Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Persistent (BIOS/Firmware?) Virus, spyware, malware.


  • This topic is locked This topic is locked
12 replies to this topic

#1 consultantbis

consultantbis

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 04 December 2014 - 03:56 PM

Hi, I have a persistent infection that can't even be rid with factory restore disks. Seems to dump data or give remote view. Using windows 8. Made a log for gmer but am having trouble uploading.

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adam at 2014-12-04 16:18:53
Microsoft Windows 8
System drive C: has 359 GB (84%) free of 428 GB
Total RAM: 3962 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:18:59 PM, on 12/4/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\trend micro\Adam.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CyberGhost] "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\COMODO\GeekBuddy\launcher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: CyberGhost 5 Client Service (CGVPNCliService) - CyberGhost S.R.L - C:\Program Files\CyberGhost 5\Service.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8082 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
"C:\Program Files\CyberGhost 5\Service.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\System32\WinLogon.exe -SpecialSession
"LogonUI.exe" /flags:0x0
 -hiberboot
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\System32\WinLogon.exe -SpecialSession
"LogonUI.exe" /flags:0x0
 -hiberboot
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\windows\System32\msdtc.exe
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
taskhostex.exe Idle
C:\windows\system32\svchost.exe -k imgsvc
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\System32\WinLogon.exe -SpecialSession
"LogonUI.exe" /flags:0x0
 -hiberboot
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\System32\WinLogon.exe -SpecialSession
"LogonUI.exe" /flags:0x0
 -hiberboot
"C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe"
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k rpcss
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\System32\WinLogon.exe -SpecialSession
 -hiberboot
taskeng.exe {8A5D1493-0790-4ADD-B0BC-1FD879E266D6}
taskhostex.exe
C:\windows\Explorer.EXE
igfxEM.exe
igfxHK.exe
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
"C:\Program Files\COMODO\GeekBuddy\unit_manager.exe"
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files\COMODO\GeekBuddy\unit"  "\"C:/Program Files/COMODO/GeekBuddy/lps-cspm\""
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Users\Adam\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CyberGhost"=C:\Program Files\CyberGhost 5\CyberGhost.EXE [2014-11-25 410216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"tvncontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-11-21 2327248]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-21 959176]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2014-12-02 96056]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Start GeekBuddy.lnk - C:\Program Files\COMODO\GeekBuddy\launcher.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-04 16:16:58 ----D---- C:\Program Files\trend micro
2014-12-04 16:16:56 ----D---- C:\rsit
2014-12-04 14:58:26 ----D---- C:\Users\Adam\AppData\Roaming\Wireshark
2014-12-04 11:35:25 ----D---- C:\Program Files (x86)\WinPcap
2014-12-04 11:34:35 ----D---- C:\Program Files\Wireshark
2014-12-03 13:52:06 ----HD---- C:\VTRoot
2014-12-03 13:52:02 ----A---- C:\windows\system32\drivers\fvstore.dat
2014-12-02 16:55:09 ----D---- C:\Program Files (x86)\Microsoft
2014-12-02 16:54:42 ----D---- C:\Users\Adam\AppData\Roaming\HpUpdate
2014-12-02 16:54:39 ----N---- C:\windows\system32\HPDiscoPM5D12.dll
2014-12-02 16:54:10 ----D---- C:\ProgramData\HP
2014-12-02 16:54:10 ----D---- C:\Program Files\HP
2014-12-02 16:54:05 ----A---- C:\ProgramData\Ament.ini
2014-12-02 16:53:29 ----A---- C:\windows\system32\hpinkins5D12.exe
2014-12-02 16:45:16 ----D---- C:\Program Files (x86)\Hp
2014-12-02 16:45:16 ----D---- C:\Program Files (x86)\Hewlett-Packard
2014-12-02 12:55:58 ----D---- C:\Program Files (x86)\Comodo
2014-12-01 10:59:04 ----D---- C:\Program Files (x86)\ESET
2014-11-29 12:22:18 ----A---- C:\windows\system32\FNTCACHE.DAT
2014-11-28 12:12:17 ----D---- C:\windows\system32\AutoUpdateLicense
2014-11-26 15:10:28 ----A---- C:\windows\system32\AutoUpdate.exe
2014-11-26 15:10:27 ----A---- C:\windows\SYSWOW64\WSShared.dll
2014-11-26 15:10:27 ----A---- C:\windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-26 15:10:27 ----A---- C:\windows\system32\WSShared.dll
2014-11-26 15:10:27 ----A---- C:\windows\system32\WinSetupUI.dll
2014-11-26 15:10:27 ----A---- C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-26 15:10:27 ----A---- C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-11-26 15:10:27 ----A---- C:\windows\system32\NotificationUI.exe
2014-11-26 15:09:34 ----A---- C:\windows\system32\ntdll.dll
2014-11-26 15:09:31 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2014-11-26 15:09:31 ----A---- C:\windows\system32\localspl.dll
2014-11-26 15:09:30 ----A---- C:\windows\system32\drivers\volsnap.sys
2014-11-26 15:09:30 ----A---- C:\windows\system32\drivers\srv2.sys
2014-11-26 15:09:28 ----A---- C:\windows\system32\storagewmi.dll
2014-11-26 15:09:27 ----A---- C:\windows\system32\WMVDECOD.DLL
2014-11-26 15:09:26 ----A---- C:\windows\system32\winload.exe
2014-11-26 15:09:26 ----A---- C:\windows\system32\d3d10warp.dll
2014-11-26 15:09:25 ----A---- C:\windows\SYSWOW64\ntdll.dll
2014-11-26 15:09:25 ----A---- C:\windows\SYSWOW64\dwmapi.dll
2014-11-26 15:09:24 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2014-11-26 15:09:24 ----A---- C:\windows\system32\winresume.exe
2014-11-26 15:09:23 ----A---- C:\windows\SYSWOW64\storagewmi.dll
2014-11-26 15:09:23 ----A---- C:\windows\system32\wcmsvc.dll
2014-11-26 15:09:23 ----A---- C:\windows\system32\dwmapi.dll
2014-11-26 15:09:22 ----A---- C:\windows\system32\win32spl.dll
2014-11-26 15:09:22 ----A---- C:\windows\system32\wcmcsp.dll
2014-11-26 15:09:22 ----A---- C:\windows\system32\profsvc.dll
2014-11-26 15:09:22 ----A---- C:\windows\system32\drivers\srvnet.sys
2014-11-26 15:09:22 ----A---- C:\windows\system32\defragsvc.dll
2014-11-26 15:09:20 ----A---- C:\windows\SYSWOW64\KBDYAK.DLL
2014-11-26 15:09:20 ----A---- C:\windows\SYSWOW64\KBDTAT.DLL
2014-11-26 15:09:20 ----A---- C:\windows\SYSWOW64\KBDRUM.DLL
2014-11-26 15:09:20 ----A---- C:\windows\SYSWOW64\KBDRU1.DLL
2014-11-26 15:09:20 ----A---- C:\windows\SYSWOW64\KBDRU.DLL
2014-11-26 15:09:20 ----A---- C:\windows\SYSWOW64\KBDBASH.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\KBDYAK.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\KBDTAT.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\KBDRUM.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\KBDRU1.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\KBDRU.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\KBDBASH.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\Defrag.exe
2014-11-26 12:29:54 ----SD---- C:\windows\system32\CompatTel
2014-11-26 11:41:02 ----A---- C:\windows\SYSWOW64\certsentry.dll
2014-11-26 11:41:02 ----A---- C:\windows\system32\certsentry.dll
2014-11-26 11:40:30 ----A---- C:\windows\SYSWOW64\msvcr71.dll
2014-11-26 11:40:30 ----A---- C:\windows\SYSWOW64\mfc71.dll
2014-11-26 10:12:42 ----D---- C:\Program Files (x86)\Google
2014-11-25 14:23:31 ----D---- C:\Program Files\TAP-Windows
2014-11-25 14:22:59 ----D---- C:\Program Files\CyberGhost 5
2014-11-25 11:54:14 ----A---- C:\windows\system32\drivers\Neo_VPN2.sys
2014-11-25 11:50:53 ----A---- C:\windows\system32\drivers\Neo_VPN.sys
2014-11-25 11:50:31 ----A---- C:\windows\system32\vpncmd.exe
2014-11-25 11:50:10 ----D---- C:\Program Files\SoftEther VPN Client
2014-11-22 12:50:23 ----D---- C:\Users\Adam\AppData\Roaming\Comodo
2014-11-21 12:45:55 ----D---- C:\Program Files (x86)\Adobe
2014-11-21 12:45:20 ----D---- C:\ProgramData\Adobe
2014-11-21 12:40:55 ----A---- C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-21 12:17:06 ----A---- C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-21 12:14:34 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-11-21 11:28:39 ----D---- C:\windows\PCHEALTH
2014-11-21 11:20:09 ----D---- C:\Program Files\Microsoft Office
2014-11-21 11:19:44 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-11-21 11:18:42 ----D---- C:\Program Files (x86)\Microsoft Office
2014-11-21 11:18:41 ----D---- C:\ProgramData\Microsoft Help
2014-11-21 11:17:53 ----RHD---- C:\MSOCache
2014-11-21 11:10:41 ----D---- C:\windows\system32\MRT
2014-11-21 11:10:37 ----A---- C:\windows\system32\MRT.exe
2014-11-21 10:58:06 ----A---- C:\windows\SYSWOW64\TsWpfWrp.exe
2014-11-21 10:58:06 ----A---- C:\windows\system32\TsWpfWrp.exe
2014-11-21 10:55:18 ----D---- C:\Program Files (x86)\Intel
2014-11-21 10:55:11 ----D---- C:\Intel
2014-11-21 10:55:11 ----A---- C:\windows\SYSWOW64\OpenCL.DLL
