05:48    --------    d-----r-    C:\Users\Brendan\Searches
2014-11-23 09:05:48    --------    d-----r-    C:\Users\Brendan\Contacts
2014-11-23 09:05:47    --------    d-----w-    C:\Users\Brendan\AppData\Roaming\Adobe
2014-11-23 09:05:47    --------    d-----w-    C:\Users\Brendan\AppData\Local\VirtualStore
2014-11-23 09:05:47    --------    d-----w-    C:\Users\Brendan\AppData\Local\Packages
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\Templates
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\Start Menu
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\SendTo
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\Recent
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\PrintHood
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\NetHood
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\My Documents
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\Local Settings
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\Cookies
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\Application Data
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\AppData\Local\Temporary Internet Files
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\AppData\Local\History
2014-11-23 09:05:46    --------    d-sh--we    C:\Users\Brendan\AppData\Local\Application Data
2014-11-23 09:05:46    --------    d-s---w-    C:\Users\Brendan\AppData\Roaming\Microsoft
2014-11-23 09:05:46    --------    d--h--w-    C:\Users\Brendan\AppData
2014-11-23 09:05:46    --------    d-----w-    C:\Windows\CSC
2014-11-23 09:05:46    --------    d-----w-    C:\Users\Brendan\AppData\Local\Temp
2014-11-23 09:05:46    --------    d-----w-    C:\Users\Brendan\AppData\Local\Microsoft
2014-11-23 09:05:46    --------    d-----r-    C:\Users\Brendan\Videos
2014-11-23 09:05:46    --------    d-----r-    C:\Users\Brendan\Saved Games
2014-11-23 09:05:46    --------    d-----r-    C:\Users\Brendan\Pictures
2014-11-23 09:05:46    --------    d-----r-    C:\Users\Brendan\Music
2014-11-23 09:05:46    --------    d-----r-    C:\Users\Brendan\Links
2014-11-23 09:05:46    --------    d-----r-    C:\Users\Brendan\Favorites
2014-11-23 09:05:46    --------    d-----r-    C:\Users\Brendan\Downloads
2014-11-23 09:05:46    --------    d-----r-    C:\Users\Brendan\Documents
2014-11-23 09:05:46    --------    d-----r-    C:\Users\Brendan\Desktop
2014-11-23 09:05:45    --------    d-----w-    C:\Windows\SoftwareDistribution
2014-11-23 09:03:55    --------    d-----w-    C:\Windows\Prefetch
2014-11-23 09:03:44    --------    d-sh--w-    C:\System Volume Information
2014-11-23 09:03:29    --------    d-----w-    C:\Windows\Panther
2014-11-22 20:20:51    11632448    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{368C92B9-DCF5-402C-B7E8-406C50A1AB44}\mpengine.dll
2014-11-22 20:10:40    --------    d-----w-    C:\Program Files (x86)\7-Zip
2014-11-22 20:01:33    --------    d-----w-    C:\Program Files\EEK
2014-11-22 19:59:30    --------    d-----w-    C:\Documents
2014-11-22 19:58:55    --------    d-----w-    C:\Program Files (x86)\ERUNT
2014-11-22 19:55:44    --------    d-----w-    C:\Windows\Downloaded Installations
2014-11-22 19:50:07    --------    d-----w-    C:\Users\Brendan\AppData\Local\GlassWire
2014-11-22 19:49:53    33296    ----a-w-    C:\Windows\System32\drivers\gwdrv.sys
2014-11-22 19:49:52    --------    d-----w-    C:\ProgramData\GlassWire
2014-11-22 19:49:49    --------    d-----w-    C:\Program Files (x86)\GlassWire
2014-11-22 19:19:51    --------    d-----w-    C:\Users\Brendan\AppData\Roaming\Macromedia
2014-11-22 19:12:10    --------    d-----w-    C:\ProgramData\CSIS
2014-11-22 19:12:09    --------    d-----w-    C:\Program Files (x86)\Heimdal
2014-11-22 18:57:08    15848760    ----a-w-    C:\Program Files\Data-Protecto.exe
2014-11-22 18:55:22    947200    ----a-w-    C:\Windows\SysWow64\htmlayout.dll
2014-11-22 18:55:21    791864    ----a-w-    C:\Windows\SysWow64\dptray.exe
2014-11-22 18:55:09    30848    ----a-w-    C:\Windows\SysWow64\xcpl.sys
2014-11-22 18:55:07    232064    ----a-w-    C:\Windows\SysWow64\xvdesafedp.sys
2014-11-22 18:55:07    --------    d-----w-    C:\Program Files (x86)\XCloudSystems
2014-11-22 18:54:20    129752    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-22 18:53:57    93400    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-22 18:53:57    64216    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-11-22 18:53:57    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-11-22 18:53:57    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-11-22 18:53:57    --------    d-----w-    C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-22 18:53:37    --------    d-----w-    C:\Users\Brendan\AppData\Local\Programs
2014-11-22 18:32:18    941720    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
2014-11-22 18:32:18    275080    ------w-    C:\Windows\System32\MpSigStub.exe
2014-11-22 18:32:18    1188440    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{603EE67F-7B90-483D-B1AF-379B5204B063}\gapaengine.dll
2014-11-22 18:25:07    23492992    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-11-22 18:25:07    22808656    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-11-22 18:24:38    --------    d-----w-    C:\Windows\System32\MRT
2014-11-22 18:24:37    103374192    ----a-w-    C:\Windows\System32\MRT.exe
2014-11-22 18:23:54    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 18:23:54    32768    ----a-w-    C:\Windows\SysWow64\iernonce.dll
2014-11-22 18:23:54    2765824    ----a-w-    C:\Windows\System32\iertutil.dll
2014-11-22 18:23:54    2168320    ----a-w-    C:\Windows\SysWow64\iertutil.dll
2014-11-22 18:23:54    184320    ----a-w-    C:\Program Files (x86)\Internet Explorer\F12Tools.dll
2014-11-22 18:23:53    999936    ----a-w-    C:\Program Files (x86)\Internet Explorer\networkinspection.dll
2014-11-22 18:23:53    806064    ----a-w-    C:\Program Files\Internet Explorer\iexplore.exe
2014-11-22 18:23:53    7211520    ----a-w-    C:\Program Files\Internet Explorer\F12Resources.dll
2014-11-22 18:23:53    524288    ----a-w-    C:\Windows\SysWow64\msfeeds.dll