2014-11-21 10:55:11 ----A---- C:\windows\system32\OpenCL.DLL
2014-11-21 10:54:53 ----D---- C:\Program Files\Intel
2014-11-21 10:53:55 ----A---- C:\windows\system32\tssdisai.dll
2014-11-21 10:53:52 ----A---- C:\windows\system32\VmHostAI.dll
2014-11-21 10:53:52 ----A---- C:\windows\system32\RDWebAI.dll
2014-11-21 10:53:52 ----A---- C:\windows\system32\poqexec.exe
2014-11-21 10:53:52 ----A---- C:\windows\system32\appserverai.dll
2014-11-21 10:53:50 ----A---- C:\windows\SYSWOW64\poqexec.exe
2014-11-21 10:51:26 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-11-21 10:51:26 ----A---- C:\windows\system32\schannel.dll
2014-11-21 10:51:23 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll
2014-11-21 10:51:23 ----A---- C:\windows\system32\ncryptsslp.dll
2014-11-21 10:50:50 ----A---- C:\windows\system32\win32k.sys
2014-11-21 10:50:36 ----A---- C:\windows\system32\rdpcorets.dll
2014-11-21 10:50:31 ----A---- C:\windows\SYSWOW64\adtschema.dll
2014-11-21 10:50:31 ----A---- C:\windows\system32\adtschema.dll
2014-11-21 10:50:30 ----A---- C:\windows\SYSWOW64\msaudite.dll
2014-11-21 10:50:30 ----A---- C:\windows\system32\rfxvmt.dll
2014-11-21 10:50:30 ----A---- C:\windows\system32\rdpudd.dll
2014-11-21 10:50:30 ----A---- C:\windows\system32\msaudite.dll
2014-11-21 10:50:30 ----A---- C:\windows\system32\drivers\rdpvideominiport.sys
2014-11-21 10:49:59 ----A---- C:\windows\system32\wmp.dll
2014-11-21 10:49:59 ----A---- C:\windows\system32\tquery.dll
2014-11-21 10:49:58 ----A---- C:\windows\SYSWOW64\wmp.dll
2014-11-21 10:49:57 ----A---- C:\windows\system32\mssrch.dll
2014-11-21 10:49:56 ----A---- C:\windows\SYSWOW64\tquery.dll
2014-11-21 10:49:54 ----A---- C:\windows\SYSWOW64\mssrch.dll
2014-11-21 10:49:53 ----A---- C:\windows\system32\MSAudDecMFT.dll
2014-11-21 10:49:52 ----A---- C:\windows\SYSWOW64\MSAudDecMFT.dll
2014-11-21 10:49:51 ----A---- C:\windows\system32\kd_02_10ec.dll
2014-11-21 10:49:50 ----A---- C:\windows\SYSWOW64\mssph.dll
2014-11-21 10:49:50 ----A---- C:\windows\system32\SearchIndexer.exe
2014-11-21 10:49:50 ----A---- C:\windows\system32\rsaenh.dll
2014-11-21 10:49:50 ----A---- C:\windows\system32\drivers\PEAuth.sys
2014-11-21 10:49:50 ----A---- C:\windows\system32\AudioSes.dll
2014-11-21 10:49:49 ----A---- C:\windows\SYSWOW64\SearchProtocolHost.exe
2014-11-21 10:49:49 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2014-11-21 10:49:49 ----A---- C:\windows\system32\Windows.Networking.dll
2014-11-21 10:49:49 ----A---- C:\windows\system32\SearchProtocolHost.exe
2014-11-21 10:49:49 ----A---- C:\windows\system32\mssph.dll
2014-11-21 10:49:49 ----A---- C:\windows\system32\dwmredir.dll
2014-11-21 10:49:49 ----A---- C:\windows\system32\conhost.exe
2014-11-21 10:49:49 ----A---- C:\windows\system32\AudioEng.dll
2014-11-21 10:49:48 ----A---- C:\windows\SYSWOW64\rsaenh.dll
2014-11-21 10:49:48 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2014-11-21 10:49:48 ----A---- C:\windows\system32\audiodg.exe
2014-11-21 10:49:47 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe
2014-11-21 10:49:47 ----A---- C:\windows\system32\wpncore.dll
2014-11-21 10:49:47 ----A---- C:\windows\system32\RecoveryDrive.exe
2014-11-21 10:49:46 ----A---- C:\windows\SYSWOW64\Windows.Networking.dll
2014-11-21 10:49:46 ----A---- C:\windows\SYSWOW64\rascfg.dll
2014-11-21 10:49:46 ----A---- C:\windows\system32\XpsGdiConverter.dll
2014-11-21 10:49:46 ----A---- C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-11-21 10:49:46 ----A---- C:\windows\system32\MFMediaEngine.dll
2014-11-21 10:49:46 ----A---- C:\windows\system32\ci.dll
2014-11-21 10:49:45 ----A---- C:\windows\SYSWOW64\mssvp.dll
2014-11-21 10:49:45 ----A---- C:\windows\SYSWOW64\MFMediaEngine.dll
2014-11-21 10:49:45 ----A---- C:\windows\system32\XpsRasterService.dll
2014-11-21 10:49:45 ----A---- C:\windows\system32\rascfg.dll
2014-11-21 10:49:45 ----A---- C:\windows\system32\mfreadwrite.dll
2014-11-21 10:49:45 ----A---- C:\windows\system32\fhengine.dll
2014-11-21 10:49:45 ----A---- C:\windows\system32\drivers\pdc.sys
2014-11-21 10:49:45 ----A---- C:\windows\system32\dmvdsitf.dll
2014-11-21 10:49:44 ----A---- C:\windows\SYSWOW64\XpsRasterService.dll
2014-11-21 10:49:44 ----A---- C:\windows\SYSWOW64\wscapi.dll
2014-11-21 10:49:44 ----A---- C:\windows\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2014-11-21 10:49:44 ----A---- C:\windows\SYSWOW64\SearchFilterHost.exe
2014-11-21 10:49:44 ----A---- C:\windows\SYSWOW64\Robocopy.exe
2014-11-21 10:49:44 ----A---- C:\windows\system32\SearchFilterHost.exe
2014-11-21 10:49:44 ----A---- C:\windows\system32\Robocopy.exe
2014-11-21 10:49:44 ----A---- C:\windows\system32\kdvm.dll
2014-11-21 10:49:44 ----A---- C:\windows\system32\iuilp.dll
2014-11-21 10:49:43 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll
2014-11-21 10:49:43 ----A---- C:\windows\SYSWOW64\mfreadwrite.dll
2014-11-21 10:49:43 ----A---- C:\windows\SYSWOW64\dmvdsitf.dll
2014-11-21 10:49:43 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2014-11-21 10:49:43 ----A---- C:\windows\system32\wscsvc.dll
2014-11-21 10:49:43 ----A---- C:\windows\system32\kdnet.dll
2014-11-21 10:49:43 ----A---- C:\windows\system32\drivers\wanarp.sys
2014-11-21 10:49:43 ----A---- C:\windows\system32\drivers\hidbth.sys
2014-11-21 10:49:43 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2014-11-21 10:49:42 ----A---- C:\windows\SYSWOW64\mssphtb.dll
2014-11-21 10:49:42 ----A---- C:\windows\SYSWOW64\fmifs.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\mssvp.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\mssprxy.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\mssphtb.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\msshooks.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\GenuineCenter.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\fmifs.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\fhsvc.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\fhsrchapi.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\fhevents.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\fhcfg.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\fhcat.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\drivers\ndproxy.sys
2014-11-21 10:49:42 ----A---- C:\windows\system32\drivers\hidi2c.sys
2014-11-21 10:49:41 ----A---- C:\windows\SYSWOW64\rasmxs.dll
2014-11-21 10:49:41 ----A---- C:\windows\SYSWOW64\rasdiag.dll
2014-11-21 10:49:41 ----A---- C:\windows\SYSWOW64\mssprxy.dll
2014-11-21 10:49:41 ----A---- C:\windows\SYSWOW64\mssitlb.dll
2014-11-21 10:49:41 ----A---- C:\windows\SYSWOW64\msshooks.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\rasmxs.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\rasdiag.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\mssitlb.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\msscntrs.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\fhtask.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\fhsrchph.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\fhshl.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\fhmanagew.exe
2014-11-21 10:49:41 ----A---- C:\windows\system32\fhlisten.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\fhcleanup.dll
2014-11-21 10:49:40 ----A---- C:\windows\SYSWOW64\rasser.dll
2014-11-21 10:49:40 ----A---- C:\windows\SYSWOW64\msscntrs.dll
2014-11-21 10:49:40 ----A---- C:\windows\system32\rasser.dll
2014-11-21 10:49:40 ----A---- C:\windows\system32\fhautoplay.dll
2014-11-21 10:49:39 ----A---- C:\windows\SYSWOW64\spwmp.dll
2014-11-21 10:49:39 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2014-11-21 10:49:39 ----A---- C:\windows\system32\spwmp.dll
2014-11-21 10:49:39 ----A---- C:\windows\system32\fhsvcctl.dll
2014-11-21 10:49:39 ----A---- C:\windows\system32\dxmasf.dll
2014-11-21 10:49:38 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2014-11-21 10:49:38 ----A---- C:\windows\system32\wmploc.DLL
2014-11-21 10:49:38 ----A---- C:\windows\system32\drivers\ndistapi.sys
2014-11-21 10:49:05 ----A---- C:\windows\SYSWOW64\msvcr120_clr0400.dll
2014-11-21 10:49:04 ----A---- C:\windows\system32\msvcr120_clr0400.dll
2014-11-21 10:48:09 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2014-11-21 10:48:09 ----A---- C:\windows\system32\oleaut32.dll
2014-11-21 10:48:05 ----A---- C:\windows\SYSWOW64\uxtheme.dll
2014-11-21 10:48:05 ----A---- C:\windows\SYSWOW64\UXInit.dll
2014-11-21 10:48:05 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-11-21 10:48:05 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2014-11-21 10:48:05 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-11-21 10:48:05 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-11-21 10:48:05 ----A---- C:\windows\system32\UXInit.dll
2014-11-21 10:48:05 ----A---- C:\windows\system32\urlmon.dll
2014-11-21 10:48:05 ----A---- C:\windows\system32\iesysprep.dll
2014-11-21 10:48:04 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-11-21 10:48:03 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-11-21 10:48:03 ----A---- C:\windows\system32\uxtheme.dll