2014-11-22 18:23:53    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-11-22 18:23:53    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 18:23:53    251392    ----a-w-    C:\Program Files (x86)\Internet Explorer\IEShims.dll
2014-11-22 18:23:53    1156096    ----a-w-    C:\Windows\SysWow64\urlmon.dll
2014-11-22 18:23:52    808112    ----a-w-    C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-11-22 18:23:52    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-11-22 18:23:52    627200    ----a-w-    C:\Windows\System32\msfeeds.dll
2014-11-22 18:23:52    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-11-22 18:23:52    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 18:23:52    469504    ----a-w-    C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-11-22 18:23:52    43008    ----a-w-    C:\Windows\SysWow64\jsproxy.dll
2014-11-22 18:23:52    33792    ----a-w-    C:\Windows\System32\iernonce.dll
2014-11-22 18:23:52    271360    ----a-w-    C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2014-11-22 18:23:52    259072    ----a-w-    C:\Program Files\Internet Explorer\F12Tools.dll
2014-11-22 18:23:52    1964032    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 18:23:52    1393664    ----a-w-    C:\Windows\System32\urlmon.dll
2014-11-22 18:23:52    1127424    ----a-w-    C:\Program Files\Internet Explorer\networkinspection.dll
2014-11-22 18:23:52    11266048    ----a-w-    C:\Windows\SysWow64\ieframe.dll
2014-11-22 18:23:52    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-11-22 18:23:51    722432    ----a-w-    C:\Program Files\Internet Explorer\ieproxy.dll
2014-11-22 18:23:51    703488    ----a-w-    C:\Windows\SysWow64\ieapfltr.dll
2014-11-22 18:23:51    482816    ----a-w-    C:\Program Files\Internet Explorer\ieinstal.exe
2014-11-22 18:23:51    4244480    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-11-22 18:23:51    218624    ----a-w-    C:\Windows\System32\ie4uinit.exe
2014-11-22 18:23:51    2041856    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-11-22 18:23:51    1837056    ----a-w-    C:\Program Files\Internet Explorer\MemoryAnalyzer.dll
2014-11-22 18:23:51    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-11-22 18:23:51    1739776    ----a-w-    C:\Program Files\Internet Explorer\F12.dll
2014-11-22 18:23:51    164864    ----a-w-    C:\Windows\SysWow64\msrating.dll
2014-11-22 18:23:51    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-11-22 18:23:50    817664    ----a-w-    C:\Windows\System32\ieapfltr.dll
2014-11-22 18:23:50    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-11-22 18:23:50    5768704    ----a-w-    C:\Windows\System32\jscript9.dll
2014-11-22 18:23:50    353280    ----a-w-    C:\Program Files\Internet Explorer\IEShims.dll
2014-11-22 18:23:50    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2014-11-22 18:23:50    195584    ----a-w-    C:\Windows\System32\msrating.dll
2014-11-22 18:23:50    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-11-22 18:23:50    13051904    ----a-w-    C:\Windows\System32\ieframe.dll
2014-11-22 18:23:49    53760    ----a-w-    C:\Windows\System32\jsproxy.dll
2014-11-22 18:23:43    3210528    ----a-w-    C:\Windows\System32\msmpeg2vdec.dll
2014-11-22 18:23:43    2804528    ----a-w-    C:\Windows\SysWow64\msmpeg2vdec.dll
2014-11-22 18:23:42    4106240    ----a-w-    C:\Windows\System32\SyncEngine.dll
2014-11-22 18:23:42    2717184    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll
2014-11-22 18:23:41    834048    ----a-w-    C:\Windows\System32\audiosrv.dll
2014-11-22 18:23:41    809872    ----a-w-    C:\Windows\System32\mfmp4srcsnk.dll
2014-11-22 18:23:41    403456    ----a-w-    C:\Windows\System32\drivers\mrxsmb.sys
2014-11-22 18:23:41    369664    ----a-w-    C:\Windows\System32\wlanmsm.dll
2014-11-22 18:23:41    326024    ----a-w-    C:\Windows\SysWow64\AudioSes.dll
2014-11-22 18:23:41    300544    ----a-w-    C:\Windows\SysWow64\wlanmsm.dll
2014-11-22 18:23:41    282112    ----a-w-    C:\Windows\System32\SystemEventsBrokerServer.dll
2014-11-22 18:23:41    263168    ----a-w-    C:\Windows\System32\bisrv.dll
2014-11-22 18:23:41    2617344    ----a-w-    C:\Windows\System32\authui.dll
2014-11-22 18:23:41    2295808    ----a-w-    C:\Windows\SysWow64\authui.dll
2014-11-22 18:23:41    202240    ----a-w-    C:\Windows\System32\ubpm.dll
2014-11-22 18:23:41    1503232    ----a-w-    C:\Windows\System32\wlansvc.dll
2014-11-22 18:23:41    1415680    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-11-22 18:23:41    1399176    ----a-w-    C:\Windows\System32\winmde.dll
2014-11-22 18:23:41    1374384    ----a-w-    C:\Windows\System32\wmpmde.dll
2014-11-22 18:23:41    1204968    ----a-w-    C:\Windows\SysWow64\winmde.dll
2014-11-22 18:23:41    1119064    ----a-w-    C:\Windows\System32\drivers\ndis.sys
2014-11-22 18:23:40    980480    ----a-w-    C:\Windows\SysWow64\mispace.dll
2014-11-22 18:23:40    76800    ----a-w-    C:\Windows\System32\BulkOperationHost.exe
2014-11-22 18:23:40    745336    ----a-w-    C:\Windows\System32\oleaut32.dll
2014-11-22 18:23:40    663680    ----a-w-    C:\Windows\SysWow64\mfmp4srcsnk.dll
2014-11-22 18:23:40    589824    ----a-w-    C:\Windows\System32\rastls.dll
2014-11-22 18:23:40    552624    ----a-w-    C:\Windows\SysWow64\oleaut32.dll
2014-11-22 18:23:40    513536    ----a-w-    C:\Windows\SysWow64\rastls.dll
2014-11-22 18:23:40    470016    ----a-w-    C:\Windows\System32\mfds.dll
2014-11-22 18:23:40    465960    ----a-w-    C:\Windows\System32\AudioSes.dll
2014-11-22 18:23:40    433664    ----a-w-    C:\Windows\SysWow64\mfds.dll
2014-11-22 18:23:40    433664    ----a-w-    C:\Windows\System32\ipnathlp.dll
2014-11-22 18:23:40    32088    ----a-w-    C:\Windows\System32\ploptin.dll
2014-11-22 18:23:40    306688    ----a-w-    C:\Windows\System32\msieftp.dll
2014-11-22 18:23:40    273920    ----a-w-    C:\Windows\SysWow64\msieftp.dll
2014-11-22 18:23:40    273408    ----a-w-    C:\Windows\System32\Windows.Graphics.dll
2014-11-22 18:23:40    24064    ----a-w-    C:\Windows\System32\bi.dll
2014-11-22 18:23:40    218112    ----a-w-    C:\Windows\SysWow64\Windows.Graphics.dll
2014-11-22 18:23:40    207872    ----a-w-    C:\Windows\System32\deviceregistration.dll