2014-11-21 10:48:03 ----A---- C:\windows\system32\msfeeds.dll
2014-11-21 10:48:03 ----A---- C:\windows\system32\ie4uinit.exe
2014-11-21 10:48:02 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-11-21 10:48:02 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-11-21 10:48:02 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-11-21 10:48:02 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-11-21 10:48:02 ----A---- C:\windows\system32\iertutil.dll
2014-11-21 10:48:02 ----A---- C:\windows\system32\ieframe.dll
2014-11-21 10:48:02 ----A---- C:\windows\system32\iedkcs32.dll
2014-11-21 10:48:00 ----A---- C:\windows\system32\wininet.dll
2014-11-21 10:48:00 ----A---- C:\windows\system32\jscript.dll
2014-11-21 10:48:00 ----A---- C:\windows\system32\dxtrans.dll
2014-11-21 10:48:00 ----A---- C:\windows\system32\dxtmsft.dll
2014-11-21 10:47:59 ----A---- C:\windows\system32\mshtmled.dll
2014-11-21 10:47:58 ----A---- C:\windows\system32\mshtml.dll
2014-11-21 10:47:50 ----A---- C:\windows\SYSWOW64\jscript.dll
2014-11-21 10:47:49 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-11-21 10:47:49 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-11-21 10:47:49 ----A---- C:\windows\system32\jscript9.dll
2014-11-21 10:47:48 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-11-21 10:47:44 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-11-21 10:47:44 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-11-21 10:47:44 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-11-21 10:47:44 ----A---- C:\windows\system32\msrating.dll
2014-11-21 10:47:44 ----A---- C:\windows\system32\jsproxy.dll
2014-11-21 10:47:44 ----A---- C:\windows\system32\iesetup.dll
2014-11-21 10:47:44 ----A---- C:\windows\system32\iernonce.dll
2014-11-21 10:47:35 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2014-11-21 10:47:35 ----A---- C:\windows\system32\rpcrt4.dll
2014-11-21 10:46:57 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-11-21 10:46:57 ----A---- C:\windows\system32\winlogon.exe
2014-11-21 10:46:57 ----A---- C:\windows\system32\lsm.dll
2014-11-21 10:46:57 ----A---- C:\windows\system32\lsasrv.dll
2014-11-21 10:46:57 ----A---- C:\windows\system32\kerberos.dll
2014-11-21 10:46:57 ----A---- C:\windows\system32\drivers\cng.sys
2014-11-21 10:46:56 ----A---- C:\windows\SYSWOW64\usercpl.dll
2014-11-21 10:46:56 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-11-21 10:46:56 ----A---- C:\windows\system32\usercpl.dll
2014-11-21 10:46:56 ----A---- C:\windows\system32\SHCore.dll
2014-11-21 10:46:56 ----A---- C:\windows\system32\msv1_0.dll
2014-11-21 10:46:55 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-11-21 10:46:55 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-11-21 10:46:55 ----A---- C:\windows\SYSWOW64\SHCore.dll
2014-11-21 10:46:55 ----A---- C:\windows\SYSWOW64\pku2u.dll
2014-11-21 10:46:55 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-11-21 10:46:55 ----A---- C:\windows\system32\workerdd.dll
2014-11-21 10:46:55 ----A---- C:\windows\system32\wdigest.dll
2014-11-21 10:46:55 ----A---- C:\windows\system32\TSpkg.dll
2014-11-21 10:46:55 ----A---- C:\windows\system32\pku2u.dll
2014-11-21 10:46:55 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-11-21 10:46:55 ----A---- C:\windows\system32\credssp.dll
2014-11-21 10:46:30 ----A---- C:\windows\SYSWOW64\msvcp120_clr0400.dll
2014-11-21 10:46:30 ----A---- C:\windows\system32\msvcp120_clr0400.dll
2014-11-21 10:46:17 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-11-21 10:46:16 ----A---- C:\windows\system32\dnsapi.dll
2014-11-21 10:46:15 ----A---- C:\windows\SYSWOW64\WsmSvc.dll
2014-11-21 10:46:15 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2014-11-21 10:46:15 ----A---- C:\windows\system32\WsmSvc.dll
2014-11-21 10:46:15 ----A---- C:\windows\system32\drivers\Classpnp.sys
2014-11-21 10:46:12 ----A---- C:\windows\system32\dnsrslvr.dll
2014-11-21 10:46:11 ----A---- C:\windows\system32\WsmWmiPl.dll
2014-11-21 10:46:10 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll
2014-11-21 10:46:10 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2014-11-21 10:46:10 ----A---- C:\windows\SYSWOW64\FXSCOMEX.dll
2014-11-21 10:46:10 ----A---- C:\windows\SYSWOW64\FXSAPI.dll
2014-11-21 10:46:10 ----A---- C:\windows\system32\rpchttp.dll
2014-11-21 10:46:10 ----A---- C:\windows\system32\FXST30.dll
2014-11-21 10:46:10 ----A---- C:\windows\system32\FXSCOMEX.dll
2014-11-21 10:46:09 ----A---- C:\windows\system32\FXSTIFF.dll
2014-11-21 10:46:09 ----A---- C:\windows\system32\FXSAPI.dll
2014-11-21 10:46:00 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2014-11-21 10:46:00 ----A---- C:\windows\system32\cdd.dll
2014-11-21 10:45:59 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-11-21 10:45:59 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-11-21 10:45:49 ----A---- C:\windows\system32\Windows.UI.Xaml.dll
2014-11-21 10:45:45 ----A---- C:\windows\SYSWOW64\Windows.UI.Xaml.dll
2014-11-21 10:45:43 ----A---- C:\windows\system32\sysmain.dll
2014-11-21 10:45:43 ----A---- C:\windows\system32\drivers\rdbss.sys
2014-11-21 10:45:43 ----A---- C:\windows\system32\AppXDeploymentServer.dll
2014-11-21 10:45:42 ----A---- C:\windows\system32\VSSVC.exe
2014-11-21 10:45:42 ----A---- C:\windows\system32\ubpm.dll
2014-11-21 10:45:42 ----A---- C:\windows\system32\BCP47Langs.dll
2014-11-21 10:45:41 ----A---- C:\windows\SYSWOW64\ubpm.dll
2014-11-21 10:45:41 ----A---- C:\windows\SYSWOW64\BCP47Langs.dll
2014-11-21 10:45:41 ----A---- C:\windows\system32\netprofmsvc.dll
2014-11-21 10:45:41 ----A---- C:\windows\system32\netprofm.dll
2014-11-21 10:45:39 ----A---- C:\windows\system32\mfmp4srcsnk.dll
2014-11-21 10:45:38 ----A---- C:\windows\SYSWOW64\mfmp4srcsnk.dll
2014-11-21 10:45:38 ----A---- C:\windows\system32\taskhost.exe
2014-11-21 10:45:38 ----A---- C:\windows\system32\stobject.dll
2014-11-21 10:45:38 ----A---- C:\windows\system32\psmsrv.dll
2014-11-21 10:45:38 ----A---- C:\windows\system32\netplwiz.dll
2014-11-21 10:45:38 ----A---- C:\windows\system32\Magnify.exe
2014-11-21 10:45:38 ----A---- C:\windows\system32\bisrv.dll
2014-11-21 10:45:38 ----A---- C:\windows\system32\AppXDeploymentExtensions.dll
2014-11-21 10:45:37 ----A---- C:\windows\SYSWOW64\stobject.dll
2014-11-21 10:45:37 ----A---- C:\windows\SYSWOW64\netplwiz.dll
2014-11-21 10:45:37 ----A---- C:\windows\system32\drivers\spaceport.sys
2014-11-21 10:45:37 ----A---- C:\windows\system32\DevicePairing.dll
2014-11-21 10:45:36 ----A---- C:\windows\SYSWOW64\Magnify.exe
2014-11-21 10:45:36 ----A---- C:\windows\system32\taskhostex.exe
2014-11-21 10:45:36 ----A---- C:\windows\system32\AuthHost.exe
2014-11-21 10:45:35 ----A---- C:\windows\SYSWOW64\netprofm.dll
2014-11-21 10:45:35 ----A---- C:\windows\SYSWOW64\DevicePairing.dll
2014-11-21 10:45:35 ----A---- C:\windows\SYSWOW64\biwinrt.dll
2014-11-21 10:45:35 ----A---- C:\windows\system32\drivers\hidusb.sys
2014-11-21 10:45:35 ----A---- C:\windows\system32\biwinrt.dll
2014-11-21 10:45:33 ----A---- C:\windows\SYSWOW64\npmproxy.dll
2014-11-21 10:45:33 ----A---- C:\windows\SYSWOW64\muifontsetup.dll
2014-11-21 10:45:33 ----A---- C:\windows\system32\muifontsetup.dll
2014-11-21 10:45:32 ----A---- C:\windows\SYSWOW64\nlmsprep.dll
2014-11-21 10:45:32 ----A---- C:\windows\SYSWOW64\nlmproxy.dll
2014-11-21 10:44:12 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2014-11-21 10:44:12 ----A---- C:\windows\SYSWOW64\certutil.exe
2014-11-21 10:44:12 ----A---- C:\windows\system32\cryptnet.dll
2014-11-21 10:44:12 ----A---- C:\windows\system32\certutil.exe
2014-11-21 10:43:36 ----A---- C:\windows\system32\appinfo.dll
2014-11-21 10:43:35 ----A---- C:\windows\system32\consent.exe
2014-11-21 10:43:26 ----A---- C:\windows\system32\drivers\afd.sys
2014-11-21 10:43:21 ----A---- C:\windows\SYSWOW64\msxml6.dll
2014-11-21 10:43:21 ----A---- C:\windows\system32\msxml6.dll
2014-11-21 10:43:20 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2014-11-21 10:43:20 ----A---- C:\windows\system32\msxml6r.dll
2014-11-21 10:43:02 ----A---- C:\windows\SYSWOW64\mfasfsrcsnk.dll
2014-11-21 10:43:02 ----A---- C:\windows\system32\mfasfsrcsnk.dll
2014-11-21 10:43:01 ----A---- C:\windows\system32\wmpmde.dll
2014-11-21 10:43:00 ----A---- C:\windows\system32\winmde.dll
2014-11-21 10:43:00 ----A---- C:\windows\system32\Windows.Globalization.dll
2014-11-21 10:42:59 ----A---- C:\windows\SYSWOW64\netcfgx.dll
2014-11-21 10:42:59 ----A---- C:\windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-11-21 10:42:59 ----A---- C:\windows\system32\TimeBrokerServer.dll
2014-11-21 10:42:59 ----A---- C:\windows\system32\SystemEventsBrokerServer.dll
2014-11-21 10:42:59 ----A---- C:\windows\system32\drivers\storport.sys
2014-11-21 10:42:56 ----A---- C:\windows\SYSWOW64\winmde.dll
2014-11-21 10:42:56 ----A---- C:\windows\SYSWOW64\Windows.Globalization.dll
2014-11-21 10:42:56 ----A---- C:\windows\system32\wpdbusenum.dll
2014-11-21 10:42:56 ----A---- C:\windows\system32\SettingSync.dll