2014-11-22 18:23:40    19456    ----a-w-    C:\Windows\System32\drivers\BtaMPM.sys
2014-11-22 18:23:40    142848    ----a-w-    C:\Windows\System32\drivers\ipnat.sys
2014-11-22 18:23:40    142680    ----a-w-    C:\Windows\System32\drivers\USBSTOR.SYS
2014-11-22 18:23:40    136704    ----a-w-    C:\Windows\System32\psmsrv.dll
2014-11-22 18:23:40    1227264    ----a-w-    C:\Windows\System32\mispace.dll
2014-11-22 18:23:37    23134208    ----a-w-    C:\Windows\System32\mshtml.dll
2014-11-22 18:23:36    17073152    ----a-w-    C:\Windows\SysWow64\mshtml.dll
2014-11-22 18:23:32    84992    ----a-w-    C:\Windows\System32\mshtmled.dll
2014-11-22 18:23:32    69632    ----a-w-    C:\Windows\SysWow64\mshtmled.dll
2014-11-22 18:23:30    977408    ----a-w-    C:\Windows\SysWow64\Windows.Media.Streaming.dll
2014-11-22 18:23:30    294400    ----a-w-    C:\Windows\System32\Windows.Devices.Sensors.dll
2014-11-22 18:23:30    225792    ----a-w-    C:\Windows\SysWow64\Windows.Devices.Sensors.dll
2014-11-22 18:23:30    1286552    ----a-w-    C:\Windows\System32\msctf.dll
2014-11-22 18:23:30    1217024    ----a-w-    C:\Windows\System32\Windows.Media.Streaming.dll
2014-11-22 18:23:30    1018960    ----a-w-    C:\Windows\SysWow64\msctf.dll
2014-11-22 18:23:21    1643584    ----a-w-    C:\Windows\System32\winload.efi
2014-11-22 18:23:21    1507704    ----a-w-    C:\Windows\System32\winload.exe
2014-11-22 18:23:21    1476184    ----a-w-    C:\Windows\System32\winresume.efi
2014-11-22 18:23:21    1345536    ----a-w-    C:\Windows\System32\winresume.exe
2014-11-22 18:23:15    570880    ----a-w-    C:\Windows\System32\msdrm.dll
2014-11-22 18:23:15    444928    ----a-w-    C:\Windows\SysWow64\msdrm.dll
2014-11-22 18:23:15    115712    ----a-w-    C:\Windows\System32\winbici.dll
2014-11-22 18:23:14    872840    ----a-w-    C:\Windows\System32\mfplat.dll
2014-11-22 18:23:14    698232    ----a-w-    C:\Windows\SysWow64\mfplat.dll
2014-11-22 18:23:13    75360    ----a-w-    C:\Windows\System32\imagehlp.dll
2014-11-22 18:23:13    70680    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
2014-11-22 18:23:13    2152448    ----a-w-    C:\Windows\System32\msxml3.dll
2014-11-22 18:23:13    1317376    ----a-w-    C:\Windows\SysWow64\msxml3.dll
2014-11-22 18:23:12    828416    ----a-w-    C:\Windows\System32\BFE.DLL
2014-11-22 18:23:12    136536    ----a-w-    C:\Windows\System32\drivers\wfplwfs.sys
2014-11-22 18:23:12    1287576    ----a-w-    C:\Windows\System32\kernel32.dll
2014-11-22 18:23:12    1109424    ----a-w-    C:\Windows\System32\KernelBase.dll
2014-11-22 18:23:12    1104384    ----a-w-    C:\Windows\System32\IKEEXT.DLL
2014-11-22 18:23:11    835584    ----a-w-    C:\Windows\SysWow64\KernelBase.dll
2014-11-22 18:23:11    393216    ----a-w-    C:\Windows\System32\WMPhoto.dll
2014-11-22 18:23:11    348160    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2014-11-22 18:23:11    1036288    ----a-w-    C:\Windows\SysWow64\kernel32.dll
2014-11-22 18:23:10    848384    ----a-w-    C:\Windows\System32\WSShared.dll
2014-11-22 18:23:10    84480    ----a-w-    C:\Windows\System32\WSCollect.exe
2014-11-22 18:23:10    695808    ----a-w-    C:\Windows\SysWow64\WSShared.dll
2014-11-22 18:23:10    3395920    ----a-w-    C:\Windows\System32\WSService.dll
2014-11-22 18:23:10    249856    ----a-w-    C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-22 18:23:10    189952    ----a-w-    C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-22 18:23:07    996320    ----a-w-    C:\Windows\System32\WinTypes.dll
2014-11-22 18:23:07    764864    ----a-w-    C:\Windows\System32\mfmpeg2srcsnk.dll
2014-11-22 18:23:07    6640640    ----a-w-    C:\Windows\System32\mstscax.dll
2014-11-22 18:23:07    6353960    ----a-w-    C:\Windows\System32\sppsvc.exe
2014-11-22 18:23:07    2543960    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2014-11-22 18:23:07    2143960    ----a-w-    C:\Windows\SysWow64\mfcore.dll
2014-11-22 18:23:07    2133208    ----a-w-    C:\Windows\System32\mfcore.dll
2014-11-22 18:23:07    1928144    ----a-w-    C:\Windows\System32\combase.dll
2014-11-22 18:23:07    1371824    ----a-w-    C:\Windows\SysWow64\combase.dll
2014-11-22 18:23:06    855552    ----a-w-    C:\Windows\SysWow64\rdvidcrl.dll
2014-11-22 18:23:06    716288    ----a-w-    C:\Windows\System32\swprv.dll
2014-11-22 18:23:06    669352    ----a-w-    C:\Windows\SysWow64\mfmpeg2srcsnk.dll
2014-11-22 18:23:06    64512    ----a-w-    C:\Windows\System32\tsgqec.dll
2014-11-22 18:23:06    5770752    ----a-w-    C:\Windows\SysWow64\mstscax.dll
2014-11-22 18:23:06    53248    ----a-w-    C:\Windows\SysWow64\tsgqec.dll
2014-11-22 18:23:06    458616    ----a-w-    C:\Windows\System32\WerFault.exe
2014-11-22 18:23:06    447488    ----a-w-    C:\Windows\System32\sppcomapi.dll
2014-11-22 18:23:06    4175360    ----a-w-    C:\Windows\System32\dbgeng.dll
2014-11-22 18:23:06    408480    ----a-w-    C:\Windows\SysWow64\WerFault.exe
2014-11-22 18:23:06    407024    ----a-w-    C:\Windows\System32\Faultrep.dll
2014-11-22 18:23:06    369280    ----a-w-    C:\Windows\SysWow64\Faultrep.dll
2014-11-22 18:23:06    311640    ----a-w-    C:\Windows\System32\drivers\volsnap.sys
2014-11-22 18:23:06    2873344    ----a-w-    C:\Windows\SysWow64\dbgeng.dll
2014-11-22 18:23:06    249856    ----a-w-    C:\Windows\System32\rdpencom.dll
2014-11-22 18:23:06    233920    ----a-w-    C:\Windows\System32\mfps.dll
2014-11-22 18:23:06    208896    ----a-w-    C:\Windows\SysWow64\rdpencom.dll
2014-11-22 18:23:06    160256    ----a-w-    C:\Windows\System32\DWWIN.EXE
2014-11-22 18:23:06    1486848    ----a-w-    C:\Windows\System32\dbghelp.dll
2014-11-22 18:23:06    138752    ----a-w-    C:\Windows\SysWow64\DWWIN.EXE
2014-11-22 18:23:06    1238016    ----a-w-    C:\Windows\SysWow64\dbghelp.dll
2014-11-22 18:23:06    1057280    ----a-w-    C:\Windows\System32\rdvidcrl.dll
2014-11-22 18:23:05    868448    ----a-w-    C:\Program Files\Windows Defender\MpClient.dll
2014-11-22 18:23:05    73568    ----a-w-    C:\Program Files\Windows Defender\NisWfp.dll
2014-11-22 18:23:05    661040    ----a-w-    C:\Program Files (x86)\Windows Defender\MpClient.dll