2014-11-21 10:42:56 ----A---- C:\windows\system32\drvstore.dll
2014-11-21 10:42:55 ----A---- C:\windows\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2014-11-21 10:42:55 ----A---- C:\windows\SYSWOW64\drvstore.dll
2014-11-21 10:42:55 ----A---- C:\windows\system32\usbmon.dll
2014-11-21 10:42:55 ----A---- C:\windows\system32\netcfgx.dll
2014-11-21 10:42:54 ----A---- C:\windows\system32\drivers\vhdmp.sys
2014-11-21 10:42:54 ----A---- C:\windows\system32\drivers\sdbus.sys
2014-11-21 10:42:53 ----A---- C:\windows\SYSWOW64\SettingSync.dll
2014-11-21 10:42:53 ----A---- C:\windows\system32\NdisImPlatform.dll
2014-11-21 10:42:53 ----A---- C:\windows\system32\drivers\tpm.sys
2014-11-21 10:42:53 ----A---- C:\windows\system32\drivers\storahci.sys
2014-11-21 10:42:53 ----A---- C:\windows\system32\drivers\dumpsd.sys
2014-11-21 10:42:53 ----A---- C:\windows\system32\discan.dll
2014-11-21 10:42:53 ----A---- C:\windows\system32\DevDispItemProvider.dll
2014-11-21 10:42:52 ----A---- C:\windows\SYSWOW64\SettingSyncInfo.dll
2014-11-21 10:42:52 ----A---- C:\windows\system32\WSDPrintProxy.DLL
2014-11-21 10:42:51 ----A---- C:\windows\SYSWOW64\DevDispItemProvider.dll
2014-11-21 10:42:51 ----A---- C:\windows\system32\SettingSyncInfo.dll
2014-11-21 10:42:51 ----A---- C:\windows\system32\drivers\mouhid.sys
2014-11-21 10:42:51 ----A---- C:\windows\system32\drivers\monitor.sys
2014-11-21 10:42:16 ----A---- C:\windows\SYSWOW64\mstscax.dll
2014-11-21 10:42:16 ----A---- C:\windows\system32\mstscax.dll
2014-11-21 10:42:15 ----A---- C:\windows\SYSWOW64\mstsc.exe
2014-11-21 10:42:15 ----A---- C:\windows\system32\termsrv.dll
2014-11-21 10:42:15 ----A---- C:\windows\system32\mstsc.exe
2014-11-21 10:42:14 ----A---- C:\windows\SYSWOW64\winsta.dll
2014-11-21 10:42:14 ----A---- C:\windows\SYSWOW64\aaclient.dll
2014-11-21 10:42:14 ----A---- C:\windows\system32\winsta.dll
2014-11-21 10:42:03 ----A---- C:\windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2014-11-21 10:41:51 ----A---- C:\windows\system32\shell32.dll
2014-11-21 10:41:50 ----A---- C:\windows\SYSWOW64\shell32.dll
2014-11-21 10:41:36 ----A---- C:\windows\system32\sppsvc.exe
2014-11-21 10:41:34 ----A---- C:\windows\system32\WSService.dll
2014-11-21 10:41:33 ----A---- C:\windows\system32\sppobjs.dll
2014-11-21 10:41:32 ----A---- C:\windows\SYSWOW64\sppc.dll
2014-11-21 10:41:32 ----A---- C:\windows\system32\sppwinob.dll
2014-11-21 10:41:32 ----A---- C:\windows\system32\sppc.dll
2014-11-21 10:41:31 ----A---- C:\windows\SYSWOW64\WSSync.dll
2014-11-21 10:41:31 ----A---- C:\windows\system32\WSSync.dll
2014-11-21 10:41:31 ----A---- C:\windows\system32\drivers\dam.sys
2014-11-21 10:41:30 ----A---- C:\windows\SYSWOW64\WSClient.dll
2014-11-21 10:41:30 ----A---- C:\windows\system32\WSClient.dll
2014-11-21 10:41:29 ----A---- C:\windows\SYSWOW64\OEMLicense.dll
2014-11-21 10:41:29 ----A---- C:\windows\system32\setupcln.dll
2014-11-21 10:41:28 ----A---- C:\windows\SYSWOW64\setupcln.dll
2014-11-21 10:41:28 ----A---- C:\windows\system32\OEMLicense.dll
2014-11-21 10:40:42 ----A---- C:\windows\SYSWOW64\duser.dll
2014-11-21 10:40:41 ----A---- C:\windows\system32\wlroamextension.dll
2014-11-21 10:40:41 ----A---- C:\windows\system32\ncsi.dll
2014-11-21 10:40:41 ----A---- C:\windows\system32\duser.dll
2014-11-21 10:40:41 ----A---- C:\windows\system32\drivers\ndis.sys
2014-11-21 10:40:40 ----A---- C:\windows\SYSWOW64\wlroamextension.dll
2014-11-21 10:40:40 ----A---- C:\windows\SYSWOW64\Windows.Networking.Connectivity.dll
2014-11-21 10:40:40 ----A---- C:\windows\system32\WWanAPI.dll
2014-11-21 10:40:40 ----A---- C:\windows\system32\Windows.Networking.Connectivity.dll
2014-11-21 10:40:40 ----A---- C:\windows\system32\hotspotauth.dll
2014-11-21 10:40:40 ----A---- C:\windows\system32\drivers\ntfs.sys
2014-11-21 10:40:40 ----A---- C:\windows\system32\drivers\ks.sys
2014-11-21 10:40:40 ----A---- C:\windows\system32\drivers\BthAvrcpTg.sys
2014-11-21 10:40:39 ----A---- C:\windows\SYSWOW64\WWanAPI.dll
2014-11-21 10:40:39 ----A---- C:\windows\SYSWOW64\mbsmsapi.dll
2014-11-21 10:40:39 ----A---- C:\windows\system32\tasklist.exe
2014-11-21 10:40:39 ----A---- C:\windows\system32\taskkill.exe
2014-11-21 10:40:39 ----A---- C:\windows\system32\mbsmsapi.dll
2014-11-21 10:40:38 ----A---- C:\windows\SYSWOW64\tasklist.exe
2014-11-21 10:40:38 ----A---- C:\windows\SYSWOW64\taskkill.exe
2014-11-21 10:40:38 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2014-11-21 10:40:38 ----A---- C:\windows\system32\wpd_ci.dll
2014-11-21 10:40:38 ----A---- C:\windows\system32\wersvc.dll
2014-11-21 10:40:38 ----A---- C:\windows\system32\nlasvc.dll
2014-11-21 10:40:38 ----A---- C:\windows\system32\nlaapi.dll
2014-11-21 10:40:38 ----A---- C:\windows\system32\drivers\crashdmp.sys
2014-11-21 10:40:37 ----A---- C:\windows\system32\drivers\BthhfHid.sys
2014-11-21 10:40:37 ----A---- C:\windows\system32\drivers\BtaMPM.sys
2014-11-21 10:40:27 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2014-11-21 10:40:24 ----A---- C:\windows\SYSWOW64\wintrust.dll
2014-11-21 10:40:24 ----A---- C:\windows\SYSWOW64\apprepsync.dll
2014-11-21 10:40:24 ----A---- C:\windows\SYSWOW64\apprepapi.dll
2014-11-21 10:40:24 ----A---- C:\windows\system32\wintrust.dll
2014-11-21 10:40:24 ----A---- C:\windows\system32\cryptsvc.dll
2014-11-21 10:40:24 ----A---- C:\windows\system32\apprepsync.dll
2014-11-21 10:40:24 ----A---- C:\windows\system32\apprepapi.dll
2014-11-21 10:40:14 ----A---- C:\windows\SYSWOW64\lpk.dll
2014-11-21 10:40:14 ----A---- C:\windows\SYSWOW64\fontsub.dll
2014-11-21 10:40:14 ----A---- C:\windows\SYSWOW64\dciman32.dll
2014-11-21 10:40:14 ----A---- C:\windows\SYSWOW64\atmlib.dll
2014-11-21 10:40:14 ----A---- C:\windows\SYSWOW64\atmfd.dll
2014-11-21 10:40:14 ----A---- C:\windows\system32\lpk.dll
2014-11-21 10:40:14 ----A---- C:\windows\system32\fontsub.dll
2014-11-21 10:40:14 ----A---- C:\windows\system32\dciman32.dll
2014-11-21 10:40:14 ----A---- C:\windows\system32\atmlib.dll
2014-11-21 10:40:14 ----A---- C:\windows\system32\atmfd.dll
2014-11-21 10:40:11 ----A---- C:\windows\SYSWOW64\osk.exe
2014-11-21 10:40:11 ----A---- C:\windows\system32\osk.exe
2014-11-21 10:39:48 ----A---- C:\windows\system32\InkEd.dll
2014-11-21 10:39:45 ----A---- C:\windows\SYSWOW64\crypt32.dll
2014-11-21 10:39:45 ----A---- C:\windows\system32\crypt32.dll
2014-11-21 10:38:11 ----A---- C:\windows\SYSWOW64\cryptdlg.dll
2014-11-21 10:38:11 ----A---- C:\windows\system32\cryptdlg.dll
2014-11-21 10:37:50 ----A---- C:\windows\system32\msvcr100_clr0400.dll
2014-11-21 10:37:48 ----A---- C:\windows\SYSWOW64\msvcr100_clr0400.dll
2014-11-21 10:35:28 ----A---- C:\windows\system32\wlidsvc.dll
2014-11-21 10:35:28 ----A---- C:\windows\system32\msctf.dll
2014-11-21 10:35:28 ----A---- C:\windows\system32\mmc.exe
2014-11-21 10:35:27 ----A---- C:\windows\SYSWOW64\msctf.dll
2014-11-21 10:35:27 ----A---- C:\windows\SYSWOW64\mmc.exe
2014-11-21 10:35:25 ----A---- C:\windows\system32\setupapi.dll
2014-11-21 10:35:24 ----A---- C:\windows\SYSWOW64\setupapi.dll
2014-11-21 10:35:24 ----A---- C:\windows\system32\WSDMon.dll
2014-11-21 10:35:24 ----A---- C:\windows\system32\Windows.Media.dll
2014-11-21 10:35:24 ----A---- C:\windows\system32\iphlpsvc.dll
2014-11-21 10:35:24 ----A---- C:\windows\system32\drivers\partmgr.sys
2014-11-21 10:35:24 ----A---- C:\windows\system32\drivers\msgpiowin32.sys
2014-11-21 10:35:24 ----A---- C:\windows\system32\drivers\HdAudio.sys
2014-11-21 10:35:23 ----A---- C:\windows\SYSWOW64\Windows.Media.dll
2014-11-21 10:35:23 ----A---- C:\windows\SYSWOW64\wiaacmgr.exe
2014-11-21 10:35:23 ----A---- C:\windows\system32\wiaacmgr.exe
2014-11-21 10:35:23 ----A---- C:\windows\system32\samsrv.dll
2014-11-21 10:35:23 ----A---- C:\windows\system32\MP4SDECD.DLL
2014-11-21 10:35:23 ----A---- C:\windows\system32\inetpp.dll
2014-11-21 10:35:22 ----A---- C:\windows\SYSWOW64\samlib.dll
2014-11-21 10:35:22 ----A---- C:\windows\SYSWOW64\MP4SDECD.DLL
2014-11-21 10:35:22 ----A---- C:\windows\system32\ncbservice.dll
2014-11-21 10:35:22 ----A---- C:\windows\system32\httpprxm.dll
2014-11-21 10:35:22 ----A---- C:\windows\system32\adhsvc.dll
2014-11-21 10:35:22 ----A---- C:\windows\system32\adhapi.dll
2014-11-21 10:35:21 ----A---- C:\windows\system32\keepaliveprovider.dll
2014-11-21 10:35:21 ----A---- C:\windows\system32\httpprxp.dll
2014-11-21 10:35:01 ----A---- C:\windows\SYSWOW64\twinui.dll
2014-11-21 10:35:01 ----A---- C:\windows\system32\twinui.dll
2014-11-21 10:34:58 ----A---- C:\windows\SYSWOW64\msi.dll
2014-11-21 10:34:58 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2014-11-21 10:34:58 ----A---- C:\windows\system32\msi.dll
2014-11-21 10:34:58 ----A---- C:\windows\system32\authui.dll
2014-11-21 10:34:58 ----A---- C:\windows\system32\actxprxy.dll
2014-11-21 10:34:57 ----A---- C:\windows\SYSWOW64\msihnd.dll
2014-11-21 10:34:57 ----A---- C:\windows\SYSWOW64\authui.dll
2014-11-21 10:34:57 ----A---- C:\windows\system32\msihnd.dll
2014-11-21 10:34:47 ----A---- C:\windows\system32\msmpeg2vdec.dll
2014-11-21 10:34:46 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2014-11-21 10:34:42 ----A---- C:\windows\system32\wuaueng.dll
2014-11-21 10:34:39 ----A---- C:\windows\SYSWOW64\wuapi.dll
2014-11-21 10:34:39 ----A---- C:\windows\system32\wudriver.dll
2014-11-21 10:34:39 ----A---- C:\windows\system32\wucltux.dll
2014-11-21 10:34:39 ----A---- C:\windows\system32\wuauclt.exe
2014-11-21 10:34:39 ----A---- C:\windows\system32\wuapi.dll
2014-11-21 10:34:38 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2014-11-21 10:34:38 ----A---- C:\windows\SYSWOW64\wudriver.dll
2014-11-21 10:34:38 ----A---- C:\windows\SYSWOW64\wuapp.exe
2014-11-21 10:34:38 ----A---- C:\windows\system32\wuwebv.dll
2014-11-21 10:34:38 ----A---- C:\windows\system32\WUSettingsProvider.dll
2014-11-21 10:34:38 ----A---- C:\windows\system32\wuapp.exe
2014-11-21 10:34:38 ----A---- C:\windows\system32\wuaext.dll
2014-11-21 10:34:38 ----A---- C:\windows\system32\storewuauth.dll
2014-11-21 10:34:11 ----A---- C:\windows\SYSWOW64\shdocvw.dll
2014-11-21 10:34:11 ----A---- C:\windows\system32\shdocvw.dll
2014-11-21 10:33:32 ----A---- C:\windows\system32\drivers\WdFilter.sys
2014-11-21 10:33:32 ----A---- C:\windows\system32\drivers\WdBoot.sys
2014-11-21 10:33:22 ----A---- C:\windows\SYSWOW64\d3d11.dll
2014-11-21 10:33:22 ----A---- C:\windows\system32\d3d11.dll
2014-11-21 10:33:14 ----A---- C:\windows\system32\ntoskrnl.exe
2014-11-21 10:33:13 ----A---- C:\windows\system32\KernelBase.dll
2014-11-21 10:33:11 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2014-11-21 10:33:11 ----A---- C:\windows\system32\sspicli.dll
2014-11-21 10:33:11 ----A---- C:\windows\system32\objsel.dll
2014-11-21 10:33:10 ----A---- C:\windows\SYSWOW64\objsel.dll
2014-11-21 10:33:10 ----A---- C:\windows\system32\drivers\ksecdd.sys
2014-11-21 10:33:10 ----A---- C:\windows\system32\dpapisrv.dll
2014-11-21 10:33:07 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-11-21 10:33:07 ----A---- C:\windows\SYSWOW64\dimsroam.dll
2014-11-21 10:33:07 ----A---- C:\windows\system32\sspisrv.dll
2014-11-21 10:33:07 ----A---- C:\windows\system32\lsass.exe
2014-11-21 10:33:07 ----A---- C:\windows\system32\dimsroam.dll
2014-11-21 10:32:34 ----A---- C:\windows\SYSWOW64\msdrm.dll
2014-11-21 10:32:34 ----A---- C:\windows\system32\msdrm.dll
2014-11-21 10:31:33 ----A---- C:\windows\system32\gdi32.dll
2014-11-21 10:31:32 ----A---- C:\windows\SYSWOW64\gdi32.dll
2014-11-21 10:30:50 ----A---- C:\windows\SYSWOW64\ReAgent.dll
2014-11-21 10:30:50 ----A---- C:\windows\system32\sysreset.exe
2014-11-21 10:30:50 ----A---- C:\windows\system32\resetengmig.dll
2014-11-21 10:30:50 ----A---- C:\windows\system32\reseteng.dll
2014-11-21 10:30:50 ----A---- C:\windows\system32\ReAgent.dll
2014-11-21 10:30:47 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2014-11-21 10:30:47 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-11-21 10:30:44 ----A---- C:\windows\SYSWOW64\esent.dll
2014-11-21 10:30:43 ----A---- C:\windows\system32\esent.dll
2014-11-21 10:30:41 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2014-11-21 10:30:41 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2014-11-21 10:30:40 ----A---- C:\windows\SYSWOW64\comctl32.dll
2014-11-21 10:30:40 ----A---- C:\windows\system32\comctl32.dll
2014-11-21 10:30:30 ----A---- C:\windows\SYSWOW64\synceng.dll
2014-11-21 10:30:30 ----A---- C:\windows\system32\synceng.dll
2014-11-21 10:30:27 ----A---- C:\windows\system32\dpnet.dll
2014-11-21 10:30:24 ----A---- C:\windows\SYSWOW64\dpnet.dll
2014-11-21 10:30:23 ----A---- C:\windows\SYSWOW64\dpnsvr.exe
2014-11-21 10:30:23 ----A---- C:\windows\SYSWOW64\dpnathlp.dll
2014-11-21 10:30:23 ----A---- C:\windows\system32\dpnsvr.exe
2014-11-21 10:30:22 ----A---- C:\windows\SYSWOW64\dpnlobby.dll
2014-11-21 10:30:22 ----A---- C:\windows\SYSWOW64\dpnhupnp.dll
2014-11-21 10:30:22 ----A---- C:\windows\SYSWOW64\dpnhpast.dll
2014-11-21 10:30:22 ----A---- C:\windows\SYSWOW64\dpnaddr.dll
2014-11-21 10:30:22 ----A---- C:\windows\system32\dpnlobby.dll
2014-11-21 10:30:22 ----A---- C:\windows\system32\dpnhupnp.dll
2014-11-21 10:30:22 ----A---- C:\windows\system32\dpnhpast.dll
2014-11-21 10:30:22 ----A---- C:\windows\system32\dpnathlp.dll
2014-11-21 10:30:22 ----A---- C:\windows\system32\dpnaddr.dll
2014-11-21 10:29:05 ----A---- C:\windows\system32\drivers\http.sys
2014-11-21 10:28:49 ----A---- C:\windows\SYSWOW64\ReAgentc.exe
2014-11-21 10:28:49 ----A---- C:\windows\system32\ReAgentc.exe
2014-11-21 10:28:33 ----A---- C:\windows\SYSWOW64\msieftp.dll
2014-11-21 10:28:33 ----A---- C:\windows\system32\msieftp.dll
2014-11-21 10:28:23 ----A---- C:\windows\SYSWOW64\tzres.dll
2014-11-21 10:28:23 ----A---- C:\windows\system32\tzres.dll
2014-11-21 10:27:44 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2014-11-21 10:27:43 ----A---- C:\windows\system32\WMPhoto.dll
2014-11-21 10:27:06 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-11-21 10:27:06 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-11-21 10:27:06 ----A---- C:\windows\system32\msxml3r.dll
2014-11-21 10:27:06 ----A---- C:\windows\system32\msxml3.dll
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbuhci.sys
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbport.sys
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbohci.sys
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbhub.sys
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbehci.sys
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbd.sys
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbccgp.sys
2014-11-21 10:25:53 ----A---- C:\windows\SYSWOW64\kernel32.dll
2014-11-21 10:25:53 ----A---- C:\windows\system32\kernel32.dll
2014-11-21 10:25:51 ----A---- C:\windows\SYSWOW64\DWrite.dll
2014-11-21 10:25:51 ----A---- C:\windows\system32\DWrite.dll
2014-11-21 10:20:54 ----A---- C:\windows\system32\d2d1.dll
2014-11-21 10:20:53 ----A---- C:\windows\SYSWOW64\d2d1.dll
2014-11-21 10:20:38 ----A---- C:\windows\system32\audiosrv.dll
2014-11-21 10:20:38 ----A---- C:\windows\system32\AUDIOKSE.dll
2014-11-21 10:20:38 ----A---- C:\windows\system32\AudioEndpointBuilder.dll
2014-11-21 10:20:37 ----A---- C:\windows\system32\EncDump.dll
2014-11-21 10:15:10 ----A---- C:\windows\system32\drivers\usb8023.sys
2014-11-21 10:06:31 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2014-11-21 10:06:30 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2014-11-21 10:06:29 ----A---- C:\windows\system32\nshwfp.dll
2014-11-21 10:06:29 ----A---- C:\windows\system32\IKEEXT.DLL
2014-11-21 10:06:29 ----A---- C:\windows\system32\FWPUCLNT.DLL
2014-11-21 10:06:29 ----A---- C:\windows\system32\drivers\wfplwfs.sys
2014-11-21 10:06:29 ----A---- C:\windows\system32\BFE.DLL
2014-11-21 10:03:51 ----A---- C:\windows\system32\devinv.dll
2014-11-21 10:03:51 ----A---- C:\windows\system32\aepic.dll
2014-11-21 10:03:51 ----A---- C:\windows\system32\aepdu.dll
2014-11-21 10:03:50 ----A---- C:\windows\system32\generaltel.dll
2014-11-21 10:03:50 ----A---- C:\windows\system32\aeinv.dll
2014-11-21 10:03:43 ----D---- C:\Program Files\Microsoft Silverlight
2014-11-21 10:03:43 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-11-21 10:00:13 ----A---- C:\windows\system32\netcfg-111484.txt
2014-11-21 09:58:06 ----A---- C:\windows\system32\netcfg-73086250.txt
2014-11-21 09:48:03 ----A---- C:\windows\system32\netcfg-72482812.txt
2014-11-21 09:48:03 ----A---- C:\windows\system32\drivers\sfi.dat
2014-11-21 09:48:00 ----A---- C:\windows\system32\netcfg-72479828.txt
2014-11-21 09:47:54 ----A---- C:\windows\system32\netcfg-72474484.txt
2014-11-21 09:47:37 ----D---- C:\ProgramData\Shared Space
2014-11-21 09:46:46 ----D---- C:\Program Files\COMODO
2014-11-21 09:46:04 ----D---- C:\ProgramData\Comodo Downloader
2014-11-21 09:45:42 ----D---- C:\ProgramData\Comodo
2014-11-21 09:41:58 ----A---- C:\windows\system32\netcfg-72118656.txt
2014-11-21 09:41:58 ----A---- C:\windows\system32\netcfg-72118609.txt
2014-11-21 09:41:52 ----A---- C:\windows\system32\netcfg-72112140.txt
2014-11-21 09:41:30 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2014-11-21 09:41:30 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2014-11-21 09:41:25 ----A---- C:\windows\system32\netcfg-72085296.txt
2014-11-20 16:30:40 ----A---- C:\windows\SYSWOW64\untfs.dll
2014-11-20 16:30:40 ----A---- C:\windows\SYSWOW64\autochk.exe
2014-11-20 16:30:40 ----A---- C:\windows\system32\untfs.dll
2014-11-20 16:30:40 ----A---- C:\windows\system32\autochk.exe
2014-11-20 16:30:39 ----A---- C:\windows\SYSWOW64\scrrun.dll
2014-11-20 16:30:39 ----A---- C:\windows\SYSWOW64\scrobj.dll
2014-11-20 16:30:39 ----A---- C:\windows\SYSWOW64\cscript.exe
2014-11-20 16:30:39 ----A---- C:\windows\system32\scrrun.dll
2014-11-20 16:30:39 ----A---- C:\windows\system32\scrobj.dll
2014-11-20 16:30:39 ----A---- C:\windows\system32\cscript.exe
2014-11-20 16:30:36 ----A---- C:\windows\system32\drivers\portcls.sys
2014-11-20 16:30:35 ----A---- C:\windows\system32\SysFxUI.dll
2014-11-20 16:30:35 ----A---- C:\windows\system32\drivers\drmkaud.sys