2014-11-22 18:23:05    66048    ----a-w-    C:\Program Files\Windows Defender\MsMpCom.dll
2014-11-22 18:23:05    608672    ----a-w-    C:\Program Files\Windows Defender\ProtectionManagement.dll
2014-11-22 18:23:05    58032    ----a-w-    C:\Program Files\Windows Defender\NisLog.dll
2014-11-22 18:23:05    51824    ----a-w-    C:\Program Files\Windows Defender\MpTpmAtt.dll
2014-11-22 18:23:05    507392    ----a-w-    C:\Program Files\Windows Defender\MpRtp.dll
2014-11-22 18:23:05    47448    ----a-w-    C:\Program Files\Windows Defender\MpUXSrv.exe
2014-11-22 18:23:05    438944    ----a-w-    C:\Program Files\Windows Defender\MsMpRes.dll
2014-11-22 18:23:05    35856    ----a-w-    C:\Windows\System32\drivers\WdBoot.sys
2014-11-22 18:23:05    348392    ----a-w-    C:\Program Files\Windows Defender\NisSrv.exe
2014-11-22 18:23:05    348376    ----a-w-    C:\Program Files\Windows Defender\MpCommu.dll
2014-11-22 18:23:05    347880    ----a-w-    C:\Program Files\Windows Defender\MpCmdRun.exe
2014-11-22 18:23:05    28032    ----a-w-    C:\Program Files\Windows Defender\mpuxhostproxy.dll
2014-11-22 18:23:05    23824    ----a-w-    C:\Program Files\Windows Defender\MsMpEng.exe
2014-11-22 18:23:05    236888    ----a-w-    C:\Windows\System32\drivers\WdFilter.sys
2014-11-22 18:23:05    20408    ----a-w-    C:\Program Files\Windows Defender\MsMpLics.dll
2014-11-22 18:23:05    20408    ----a-w-    C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2014-11-22 18:23:05    1571328    ----a-w-    C:\Program Files\Windows Defender\MpSvc.dll
2014-11-22 18:23:05    153248    ----a-w-    C:\Program Files\Windows Defender\EppManifest.dll
2014-11-22 18:23:05    153248    ----a-w-    C:\Program Files (x86)\Windows Defender\EppManifest.dll
2014-11-22 18:23:05    150688    ----a-w-    C:\Program Files\Windows Defender\MpAsDesc.dll
2014-11-22 18:23:05    150688    ----a-w-    C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2014-11-22 18:23:05    1330792    ----a-w-    C:\Program Files\Windows Defender\MSASCui.exe
2014-11-22 18:23:05    124760    ----a-w-    C:\Windows\System32\drivers\WdNisDrv.sys
2014-11-22 18:23:05    118776    ----a-w-    C:\Program Files\Windows Defender\MpOAV.dll
2014-11-22 18:23:05    115640    ----a-w-    C:\Program Files (x86)\Windows Defender\MpOAV.dll
2014-11-22 18:23:05    113024    ----a-w-    C:\Program Files\Windows Defender\NisIpsPlugin.dll
2014-11-22 18:23:05    109728    ----a-w-    C:\Program Files\Windows Defender\MpEvMsg.dll
2014-11-22 18:22:48    21186352    ----a-w-    C:\Windows\System32\shell32.dll
2014-11-22 18:22:47    18644072    ----a-w-    C:\Windows\SysWow64\shell32.dll
2014-11-22 18:22:44    1341288    ----a-w-    C:\Windows\System32\gdi32.dll
2014-11-22 18:22:44    1067008    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2014-11-22 18:22:39    7416832    ----a-w-    C:\Windows\System32\Windows.UI.Search.dll
2014-11-22 18:22:38    4961792    ----a-w-    C:\Windows\SysWow64\Windows.UI.Search.dll
2014-11-22 18:22:38    13209088    ----a-w-    C:\Windows\System32\twinui.dll
2014-11-22 18:22:38    11702272    ----a-w-    C:\Windows\SysWow64\twinui.dll
2014-11-22 18:22:37    919040    ----a-w-    C:\Windows\System32\MrmCoreR.dll
2014-11-22 18:22:37    830976    ----a-w-    C:\Windows\SysWow64\SearchFolder.dll
2014-11-22 18:22:37    628736    ----a-w-    C:\Windows\SysWow64\MrmCoreR.dll
2014-11-22 18:22:37    1462216    ----a-w-    C:\Windows\System32\propsys.dll
2014-11-22 18:22:37    1202888    ----a-w-    C:\Windows\SysWow64\propsys.dll
2014-11-22 18:22:37    1105408    ----a-w-    C:\Windows\System32\SearchFolder.dll
2014-11-22 18:22:36    4604416    ----a-w-    C:\Windows\System32\d2d1.dll
2014-11-22 18:22:36    3936256    ----a-w-    C:\Windows\SysWow64\d2d1.dll
2014-11-22 18:22:36    2397184    ----a-w-    C:\Windows\System32\d3d10warp.dll
2014-11-22 18:22:36    2071552    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2014-11-22 18:22:25    377176    ----a-w-    C:\Windows\System32\drivers\clfs.sys
2014-11-22 18:22:25    2008408    ----a-w-    C:\Windows\System32\drivers\ntfs.sys
2014-11-22 18:22:24    548864    ----a-w-    C:\Windows\System32\vbscript.dll
2014-11-22 18:22:24    454656    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-11-22 18:21:54    2328872    ----a-w-    C:\Windows\explorer.exe
2014-11-22 18:21:53    883184    ----a-w-    C:\Windows\SysWow64\mfasfsrcsnk.dll
2014-11-22 18:21:53    3532288    ----a-w-    C:\Windows\System32\wuaueng.dll
2014-11-22 18:21:53    2065448    ----a-w-    C:\Windows\SysWow64\explorer.exe
2014-11-22 18:21:53    1584128    ----a-w-    C:\Windows\System32\workfolderssvc.dll
2014-11-22 18:21:53    1067080    ----a-w-    C:\Windows\System32\mfasfsrcsnk.dll
2014-11-22 18:21:52    708616    ----a-w-    C:\Windows\System32\iuilp.dll
2014-11-22 18:21:52    2134120    ----a-w-    C:\Windows\System32\d3d9.dll
2014-11-22 18:21:52    1160704    ----a-w-    C:\Windows\System32\Windows.Web.Http.dll
2014-11-22 18:21:52    1011712    ----a-w-    C:\Windows\System32\TSWorkspace.dll
2014-11-22 18:21:51    920064    ----a-w-    C:\Windows\SysWow64\UIAutomationCore.dll
2014-11-22 18:21:51    761856    ----a-w-    C:\Windows\System32\WorkfoldersControl.dll
2014-11-22 18:21:51    699840    ----a-w-    C:\Windows\System32\d3d10level9.dll
2014-11-22 18:21:51    656384    ----a-w-    C:\Windows\System32\dnsapi.dll
2014-11-22 18:21:51    631296    ----a-w-    C:\Windows\System32\WWAHost.exe
2014-11-22 18:21:51    578560    ----a-w-    C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2014-11-22 18:21:51    533504    ----a-w-    C:\Windows\System32\AppReadiness.dll
2014-11-22 18:21:51    531968    ----a-w-    C:\Windows\SysWow64\comdlg32.dll
2014-11-22 18:21:51    518656    ----a-w-    C:\Windows\SysWow64\WWAHost.exe
2014-11-22 18:21:51    331776    ----a-w-    C:\Windows\System32\eapphost.dll
2014-11-22 18:21:51    1799944    ----a-w-    C:\Windows\SysWow64\d3d9.dll
2014-11-22 18:21:51    1362944    ----a-w-    C:\Windows\SysWow64\user32.dll
2014-11-22 18:21:51    1231360    ----a-w-    C:\Windows\System32\Windows.Media.dll
2014-11-22 18:21:51    1147904    ----a-w-    C:\Windows\System32\UIAutomationCore.dll
2014-11-22 18:21:48    96088    ----a-w-    C:\Windows\System32\embeddedapplauncher.exe
2014-11-22 18:21:48    888832    ----a-w-    C:\Windows\SysWow64\Windows.Media.dll
2014-11-22 18:21:48    88272    ----a-w-    C:\Windows\SysWow64\ncryptsslp.dll
2014-11-22 18:21:48    795648    ----a-w-    C:\Windows\SysWow64\TSWorkspace.dll
2014-11-22 18:21:48    762368    ----a-w-    C:\Windows\SysWow64\Windows.Web.Http.dll
2014-11-22 18:21:48    618496    ----a-w-    C:\Windows\SysWow64\apphelp.dll
2014-11-22 18:21:48    607744    ----a-w-    C:\Windows\System32\comdlg32.dll
2014-11-22 18:21:48    578952    ----a-w-    C:\Windows\SysWow64\d3d10level9.dll
2014-11-22 18:21:48    558080    ----a-w-    C:\Windows\System32\apphelp.dll
2014-11-22 18:21:48    523096    ----a-w-    C:\Windows\System32\drivers\acpi.sys
2014-11-22 18:21:48    492544    ----a-w-    C:\Windows\SysWow64\dnsapi.dll
2014-11-22 18:21:48    454656    ----a-w-    C:\Windows\System32\drivers\srv.sys
2014-11-22 18:21:48    411648    ----a-w-    C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2014-11-22 18:21:48    391512    ----a-w-    C:\Windows\System32\tsmf.dll
2014-11-22 18:21:48    345552    ----a-w-    C:\Windows\SysWow64\tsmf.dll
2014-11-22 18:21:48    325120    ----a-w-    C:\Windows\System32\eapp3hst.dll
2014-11-22 18:21:48    317616    ----a-w-    C:\Windows\System32\wintrust.dll
2014-11-22 18:21:48    286208    ----a-w-    C:\Windows\System32\pcsvDevice.dll
2014-11-22 18:21:48    262144    ----a-w-    C:\Windows\SysWow64\eapphost.dll
2014-11-22 18:21:48    235960    ----a-w-    C:\Windows\SysWow64\wintrust.dll
2014-11-22 18:21:48    221184    ----a-w-    C:\Windows\System32\profsvc.dll
2014-11-22 18:21:48    186880    ----a-w-    C:\Windows\System32\WorkFoldersShell.dll
2014-11-22 18:21:48    171864    ----a-w-    C:\Windows\System32\kd_02_8086.dll
2014-11-22 18:21:48    132608    ----a-w-    C:\Windows\System32\msched.dll
2014-11-22 18:21:48    104320    ----a-w-    C:\Windows\System32\ncryptsslp.dll
2014-11-22 18:21:47    94208    ----a-w-    C:\Windows\SysWow64\shsetup.dll
2014-11-22 18:21:47    93184    ----a-w-    C:\Windows\SysWow64\eappgnui.dll
2014-11-22 18:21:47    92672    ----a-w-    C:\Windows\System32\dafBth.dll
2014-11-22 18:21:47    903168    ----a-w-    C:\Windows\System32\iphlpsvc.dll
2014-11-22 18:21:47    83968    ----a-w-    C:\Windows\System32\TSWbPrxy.exe
2014-11-22 18:21:47    830464    ----a-w-    C:\Windows\System32\samsrv.dll
2014-11-22 18:21:47    81920    ----a-w-    C:\Windows\System32\drivers\BTHUSB.SYS
2014-11-22 18:21:47    57176    ----a-w-    C:\Windows\System32\drivers\stornvme.sys
2014-11-22 18:21:47    54776    ----a-w-    C:\Windows\System32\wuauclt.exe
2014-11-22 18:21:47    44936    ----a-w-    C:\Windows\System32\wldp.dll
2014-11-22 18:21:47    381952    ----a-w-    C:\Windows\System32\WUSettingsProvider.dll
2014-11-22 18:21:47    335360    ----a-w-    C:\Windows\System32\eappcfg.dll
2014-11-22 18:21:47    272896    ----a-w-    C:\Windows\SysWow64\eappcfg.dll
2014-11-22 18:21:47    258904    ----a-w-    C:\Windows\System32\drivers\rdyboost.sys
2014-11-22 18:21:47    255488    ----a-w-    C:\Windows\System32\dnsrslvr.dll
2014-11-22 18:21:47    245248    ----a-w-    C:\Windows\SysWow64\eapp3hst.dll
2014-11-22 18:21:47    226304    ----a-w-    C:\Windows\System32\miutils.dll
2014-11-22 18:21:47    184832    ----a-w-    C:\Windows\System32\dafWfdProvider.dll
2014-11-22 18:21:47    180224    ----a-w-    C:\Windows\SysWow64\miutils.dll
2014-11-22 18:21:47    155480    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2014-11-22 18:21:47    1200640    ----a-w-    C:\Windows\System32\drivers\bthport.sys
2014-11-22 18:21:47    113152    ----a-w-    C:\Windows\System32\shsetup.dll
2014-11-22 18:21:47    103424    ----a-w-    C:\Windows\System32\WiFiDisplay.dll
2014-11-22 18:21:47    101888    ----a-w-    C:\Windows\System32\eappgnui.dll
2014-11-22 18:21:46    53248    ----a-w-    C:\Windows\System32\ftp.exe
2014-11-22 18:21:46    49152    ----a-w-    C:\Windows\SysWow64\ftp.exe
2014-11-22 18:21:46    338944    ----a-w-    C:\Windows\System32\rdpclip.exe
2014-11-22 18:21:46    1704448    ----a-w-    C:\Windows\System32\wucltux.dll
2014-11-22 18:21:39    139776    ----a-w-    C:\Windows\System32\poqexec.exe
2014-11-22 18:21:39    124416    ----a-w-    C:\Windows\SysWow64\poqexec.exe
2014-11-22 18:21:23    1245696    ----a-w-    C:\Windows\System32\sysmain.dll
2014-11-22 18:21:23    11366912    ----a-w-    C:\Windows\System32\glcndFilter.dll
2014-11-22 18:21:22    12028416    ----a-w-    C:\Windows\System32\Windows.Data.Pdf.dll
2014-11-22 18:21:21    1555456    ----a-w-    C:\Windows\System32\wlidsvc.dll
2014-11-22 18:21:19    8712704    ----a-w-    C:\Windows\SysWow64\glcndFilter.dll
2014-11-22 18:21:19    796928    ----a-w-    C:\Windows\SysWow64\mfsrcsnk.dll
2014-11-22 18:21:19    783504    ----a-w-    C:\Windows\System32\mfnetcore.dll
2014-11-22 18:21:19    1662464    ----a-w-    C:\Windows\System32\Windows.UI.Immersive.dll
2014-11-22 18:21:18    940544    ----a-w-    C:\Windows\System32\kerberos.dll
2014-11-22 18:21:18    8875008    ----a-w-    C:\Windows\SysWow64\Windows.Data.Pdf.dll
2014-11-22 18:21:18    648648    ----a-w-    C:\Windows\SysWow64\mfnetcore.dll
2014-11-22 18:21:18    1455616    ----a-w-    C:\Windows\SysWow64\Windows.UI.Immersive.dll
2014-11-22 18:21:17    756224    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-11-22 18:21:17    663552    ----a-w-    C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2014-11-22 18:21:17    504320    ----a-w-    C:\Windows\System32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2014-11-22 18:21:17    405504    ----a-w-    C:\Windows\System32\vpnike.dll
2014-11-22 18:21:17    401920    ----a-w-    C:\Windows\System32\wlidprov.dll
2014-11-22 18:21:17    2050560    ----a-w-    C:\Windows\System32\SRH.dll
2014-11-22 18:21:17    1730560    ----a-w-    C:\Windows\System32\dui70.dll
2014-11-22 18:21:17    1534504    ----a-w-    C:\Windows\System32\ole32.dll
2014-11-22 18:21:17    1150976    ----a-w-    C:\Windows\System32\Windows.Globalization.dll
2014-11-22 18:21:17    1092896    ----a-w-    C:\Windows\SysWow64\ole32.dll