2014-11-20 16:30:35 ----A---- C:\windows\system32\drivers\drmk.sys
2014-11-20 16:29:51 ----A---- C:\windows\SYSWOW64\packager.dll
2014-11-20 16:29:51 ----A---- C:\windows\system32\packager.dll
2014-11-20 16:29:50 ----A---- C:\windows\system32\schedsvc.dll
2014-11-20 16:29:41 ----A---- C:\windows\system32\qedit.dll
2014-11-20 16:29:41 ----A---- C:\windows\system32\pcasvc.dll
2014-11-20 16:29:41 ----A---- C:\windows\system32\pcalua.exe
2014-11-20 16:29:41 ----A---- C:\windows\system32\pcaevts.dll
2014-11-20 16:29:41 ----A---- C:\windows\system32\pcadm.dll
2014-11-20 16:29:40 ----A---- C:\windows\SYSWOW64\qedit.dll
2014-11-20 16:29:02 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2014-11-20 16:29:02 ----A---- C:\windows\system32\imagehlp.dll
2014-11-20 16:28:52 ----A---- C:\windows\system32\drivers\hidclass.sys
2014-11-20 16:28:51 ----A---- C:\windows\system32\drivers\usbscan.sys
2014-11-20 16:28:51 ----A---- C:\windows\system32\drivers\usbprint.sys
2014-11-20 16:28:51 ----A---- C:\windows\system32\drivers\hidparse.sys
2014-11-20 16:28:40 ----A---- C:\windows\SYSWOW64\rastls.dll
2014-11-20 16:28:40 ----A---- C:\windows\system32\rastls.dll
2014-11-20 16:28:39 ----A---- C:\windows\system32\drivers\usbvideo.sys
2014-11-20 16:28:39 ----A---- C:\windows\system32\drivers\usbcir.sys
2014-11-20 16:28:36 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2014-11-20 16:28:36 ----A---- C:\windows\system32\GdiPlus.dll
2014-11-20 16:28:36 ----A---- C:\windows\system32\drivers\USBXHCI.SYS
2014-11-20 16:28:36 ----A---- C:\windows\system32\drivers\USBHUB3.SYS
2014-11-20 16:28:36 ----A---- C:\windows\system32\drivers\UCX01000.SYS
2014-11-20 16:19:52 ----A---- C:\windows\SYSWOW64\wups.dll
2014-11-20 16:19:51 ----A---- C:\windows\system32\wushareduxresources.dll
2014-11-20 16:19:51 ----A---- C:\windows\system32\wups2.dll
2014-11-20 16:19:51 ----A---- C:\windows\system32\wups.dll
2014-11-20 15:56:22 ----A---- C:\windows\system32\netcfg-8186171.txt
2014-11-20 15:56:19 ----A---- C:\windows\system32\netcfg-8183062.txt
2014-11-20 15:56:19 ----A---- C:\windows\system32\netcfg-8182984.txt
2014-11-20 15:54:52 ----A---- C:\windows\system32\netcfg-8096062.txt
2014-11-20 15:53:51 ----A---- C:\windows\system32\netcfg-8034796.txt
2014-11-20 15:53:49 ----A---- C:\windows\system32\netcfg-8032312.txt
2014-11-20 15:53:39 ----A---- C:\windows\system32\netcfg-8022687.txt
2014-11-20 15:53:36 ----A---- C:\windows\system32\netcfg-8019656.txt
2014-11-20 15:53:07 ----A---- C:\windows\system32\netcfg-7990390.txt
2014-11-20 15:53:06 ----A---- C:\windows\system32\netcfg-7989828.txt
2014-11-20 15:52:04 ----A---- C:\windows\system32\netcfg-7927781.txt
2014-11-20 15:00:30 ----A---- C:\windows\system32\netcfg-4836343.txt
2014-11-20 15:00:12 ----A---- C:\windows\system32\netcfg-4818359.txt
2014-11-20 15:00:12 ----A---- C:\windows\system32\netcfg-4818328.txt
2014-11-20 15:00:12 ----A---- C:\windows\system32\netcfg-4818281.txt
2014-11-20 15:00:12 ----A---- C:\windows\system32\netcfg-4817703.txt
2014-11-20 14:45:40 ----A---- C:\windows\system32\netcfg-3946562.txt
2014-11-20 14:45:40 ----A---- C:\windows\system32\netcfg-3946546.txt
2014-11-20 14:45:40 ----A---- C:\windows\system32\netcfg-3946500.txt
2014-11-20 14:45:40 ----A---- C:\windows\system32\netcfg-3945890.txt
2014-11-20 14:44:19 ----A---- C:\windows\system32\netcfg-3864796.txt
2014-11-20 14:44:18 ----A---- C:\windows\system32\netcfg-3864234.txt
2014-11-20 14:43:45 ----A---- C:\windows\system32\netcfg-3830984.txt
2014-11-20 14:43:44 ----A---- C:\windows\system32\netcfg-3830437.txt
2014-11-20 14:42:10 ----D---- C:\Users\Adam\AppData\Roaming\Mozilla
2014-11-20 14:42:05 ----D---- C:\ProgramData\Mozilla
2014-11-20 14:42:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-20 14:42:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-20 14:27:11 ----A---- C:\windows\system32\netcfg-2837218.txt
2014-11-20 14:27:11 ----A---- C:\windows\system32\netcfg-2837187.txt
2014-11-20 14:27:11 ----A---- C:\windows\system32\netcfg-2837109.txt
2014-11-20 14:27:10 ----A---- C:\windows\system32\netcfg-2836546.txt
2014-11-20 14:25:18 ----A---- C:\windows\system32\netcfg-2724343.txt
2014-11-20 14:25:18 ----A---- C:\windows\system32\netcfg-2723796.txt
2014-11-20 14:18:03 ----A---- C:\windows\system32\netcfg-2289328.txt
2014-11-20 14:17:55 ----A---- C:\windows\system32\netcfg-2281343.txt
2014-11-20 14:17:39 ----A---- C:\windows\system32\netcfg-2265375.txt
2014-11-20 14:17:39 ----A---- C:\windows\system32\netcfg-2265343.txt
2014-11-20 14:17:39 ----A---- C:\windows\system32\netcfg-2265234.txt
2014-11-20 14:17:39 ----A---- C:\windows\system32\netcfg-2264703.txt
2014-11-20 14:15:31 ----A---- C:\windows\system32\netcfg-2136640.txt
2014-11-20 14:15:31 ----A---- C:\windows\system32\netcfg-2136609.txt
2014-11-20 13:13:01 ----SHD---- C:\System Volume Information
2014-11-20 13:10:27 ----A---- C:\windows\CSUP.TXT
2014-11-20 13:00:32 ----A---- C:\windows\system32\netcfg-1235500.txt
2014-11-20 13:00:32 ----A---- C:\windows\system32\netcfg-1235484.txt
2014-11-20 13:00:32 ----A---- C:\windows\system32\netcfg-1235437.txt
2014-11-20 13:00:32 ----A---- C:\windows\system32\netcfg-1234843.txt
2014-11-20 12:59:23 ----A---- C:\windows\system32\netcfg-1166109.txt
2014-11-20 12:59:18 ----A---- C:\windows\system32\netcfg-1161484.txt
2014-11-20 12:58:55 ----A---- C:\windows\system32\netcfg-1137781.txt
2014-11-20 12:58:53 ----A---- C:\windows\system32\netcfg-1135750.txt
2014-11-20 12:58:38 ----A---- C:\windows\system32\netcfg-1121625.txt
2014-11-20 12:58:38 ----A---- C:\windows\system32\netcfg-1121031.txt
2014-11-20 12:58:20 ----A---- C:\windows\system32\netcfg-1103453.txt
2014-11-20 12:58:17 ----A---- C:\windows\system32\netcfg-1100406.txt
2014-11-20 12:58:17 ----A---- C:\windows\system32\netcfg-1100343.txt
2014-11-20 12:58:17 ----A---- C:\windows\system32\netcfg-1099765.txt
2014-11-20 12:57:44 ----A---- C:\windows\system32\netcfg-1067156.txt
2014-11-20 12:57:44 ----A---- C:\windows\system32\netcfg-1067093.txt
2014-11-20 12:57:44 ----A---- C:\windows\system32\netcfg-1067000.txt
2014-11-20 12:57:43 ----A---- C:\windows\system32\netcfg-1066296.txt
2014-11-20 12:56:45 ----D---- C:\Users\Adam\AppData\Roaming\Macromedia
2014-11-20 12:50:37 ----A---- C:\windows\system32\netcfg-639984.txt
2014-11-20 12:50:37 ----A---- C:\windows\system32\netcfg-639703.txt
2014-11-20 12:50:33 ----A---- C:\windows\system32\netcfg-636656.txt
2014-11-20 12:50:33 ----A---- C:\windows\system32\netcfg-636625.txt
2014-11-20 12:50:19 ----A---- C:\windows\system32\netcfg-621921.txt
2014-11-20 12:48:15 ----A---- C:\windows\system32\netcfg-497953.txt
2014-11-20 12:48:14 ----A---- C:\windows\system32\netcfg-497406.txt
2014-11-20 12:44:38 ----A---- C:\windows\system32\netcfg-281062.txt
2014-11-20 12:43:14 ----D---- C:\Users\Adam\AppData\Roaming\Adobe
2014-11-20 12:42:30 ----SD---- C:\Users\Adam\AppData\Roaming\Microsoft
2014-11-20 12:22:25 ----D---- C:\windows\SoftwareDistribution
2014-11-20 12:22:21 ----D---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-20 12:22:19 ----D---- C:\ProgramData\OneKey Recovery
2014-11-20 12:22:19 ----A---- C:\windows\system32\drivers\wsvd.sys
2014-11-20 12:22:11 ----D---- C:\Program Files\Lenovo
2014-11-20 12:22:01 ----D---- C:\ProgramData\Temp
2014-11-20 12:17:59 ----ASH---- C:\hiberfil.sys
2014-11-20 12:15:49 ----A---- C:\windows\system32\netcfg-72984.txt
2014-11-20 12:15:45 ----A---- C:\windows\system32\netcfg-69515.txt
2014-11-20 12:15:43 ----A---- C:\windows\system32\netcfg-67421.txt
2014-11-20 12:15:41 ----A---- C:\windows\system32\netcfg-64937.txt
2014-11-20 12:15:40 ----A---- C:\windows\system32\netcfg-64625.txt
2014-11-20 12:15:40 ----A---- C:\windows\system32\netcfg-64250.txt
2014-11-20 12:15:40 ----A---- C:\windows\system32\netcfg-63859.txt
2014-11-20 12:15:39 ----A---- C:\windows\system32\netcfg-63531.txt
2014-11-20 12:15:39 ----A---- C:\windows\system32\netcfg-63296.txt
2014-11-20 12:15:39 ----A---- C:\windows\system32\netcfg-62968.txt
2014-11-20 12:15:38 ----A---- C:\windows\system32\netcfg-62640.txt
2014-11-20 12:15:27 ----A---- C:\windows\system32\netcfg-51218.txt
2014-11-20 12:15:26 ----A---- C:\windows\system32\netcfg-50312.txt
2014-11-20 12:14:46 ----ASH---- C:\swapfile.sys
2014-11-20 12:14:46 ----ASH---- C:\pagefile.sys
2014-11-13 11:53:20 ----A---- C:\windows\system32\drivers\inspect.sys
2014-11-13 11:53:18 ----A---- C:\windows\system32\drivers\cmdhlp.sys
2014-11-13 11:53:18 ----A---- C:\windows\system32\drivers\cmdguard.sys
2014-11-13 11:53:18 ----A---- C:\windows\system32\drivers\cmderd.sys
2014-11-13 11:52:58 ----A---- C:\windows\system32\cmdcsr.dll
2014-11-13 11:52:56 ----A---- C:\windows\SYSWOW64\guard32.dll
2014-11-13 11:52:56 ----A---- C:\windows\system32\guard64.dll
2014-11-13 11:52:48 ----A---- C:\windows\system32\cmdvrt64.dll
2014-11-13 11:52:44 ----A---- C:\windows\system32\cmdkbd64.dll
2014-11-13 11:52:36 ----A---- C:\windows\SYSWOW64\cmdvrt32.dll
2014-11-13 11:52:32 ----A---- C:\windows\SYSWOW64\cmdkbd32.dll