2014-11-22 18:21:16    934856    ----a-w-    C:\Windows\System32\mfsrcsnk.dll
2014-11-22 18:21:16    534048    ----a-w-    C:\Windows\System32\wer.dll
2014-11-22 18:21:16    524288    ----a-w-    C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll
2014-11-22 18:21:16    314368    ----a-w-    C:\Windows\SysWow64\wlidprov.dll
2014-11-22 18:21:15    802816    ----a-w-    C:\Windows\SysWow64\Windows.Globalization.dll
2014-11-22 18:21:15    726528    ----a-w-    C:\Windows\System32\twinapi.dll
2014-11-22 18:21:15    675328    ----a-w-    C:\Windows\System32\drivers\srv2.sys
2014-11-22 18:21:15    570880    ----a-w-    C:\Windows\System32\SettingSync.dll
2014-11-22 18:21:15    492032    ----a-w-    C:\Windows\System32\tpmvsc.dll
2014-11-22 18:21:15    453632    ----a-w-    C:\Windows\System32\wbiosrvc.dll
2014-11-22 18:21:15    427096    ----a-w-    C:\Windows\SysWow64\wer.dll
2014-11-22 18:21:15    365568    ----a-w-    C:\Windows\System32\wcmsvc.dll
2014-11-22 18:21:15    171968    ----a-w-    C:\Windows\System32\sspicli.dll
2014-11-22 18:21:15    1344000    ----a-w-    C:\Windows\SysWow64\dui70.dll
2014-11-22 18:21:14    97280    ----a-w-    C:\Windows\System32\drivers\agilevpn.sys
2014-11-22 18:21:14    81408    ----a-w-    C:\Windows\System32\SkyDriveShell.dll
2014-11-22 18:21:14    552448    ----a-w-    C:\Windows\SysWow64\twinapi.dll
2014-11-22 18:21:14    467800    ----a-w-    C:\Windows\System32\drivers\USBHUB3.SYS
2014-11-22 18:21:14    459776    ----a-w-    C:\Windows\System32\wcncsvc.dll
2014-11-22 18:21:14    455168    ----a-w-    C:\Windows\SysWow64\SettingSync.dll
2014-11-22 18:21:14    366688    ----a-w-    C:\Windows\System32\msvproc.dll
2014-11-22 18:21:14    363520    ----a-w-    C:\Windows\System32\livessp.dll
2014-11-22 18:21:14    312936    ----a-w-    C:\Windows\SysWow64\msvproc.dll
2014-11-22 18:21:14    273408    ----a-w-    C:\Windows\System32\TetheringMgr.dll
2014-11-22 18:21:14    240128    ----a-w-    C:\Windows\System32\WinSCard.dll
2014-11-22 18:21:14    236376    ----a-w-    C:\Windows\System32\drivers\sdbus.sys
2014-11-22 18:21:14    207360    ----a-w-    C:\Windows\System32\drivers\mrxsmb20.sys
2014-11-22 18:21:14    205024    ----a-w-    C:\Windows\System32\mftranscode.dll
2014-11-22 18:21:14    194560    ----a-w-    C:\Windows\System32\dpapisrv.dll
2014-11-22 18:21:14    1741824    ----a-w-    C:\Windows\SysWow64\SRH.dll
2014-11-22 18:21:14    123480    ----a-w-    C:\Windows\System32\dwmapi.dll
2014-11-22 18:21:13    98104    ----a-w-    C:\Windows\SysWow64\dwmapi.dll
2014-11-22 18:21:13    66048    ----a-w-    C:\Windows\SysWow64\SkyDriveShell.dll
2014-11-22 18:21:13    638464    ----a-w-    C:\Windows\System32\riched20.dll
2014-11-22 18:21:13    597504    ----a-w-    C:\Windows\System32\msra.exe
2014-11-22 18:21:13    579416    ----a-w-    C:\Windows\System32\drivers\fvevol.sys
2014-11-22 18:21:13    528048    ----a-w-    C:\Windows\System32\ci.dll
2014-11-22 18:21:13    456192    ----a-w-    C:\Windows\System32\sysmon.ocx
2014-11-22 18:21:13    358912    ----a-w-    C:\Windows\System32\vmrdvcore.dll
2014-11-22 18:21:13    326656    ----a-w-    C:\Windows\System32\SessEnv.dll
2014-11-22 18:21:13    290816    ----a-w-    C:\Windows\System32\fdprint.dll
2014-11-22 18:21:13    199680    ----a-w-    C:\Windows\System32\DscCore.dll
2014-11-22 18:21:13    198656    ----a-w-    C:\Windows\System32\DscCoreConfProv.dll
2014-11-22 18:21:13    180232    ----a-w-    C:\Windows\SysWow64\mftranscode.dll
2014-11-22 18:21:13    168448    ----a-w-    C:\Windows\SysWow64\WinSCard.dll
2014-11-22 18:21:13    167424    ----a-w-    C:\Windows\System32\drivers\rfcomm.sys
2014-11-22 18:21:13    151384    ----a-w-    C:\Windows\System32\drivers\dumpsd.sys
2014-11-22 18:21:13    1185280    ----a-w-    C:\Windows\System32\printui.dll
2014-11-22 18:21:13    101208    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2014-11-22 18:21:12    970752    ----a-w-    C:\Windows\System32\WebcamUi.dll
2014-11-22 18:21:12    738304    ----a-w-    C:\Windows\System32\msctfuimanager.dll
2014-11-22 18:21:12    471552    ----a-w-    C:\Windows\System32\pcasvc.dll
2014-11-22 18:21:12    426496    ----a-w-    C:\Windows\System32\Windows.Devices.Usb.dll
2014-11-22 18:21:12    393728    ----a-w-    C:\Windows\SysWow64\sysmon.ocx
2014-11-22 18:21:12    334336    ----a-w-    C:\Windows\System32\MDEServer.exe
2014-11-22 18:21:12    280576    ----a-w-    C:\Windows\SysWow64\SessEnv.dll
2014-11-22 18:21:12    233984    ----a-w-    C:\Windows\System32\Windows.Devices.HumanInterfaceDevice.dll
2014-11-22 18:21:12    230400    ----a-w-    C:\Windows\System32\CryptoWinRT.dll
2014-11-22 18:21:12    158208    ----a-w-    C:\Windows\System32\thumbcache.dll
2014-11-22 18:21:11    98304    ----a-w-    C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2014-11-22 18:21:11    81920    ----a-w-    C:\Windows\System32\Utilman.exe
2014-11-22 18:21:11    813568    ----a-w-    C:\Windows\SysWow64\WebcamUi.dll
2014-11-22 18:21:11    695808    ----a-w-    C:\Windows\SysWow64\msctfuimanager.dll
2014-11-22 18:21:11    66904    ----a-w-    C:\Windows\System32\PSHED.DLL
2014-11-22 18:21:11    64000    ----a-w-    C:\Windows\System32\WorkFoldersGPExt.dll
2014-11-22 18:21:11    638464    ----a-w-    C:\Windows\System32\wimgapi.dll
2014-11-22 18:21:11    63488    ----a-w-    C:\Windows\System32\BthRadioMedia.dll
2014-11-22 18:21:11    556032    ----a-w-    C:\Windows\System32\recimg.exe
2014-11-22 18:21:11    54784    ----a-w-    C:\Windows\System32\pcaui.dll
2014-11-22 18:21:11    54272    ----a-w-    C:\Windows\System32\rdsdwmdr.dll
2014-11-22 18:21:11    513536    ----a-w-    C:\Windows\SysWow64\riched20.dll
2014-11-22 18:21:11    503808    ----a-w-    C:\Windows\System32\DeviceCenter.dll
2014-11-22 18:21:11    442368    ----a-w-    C:\Windows\System32\drivers\nwifi.sys
2014-11-22 18:21:11    353792    ----a-w-    C:\Windows\System32\dhcpcore.dll
2014-11-22 18:21:11    288256    ----a-w-    C:\Windows\SysWow64\Windows.Devices.Usb.dll
2014-11-22 18:21:11    285696    ----a-w-    C:\Windows\SysWow64\dhcpcore.dll
2014-11-22 18:21:11    285696    ----a-w-    C:\Windows\System32\drivers\ks.sys