======List of files/folders modified in the last 1 month======

2014-12-04 16:17:06 ----D---- C:\windows\Prefetch
2014-12-04 16:16:58 ----RD---- C:\Program Files
2014-12-04 15:00:38 ----D---- C:\windows\Temp
2014-12-04 15:00:14 ----D---- C:\windows\system32\sru
2014-12-04 11:35:25 ----RD---- C:\Program Files (x86)
2014-12-04 11:35:25 ----D---- C:\windows\SysWOW64
2014-12-04 11:35:25 ----D---- C:\windows\system32\Drivers
2014-12-04 11:35:25 ----AD---- C:\windows\System32
2014-12-04 11:35:12 ----SHD---- C:\windows\Installer
2014-12-04 11:35:11 ----D---- C:\Program Files\Common Files\microsoft shared
2014-12-04 10:24:02 ----RD---- C:\windows\assembly
2014-12-04 10:24:02 ----D---- C:\windows\Microsoft.NET
2014-12-04 10:22:52 ----D---- C:\windows\system32\config
2014-12-04 09:59:03 ----D---- C:\windows\Registration
2014-12-04 09:48:44 ----HD---- C:\$Windows.~BT
2014-12-03 11:39:31 ----RSD---- C:\windows\Fonts
2014-12-02 17:04:26 ----D---- C:\windows\Inf
2014-12-02 16:55:44 ----SD---- C:\ProgramData\Microsoft
2014-12-02 16:55:02 ----D---- C:\windows\system32\Tasks
2014-12-02 16:54:37 ----D---- C:\windows\system32\catroot
2014-12-02 16:54:36 ----D---- C:\windows\system32\DriverStore
2014-12-02 16:54:35 ----A---- C:\windows\system32\HPWia2_OJ6600.dll
2014-12-02 16:54:35 ----A---- C:\windows\system32\HPScanTRDrv_OJ6600.dll
2014-12-02 16:54:17 ----A---- C:\windows\system32\hpinksts5D12LM.dll
2014-12-02 16:54:17 ----A---- C:\windows\system32\hpinkcoi5D12.dll
2014-12-02 16:54:10 ----HD---- C:\ProgramData
2014-12-02 16:54:10 ----D---- C:\windows\twain_32
2014-12-02 13:18:22 ----AD---- C:\Windows
2014-12-02 12:43:25 ----HD---- C:\Program Files\WindowsApps
2014-12-02 12:43:25 ----D---- C:\windows\AUInstallAgent
2014-11-30 11:43:24 ----D---- C:\windows\system32\NDF
2014-11-29 11:52:40 ----D---- C:\windows\Logs
2014-11-28 12:14:18 ----D---- C:\windows\WinSxS
2014-11-28 12:12:18 ----D---- C:\windows\WinStore
2014-11-28 12:12:15 ----D---- C:\windows\system32\SecureBootUpdates
2014-11-28 12:12:12 ----D---- C:\windows\SYSWOW64\wbem
2014-11-28 12:12:12 ----D---- C:\windows\SYSWOW64\en-US
2014-11-28 12:12:11 ----D---- C:\windows\system32\wbem
2014-11-28 12:12:11 ----D---- C:\windows\system32\en-US
2014-11-28 12:12:11 ----D---- C:\windows\system32\Boot
2014-11-28 12:08:10 ----D---- C:\windows\Tasks
2014-11-28 12:06:30 ----D---- C:\windows\CbsTemp
2014-11-28 12:05:24 ----A---- C:\windows\win.ini
2014-11-26 15:08:21 ----D---- C:\windows\system32\catroot2
2014-11-26 14:46:45 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-11-26 12:37:20 ----D---- C:\windows\system32\wdi
2014-11-26 12:31:29 ----D---- C:\windows\SYSWOW64\migration
2014-11-26 12:31:29 ----D---- C:\windows\system32\migration
2014-11-26 12:31:17 ----D---- C:\windows\PolicyDefinitions
2014-11-26 12:31:06 ----RD---- C:\windows\ToastData
2014-11-26 12:30:21 ----D---- C:\Program Files\Windows Defender
2014-11-26 12:30:20 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-26 12:30:15 ----D---- C:\windows\apppatch
2014-11-26 12:30:09 ----D---- C:\Program Files\Windows Journal
2014-11-26 12:27:21 ----D---- C:\windows\system32\drivers\UMDF
2014-11-26 11:53:29 ----D---- C:\Program Files (x86)\Common Files
2014-11-22 12:21:50 ----SHD---- C:\$Recycle.Bin
2014-11-21 12:14:57 ----D---- C:\windows\servicing
2014-11-21 12:10:55 ----D---- C:\windows\SYSWOW64\Dism
2014-11-21 12:10:55 ----D---- C:\Program Files\Windows Photo Viewer
2014-11-21 12:10:55 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-11-21 12:10:53 ----D---- C:\windows\system32\Dism
2014-11-21 12:10:01 ----D---- C:\Program Files\Windows Media Player
2014-11-21 12:10:01 ----D---- C:\Program Files (x86)\Windows Media Player
2014-11-21 12:09:13 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-21 12:09:05 ----D---- C:\Program Files\Internet Explorer
2014-11-21 11:30:12 ----D---- C:\windows\ShellNew
2014-11-21 11:28:39 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-11-21 11:10:41 ----D---- C:\windows\debug
2014-11-21 11:05:37 ----AD---- C:\windows\system32\oobe
2014-11-21 10:53:47 ----A---- C:\windows\system32\igfxDI.dll
2014-11-21 10:53:47 ----A---- C:\windows\system32\igfxDH.dll
2014-11-21 10:53:44 ----A---- C:\windows\system32\igdmd64.dll
2014-11-21 10:53:43 ----A---- C:\windows\SYSWOW64\igdmd32.dll
2014-11-21 10:53:42 ----A---- C:\windows\SYSWOW64\igdde32.dll
2014-11-21 10:53:42 ----A---- C:\windows\system32\igdde64.dll
2014-11-21 10:53:41 ----A---- C:\windows\SYSWOW64\igfxcmjit32.dll
2014-11-21 10:53:41 ----A---- C:\windows\SYSWOW64\igfx11cmrt32.dll
2014-11-21 10:53:41 ----A---- C:\windows\system32\igfxcmjit64.dll
2014-11-21 10:53:41 ----A---- C:\windows\system32\igfx11cmrt64.dll
2014-11-21 10:53:40 ----A---- C:\windows\system32\igfxLHMLib.dll
2014-11-21 10:53:38 ----A---- C:\windows\SYSWOW64\igfxexps32.dll
2014-11-21 10:53:38 ----A---- C:\windows\system32\MetroIntelGenericUIFramework.dll
2014-11-21 10:53:38 ----A---- C:\windows\system32\igfxcmrt64.dll
2014-11-21 10:53:36 ----A---- C:\windows\SYSWOW64\igfxcmrt32.dll
2014-11-21 10:53:34 ----A---- C:\windows\system32\igdumdim64.dll
2014-11-21 10:53:32 ----A---- C:\windows\SYSWOW64\igdumdim32.dll
2014-11-21 10:53:32 ----A---- C:\windows\system32\igfxEMLib.dll
2014-11-21 10:53:29 ----A---- C:\windows\system32\igfxDILib.dll
2014-11-21 10:53:29 ----A---- C:\windows\system32\igfxDHLib.dll
2014-11-21 10:53:28 ----A---- C:\windows\system32\igd10iumd64.dll
2014-11-21 10:53:27 ----A---- C:\windows\SYSWOW64\igd10iumd32.dll
2014-11-21 10:53:01 ----A---- C:\windows\system32\igfxLHMLibv2_0.dll
2014-11-21 10:53:01 ----A---- C:\windows\system32\igfxexps.dll
2014-11-21 10:53:00 ----A---- C:\windows\system32\iglhsip64.dll
2014-11-21 10:52:59 ----A---- C:\windows\SYSWOW64\iglhsip32.dll
2014-11-21 10:52:59 ----A---- C:\windows\system32\igfxDTCM.dll
2014-11-21 10:52:54 ----A---- C:\windows\system32\IntelOpenCL64.dll
2014-11-21 10:52:46 ----A---- C:\windows\SYSWOW64\IntelOpenCL32.dll
2014-11-21 10:52:40 ----A---- C:\windows\SYSWOW64\Intel_OpenCL_ICD32.dll
2014-11-21 10:52:40 ----A---- C:\windows\system32\Intel_OpenCL_ICD64.dll
2014-11-21 10:52:40 ----A---- C:\windows\system32\igfxOSP.dll
2014-11-21 10:52:40 ----A---- C:\windows\system32\igfxCoIn_v3958.dll
2014-11-21 10:52:39 ----A---- C:\windows\system32\igfxLHM.dll
2014-11-21 10:52:39 ----A---- C:\windows\system32\igfxEMLibv2_0.dll
2014-11-21 10:52:38 ----A---- C:\windows\system32\igfxDILibv2_0.dll
2014-11-21 10:52:38 ----A---- C:\windows\system32\igfxDHLibv2_0.dll
2014-11-21 10:52:37 ----A---- C:\windows\system32\igdusc64.dll
2014-11-21 10:52:37 ----A---- C:\windows\system32\IccLibDll_x64.dll
2014-11-21 10:52:36 ----A---- C:\windows\SYSWOW64\igdusc32.dll
2014-11-21 10:52:33 ----A---- C:\windows\system32\iglhcp64.dll
2014-11-21 10:52:32 ----A---- C:\windows\SYSWOW64\iglhcp32.dll
2014-11-21 10:52:32 ----A---- C:\windows\SYSWOW64\igdrcl32.dll
2014-11-21 10:52:32 ----A---- C:\windows\system32\igdrcl64.dll
2014-11-21 10:52:30 ----A---- C:\windows\system32\igdfcl64.dll
2014-11-21 10:52:30 ----A---- C:\windows\system32\igdail64.dll
2014-11-21 10:52:25 ----A---- C:\windows\SYSWOW64\igdail32.dll
2014-11-21 10:52:25 ----A---- C:\windows\system32\igdbcl64.dll
2014-11-21 10:52:24 ----A---- C:\windows\SYSWOW64\igdfcl32.dll
2014-11-21 10:52:18 ----A---- C:\windows\SYSWOW64\igdbcl32.dll
2014-11-21 10:52:18 ----A---- C:\windows\system32\igfxCUIServicePS.dll
2014-11-21 10:51:41 ----A---- C:\windows\SYSWOW64\IntelCpHeciSvc.exe
2014-11-21 10:51:41 ----A---- C:\windows\system32\igfxTray.exe
2014-11-21 10:51:41 ----A---- C:\windows\system32\igfxHK.exe
2014-11-21 10:51:41 ----A---- C:\windows\system32\igfxext.exe
2014-11-21 10:51:41 ----A---- C:\windows\system32\igfxEM.exe
2014-11-21 10:51:41 ----A---- C:\windows\system32\igfxCUIService.exe
2014-11-21 10:51:39 ----A---- C:\windows\SYSWOW64\ig7icd32.dll
2014-11-21 10:51:39 ----A---- C:\windows\system32\ig7icd64.dll
2014-11-21 10:51:39 ----A---- C:\windows\system32\Gfxv4_0.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\Gfxv2_0.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\GfxUIEx.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\DPTopologyAppv2_0.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\DPTopologyApp.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\difx64.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\CustomModeAppv2_0.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\CustomModeApp.exe
2014-11-21 10:44:13 ----D---- C:\windows\LiveKernelReports
2014-11-20 16:19:24 ----D---- C:\windows\system32\restore
2014-11-20 13:10:32 ----AD---- C:\windows\Web
2014-11-20 13:10:31 ----AD---- C:\windows\Help
2014-11-20 12:50:03 ----D---- C:\windows\system32\CodeIntegrity
2014-11-20 12:42:36 ----RD---- C:\windows\ImmersiveControlPanel
2014-11-20 12:42:30 ----AD---- C:\Users
2014-11-20 12:41:47 ----D---- C:\windows\rescache
2014-11-20 12:24:42 ----AD---- C:\windows\Panther
2014-11-20 12:19:59 ----D---- C:\windows\SYSWOW64\drivers
2014-11-20 12:19:05 ----D---- C:\windows\system32\Sysprep