2014-11-22 18:21:11    256000    ----a-w-    C:\Windows\SysWow64\fdprint.dll
2014-11-22 18:21:11    248320    ----a-w-    C:\Windows\System32\rascustom.dll
2014-11-22 18:21:11    244736    ----a-w-    C:\Windows\System32\Windows.Networking.Vpn.dll
2014-11-22 18:21:11    244224    ----a-w-    C:\Windows\System32\drivers\srvnet.sys
2014-11-22 18:21:11    175960    ----a-w-    C:\Windows\System32\drivers\VerifierExt.sys
2014-11-22 18:21:11    159232    ----a-w-    C:\Windows\System32\SensorsClassExtension.dll
2014-11-22 18:21:11    155136    ----a-w-    C:\Windows\SysWow64\Windows.Devices.HumanInterfaceDevice.dll
2014-11-22 18:21:11    153600    ----a-w-    C:\Windows\SysWow64\CryptoWinRT.dll
2014-11-22 18:21:11    136704    ----a-w-    C:\Windows\System32\WorkFolders.exe
2014-11-22 18:21:11    131584    ----a-w-    C:\Windows\System32\efswrt.dll
2014-11-22 18:21:11    1225728    ----a-w-    C:\Windows\System32\usercpl.dll
2014-11-22 18:21:11    117760    ----a-w-    C:\Windows\SysWow64\WorkFoldersRes.dll
2014-11-22 18:21:11    117760    ----a-w-    C:\Windows\System32\WorkFoldersRes.dll
2014-11-22 18:21:11    116736    ----a-w-    C:\Windows\SysWow64\thumbcache.dll
2014-11-22 18:21:11    109568    ----a-w-    C:\Windows\System32\AxInstSv.dll
2014-11-22 18:21:11    1057792    ----a-w-    C:\Windows\SysWow64\printui.dll
2014-11-22 18:21:10    95744    ----a-w-    C:\Windows\System32\fontsub.dll
2014-11-22 18:21:10    83456    ----a-w-    C:\Windows\System32\drivers\appid.sys
2014-11-22 18:21:10    79360    ----a-w-    C:\Windows\SysWow64\fontsub.dll
2014-11-22 18:21:10    69632    ----a-w-    C:\Windows\SysWow64\Utilman.exe
2014-11-22 18:21:10    528896    ----a-w-    C:\Windows\SysWow64\wimgapi.dll
2014-11-22 18:21:10    491520    ----a-w-    C:\Windows\System32\GeofenceMonitorService.dll
2014-11-22 18:21:10    482816    ----a-w-    C:\Windows\SysWow64\DeviceCenter.dll
2014-11-22 18:21:10    47616    ----a-w-    C:\Windows\SysWow64\pcaui.dll
2014-11-22 18:21:10    357376    ----a-w-    C:\Windows\SysWow64\GeofenceMonitorService.dll
2014-11-22 18:21:10    284160    ----a-w-    C:\Windows\System32\mcbuilder.exe
2014-11-22 18:21:10    253952    ----a-w-    C:\Windows\SysWow64\mcbuilder.exe
2014-11-22 18:21:10    200704    ----a-w-    C:\Windows\System32\ReInfo.dll
2014-11-22 18:21:10    1160704    ----a-w-    C:\Windows\SysWow64\usercpl.dll
2014-11-22 18:21:10    102400    ----a-w-    C:\Windows\SysWow64\efswrt.dll
2014-11-22 18:21:10    101376    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-11-22 18:21:06    160768    ----a-w-    C:\Windows\System32\AppxAllUserStore.dll
2014-11-22 18:21:06    139776    ----a-w-    C:\Windows\SysWow64\AppxAllUserStore.dll
2014-11-22 18:21:05    869888    ----a-w-    C:\Windows\SysWow64\twinui.appcore.dll
2014-11-22 18:21:05    2801664    ----a-w-    C:\Windows\System32\actxprxy.dll
2014-11-22 18:21:05    1085952    ----a-w-    C:\Windows\System32\twinui.appcore.dll
2014-11-22 18:21:05    1019392    ----a-w-    C:\Windows\SysWow64\actxprxy.dll
2014-11-22 18:21:03    586240    ----a-w-    C:\Windows\System32\qedit.dll
2014-11-22 18:21:03    488448    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-11-22 18:21:03    4189184    ----a-w-    C:\Windows\System32\win32k.sys
2014-11-22 18:21:02    18576384    ----a-w-    C:\Windows\System32\Windows.UI.Xaml.dll
2014-11-22 18:21:00    13949440    ----a-w-    C:\Windows\SysWow64\Windows.UI.Xaml.dll
2014-11-22 18:20:58    516496    ----a-w-    C:\Windows\System32\dxgi.dll
2014-11-22 18:20:58    2143744    ----a-w-    C:\Windows\System32\dwmcore.dll
2014-11-22 18:20:58    2140888    ----a-w-    C:\Windows\System32\d3d11.dll
2014-11-22 18:20:58    1765384    ----a-w-    C:\Windows\SysWow64\d3d11.dll
2014-11-22 18:20:58    1765376    ----a-w-    C:\Windows\SysWow64\dwmcore.dll
2014-11-22 18:20:58    1720560    ----a-w-    C:\Windows\System32\ntdll.dll
2014-11-22 18:20:58    1530712    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2014-11-22 18:20:58    1472048    ----a-w-    C:\Windows\SysWow64\ntdll.dll
2014-11-22 18:20:58    1214976    ----a-w-    C:\Windows\System32\schedsvc.dll
2014-11-22 18:20:57    960512    ----a-w-    C:\Windows\System32\MFMediaEngine.dll
2014-11-22 18:20:57    947712    ----a-w-    C:\Windows\System32\reseteng.dll
2014-11-22 18:20:57    914944    ----a-w-    C:\Windows\System32\ReAgent.dll
2014-11-22 18:20:57    842752    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.dll
2014-11-22 18:20:57    802816    ----a-w-    C:\Windows\SysWow64\MFMediaEngine.dll
2014-11-22 18:20:57    770560    ----a-w-    C:\Windows\SysWow64\ReAgent.dll
2014-11-22 18:20:57    749056    ----a-w-    C:\Windows\System32\SettingSyncCore.dll
2014-11-22 18:20:57    628736    ----a-w-    C:\Windows\System32\SettingSyncHost.exe
2014-11-22 18:20:57    588800    ----a-w-    C:\Windows\SysWow64\SettingSyncCore.dll
2014-11-22 18:20:57    481944    ----a-w-    C:\Windows\System32\mfsvr.dll
2014-11-22 18:20:57    478208    ----a-w-    C:\Windows\SysWow64\SettingSyncHost.exe
2014-11-22 18:20:57    461312    ----a-w-    C:\Windows\System32\XpsGdiConverter.dll
2014-11-22 18:20:57    419160    ----a-w-    C:\Windows\System32\hal.dll
2014-11-22 18:20:57    406400    ----a-w-    C:\Windows\SysWow64\dxgi.dll
2014-11-22 18:20:57    382808    ----a-w-    C:\Windows\System32\drivers\dxgmms1.sys
2014-11-22 18:20:57    381168    ----a-w-    C:\Windows\SysWow64\mfsvr.dll
2014-11-22 18:20:57    376320    ----a-w-    C:\Windows\System32\pnrpsvc.dll
2014-11-22 18:20:57    336896    ----a-w-    C:\Windows\SysWow64\XpsGdiConverter.dll
2014-11-22 18:20:57    206336    ----a-w-    C:\Windows\System32\WSClient.dll
2014-11-22 18:20:57    174592    ----a-w-    C:\Windows\SysWow64\WSClient.dll
2014-11-22 18:20:56    630272    ----a-w-    C:\Windows\SysWow64\MsSpellCheckingFacility.dll
2014-11-22 18:20:56    408576    ----a-w-    C:\Windows\System32\drivers\rdbss.sys
2014-11-22 18:20:56    325464    ----a-w-    C:\Windows\System32\drivers\USBXHCI.SYS
2014-11-22 18:20:56    303616    ----a-w-    C:\Windows\System32\sti.dll
2014-11-22 18:20:56    218112    ----a-w-    C:\Windows\SysWow64\sti.dll
2014-11-22 18:20:56    178176    ----a-w-    C:\Windows\System32\easwrt.dll
2014-11-22 18:20:56    140800    ----a-w-    C:\Windows\SysWow64\easwrt.dll
2014-11-22 18:20:56    138240    ----a-w-    C:\Windows\System32\OEMLicense.dll
2014-11-22 18:20:56    131160    ----a-w-    C:\Windows\System32\easinvoker.exe
2014-11-22 18:20:56    103936    ----a-w-    C:\Windows\SysWow64\OEMLicense.dll
2014-11-22 18:20:30    18944    ----a-w-    C:\Windows\System32\pcaui.exe
2014-11-22 18:20:30    17408    ----a-w-    C:\Windows\SysWow64\pcaui.exe
2014-11-22 18:20:28    7399256    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2014-11-22 18:20:28    1302528    ----a-w-    C:\Windows\System32\AppXDeploymentServer.dll
2014-11-22 18:20:27    565248    ----a-w-    C:\Windows\System32\SkyDrive.exe
2014-11-22 18:20:27    358896    ----a-w-    C:\Windows\System32\dcomp.dll
2014-11-22 18:20:27    2896896    ----a-w-    C:\Windows\System32\msftedit.dll
2014-11-22 18:20:27    2570240    ----a-w-    C:\Windows\System32\SettingsHandlers.dll
2014-11-22 18:20:27    225792    ----a-w-    C:\Windows\SysWow64\dcomp.dll
2014-11-22 18:20:26    922624    ----a-w-    C:\Windows\System32\AppXDeploymentExtensions.dll
2014-11-22 18:20:26    86872    ----a-w-    C:\Windows\System32\drivers\pdc.sys
2014-11-22 18:20:26    747008    ----a-w-    C:\Windows\System32\wlidcli.dll
2014-11-22 18:20:26    566784    ----a-w-    C:\Windows\System32\wpncore.dll
2014-11-22 18:20:26    449024    ----a-w-    C:\Windows\System32\appmgr.dll
2014-11-22 18:20:26    39768    ----a-w-    C:\Windows\System32\drivers\intelpep.sys
2014-11-22 18:20:26    372568    ----a-w-    C:\Windows\System32\drivers\spaceport.sys
2014-11-22 18:20:26    30208    ----a-w-    C:\Windows\System32\CredentialMigrationHandler.dll
2014-11-22 18:20:26    254464    ----a-w-    C:\Windows\System32\AppXDeploymentClient.dll
2014-11-22 18:20:26    2266624    ----a-w-    C:\Windows\SysWow64\msftedit.dll
2014-11-22 18:20:26    198656    ----a-w-    C:\Windows\SysWow64\AppXDeploymentClient.dll
2014-11-22 18:20:26    1756160    ----a-w-    C:\Windows\System32\WMPDMC.exe
2014-11-22 18:20:26    146776    ----a-w-    C:\Windows\System32\drivers\SerCx2.sys
2014-11-22 18:20:26    1391104    ----a-w-    C:\Windows\SysWow64\WMPDMC.exe
2014-11-22 18:20:25    544768    ----a-w-    C:\Windows\SysWow64\wlidcli.dll
2014-11-22 18:20:25    366080    ----a-w-    C:\Windows\SysWow64\appmgr.dll
2014-11-22 18:20:25    27136    ----a-w-    C:\Windows\SysWow64\CredentialMigrationHandler.dll
2014-11-22 18:20:25    1843712    ----a-w-    C:\Windows\System32\Display.dll
2014-11-22 18:20:25    1816576    ----a-w-    C:\Windows\SysWow64\Display.dll
2014-11-22 18:20:12    688640    ----a-w-    C:\Windows\System32\MrmIndexer.dll
2014-11-22 18:20:12    669184    ----a-w-    C:\Windows\System32\SkyDriveTelemetry.dll
2014-11-22 18:20:12    515072    ----a-w-    C:\Windows\SysWow64\MrmIndexer.dll
2014-11-22 18:20:07    787968    ----a-w-    C:\Windows\System32\uDWM.dll
2014-11-22 18:20:07    197120    ----a-w-    C:\Windows\System32\scrrun.dll
2014-11-22 18:20:07    1943536    ----a-w-    C:\Windows\System32\crypt32.dll
2014-11-22 18:20:07    1581968    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2014-11-22 18:20:07    156672    ----a-w-    C:\Windows\SysWow64\scrrun.dll
2014-11-22 18:19:06    615936    ----a-w-    C:\Windows\System32\MDMAgent.exe
2014-11-22 18:19:06    414720    ----a-w-    C:\Windows\System32\wbem\MDMSettingsProv.dll
2014-11-22 18:19:06    287744    ----a-w-    C:\Windows\System32\mdmregistration.dll
2014-11-22 18:19:06    240128    ----a-w-    C:\Windows\SysWow64\mdmregistration.dll
2014-11-22 18:19:06    156672    ----a-w-    C:\Windows\System32\wbem\MDMAppProv.dll
2014-11-22 18:12:36    17536    ----a-w-    C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-11-22 18:10:57    --------    d-----w-    C:\Program Files\Synaptics
2014-11-22 18:10:11    --------    d-----w-    C:\Program Files (x86)\Intel
2014-11-22 18:10:08    64000    ----a-w-    C:\Windows\System32\OpenCL.DLL
2014-11-22 18:10:08    60416    ----a-w-    C:\Windows\SysWow64\OpenCL.DLL
2014-11-22 18:10:08    --------    d-----w-    C:\Intel
2014-11-22 18:10:07    --------    d-----w-    C:\Program Files\Intel
2014-11-22 18:10:05    --------    d-----w-    C:\Program Files (x86)\Common Files\Intel
2014-11-22 18:08:30    --------    d-----w-    C:\Windows\System32\wbem\Performance
2014-11-22 18:07:51    --------    d-----w-    C:\Users\Brendan\AppData\Roaming\Mozilla
2014-11-22 18:07:51    --------    d-----w-    C:\Users\Brendan\AppData\Local\Mozilla
.
==================== Find6M  ====================
.
2014-10-30 00:55:02    714208    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-10-30 00:55:02    106976    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-06 17:14:46    1795952    ----a-w-    C:\Windows\System32\WdfCoInstaller01011.dll
2014-08-06 17:14:34    528112    ----a-w-    C:\Windows\System32\drivers\SynTP.sys
2014-08-06 17:14:34    422128    ----a-w-    C:\Windows\System32\SynTPCo19.dll
2014-08-06 17:14:34    251632    ----a-w-    C:\Windows\System32\SynTPAPI.dll
2014-08-06 17:14:34    169712    ----a-w-    C:\Windows\SysWow64\SynTPCom.dll
2014-08-06 17:14:24    400112    ----a-w-    C:\Windows\SysWow64\SynCom.dll
2014-08-06 17:14:22    722672    ----a-w-    C:\Windows\System32\SynCOM.dll
.
============= FINISH: 12:37:57.71 ===============

Edit: Topic moved from Windows 8 to the more appropriate forum. Duplicate of this topic deleted.~ Animal

BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:12:19 AM

Posted 24 November 2014 - 04:50 PM

Hi,

 

If you still need help please download and run FRST. You can get the 64bit version. Lets see what it digs up:

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
    When the tool opens
When the tool opens click Yes to disclaimer.
    Press the Scan button.
    When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
    Please copy and paste the log in your next reply.

The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
 


How Can I Reduce My Risk to Malware?





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users