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 icquni;icquni; C:\windows\system32\drivers\icquni.sys []
R1 CFRMD;CFRMD; C:\windows\system32\DRIVERS\CFRMD.sys [2014-06-25 40224]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\windows\System32\DRIVERS\cmderd.sys [2014-11-13 21304]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\system32\DRIVERS\cmdguard.sys [2014-11-13 808176]
R1 cmdhlp;COMODO Internet Security Helper Driver; C:\windows\system32\DRIVERS\cmdhlp.sys [2014-11-13 36200]
R1 inspect;@oem2.inf,%inspect_Desc%;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2014-11-13 127328]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-25 64000]
R2 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2013-02-28 36600]
R3 BCM43XX;@netbc63a.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl63a.sys [2012-06-02 5139968]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-11-21 3828152]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2012-06-02 100864]
R3 MEIx64;@oem1.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-17 62784]
R3 Neo_VPN;@oem4.inf,%Neo.Service.DispName%;VPN Client Device Driver - VPN; C:\windows\system32\DRIVERS\Neo_VPN.sys [2014-11-25 28768]
R3 Neo_VPN2;@oem5.inf,%Neo.Service.DispName%;VPN Client Device Driver - VPN2; C:\windows\system32\DRIVERS\Neo_VPN2.sys [2014-11-25 28768]
R3 tap0901;@oem6.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys [2014-11-25 40664]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-25 17920]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel® PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2014-12-02 43008]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2012-06-13 102376]
S3 WUDFWpdFs;WUDFWpdFs; C:\windows\system32\DRIVERS\WUDFRd.sys [2012-07-25 198656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-11-21 64704]
R2 CGVPNCliService;CyberGhost 5 Client Service; C:\Program Files\CyberGhost 5\Service.exe [2014-11-25 64616]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2014-11-21 70864]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-11-13 7615952]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-12-02 2370240]
R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-11-21 2327248]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-02 89352]
R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-11-21 319376]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe [2014-12-02 240408]
R3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-11-13 2265304]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-11-21 4925184]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe [2014-12-02 192792]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-26 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-28 267440]
S3 cphs;Intel® Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-11-21 281488]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-26 107912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-13 114288]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-11-21 149352]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2014-12-04 118520]

-----------------EOF-----------------
 


Edited by consultantbis, 04 December 2014 - 06:22 PM.


BC AdBot (Login to Remove)

 


#2 consultantbis

consultantbis
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 04 December 2014 - 05:08 PM

here's a zip file of the gmer file unless you can't use that for security purposes or don't want me to do that first. I have been trying to post the gmer log file with no success, it times out and I get nowhere. I also may have had an application running, didn't close the comodo consul but did turn off active protection.

Attached Files

  • Attached File  gmer.zip   40.97KB   1 downloads

Edited by consultantbis, 04 December 2014 - 06:25 PM.


#3 consultantbis

consultantbis
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 07 December 2014 - 12:50 PM

this is a more recent hi-jack this report.

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adam at 2014-12-07 10:46:44
Microsoft Windows 8
System drive C: has 387 GB (90%) free of 428 GB
Total RAM: 3962 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:46:52 AM, on 12/7/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\trend micro\Adam.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CyberGhost] "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\COMODO\GeekBuddy\launcher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: CyberGhost 5 Client Service (CGVPNCliService) - CyberGhost S.R.L - C:\Program Files\CyberGhost 5\Service.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8083 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\CyberGhost 5\Service.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe"
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k rpcss
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\windows\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\System32\WinLogon.exe -SpecialSession
 -hiberboot
taskhostex.exe
taskeng.exe {CDFDDADA-89CC-4FC7-805C-A1CEDC7EB9B3}
C:\windows\Explorer.EXE
igfxEM.exe
igfxHK.exe
C:\windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files\COMODO\GeekBuddy\unit_manager.exe"
"C:\Program Files\COMODO\GeekBuddy\unit"  "\"C:/Program Files/COMODO/GeekBuddy/lps-cspm\""
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding

"C:\Users\Adam\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CyberGhost"=C:\Program Files\CyberGhost 5\CyberGhost.EXE [2014-11-25 410216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"tvncontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-11-21 2327248]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-21 959176]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2014-12-02 96056]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Start GeekBuddy.lnk - C:\Program Files\COMODO\GeekBuddy\launcher.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-05 13:52:27 ----SHD---- C:\Recovery
2014-12-05 12:15:12 ----HD---- C:\VTRoot
2014-12-05 12:15:11 ----A---- C:\windows\system32\drivers\fvstore.dat
2014-12-05 10:34:30 ----A---- C:\TDSSKiller.3.0.0.41_05.12.2014_10.34.29_log.txt
2014-12-04 16:16:58 ----D---- C:\Program Files\trend micro
2014-12-04 16:16:56 ----D---- C:\rsit
2014-12-04 14:58:26 ----D---- C:\Users\Adam\AppData\Roaming\Wireshark
2014-12-04 11:35:25 ----D---- C:\Program Files (x86)\WinPcap
2014-12-04 11:34:35 ----D---- C:\Program Files\Wireshark
2014-12-02 16:55:09 ----D---- C:\Program Files (x86)\Microsoft
2014-12-02 16:54:42 ----D---- C:\Users\Adam\AppData\Roaming\HpUpdate
2014-12-02 16:54:39 ----N---- C:\windows\system32\HPDiscoPM5D12.dll
2014-12-02 16:54:10 ----D---- C:\ProgramData\HP
2014-12-02 16:54:10 ----D---- C:\Program Files\HP
2014-12-02 16:54:05 ----A---- C:\ProgramData\Ament.ini
2014-12-02 16:53:29 ----A---- C:\windows\system32\hpinkins5D12.exe
2014-12-02 16:45:16 ----D---- C:\Program Files (x86)\Hp
2014-12-02 16:45:16 ----D---- C:\Program Files (x86)\Hewlett-Packard
2014-12-02 12:55:58 ----D---- C:\Program Files (x86)\Comodo
2014-11-29 12:22:18 ----A---- C:\windows\system32\FNTCACHE.DAT
2014-11-28 12:12:17 ----D---- C:\windows\system32\AutoUpdateLicense
2014-11-26 15:10:28 ----A---- C:\windows\system32\AutoUpdate.exe
2014-11-26 15:10:27 ----A---- C:\windows\SYSWOW64\WSShared.dll
2014-11-26 15:10:27 ----A---- C:\windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-26 15:10:27 ----A---- C:\windows\system32\WSShared.dll
2014-11-26 15:10:27 ----A---- C:\windows\system32\WinSetupUI.dll
2014-11-26 15:10:27 ----A---- C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-26 15:10:27 ----A---- C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-11-26 15:10:27 ----A---- C:\windows\system32\NotificationUI.exe
2014-11-26 15:09:34 ----A---- C:\windows\system32\ntdll.dll
2014-11-26 15:09:31 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2014-11-26 15:09:31 ----A---- C:\windows\system32\localspl.dll
2014-11-26 15:09:30 ----A---- C:\windows\system32\drivers\volsnap.sys
2014-11-26 15:09:30 ----A---- C:\windows\system32\drivers\srv2.sys
2014-11-26 15:09:28 ----A---- C:\windows\system32\storagewmi.dll
2014-11-26 15:09:27 ----A---- C:\windows\system32\WMVDECOD.DLL
2014-11-26 15:09:26 ----A---- C:\windows\system32\winload.exe
2014-11-26 15:09:26 ----A---- C:\windows\system32\d3d10warp.dll
2014-11-26 15:09:25 ----A---- C:\windows\SYSWOW64\ntdll.dll
2014-11-26 15:09:25 ----A---- C:\windows\SYSWOW64\dwmapi.dll
2014-11-26 15:09:24 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2014-11-26 15:09:24 ----A---- C:\windows\system32\winresume.exe
2014-11-26 15:09:23 ----A---- C:\windows\SYSWOW64\storagewmi.dll
2014-11-26 15:09:23 ----A---- C:\windows\system32\wcmsvc.dll
2014-11-26 15:09:23 ----A---- C:\windows\system32\dwmapi.dll
2014-11-26 15:09:22 ----A---- C:\windows\system32\win32spl.dll
2014-11-26 15:09:22 ----A---- C:\windows\system32\wcmcsp.dll
2014-11-26 15:09:22 ----A---- C:\windows\system32\profsvc.dll
2014-11-26 15:09:22 ----A---- C:\windows\system32\drivers\srvnet.sys
2014-11-26 15:09:22 ----A---- C:\windows\system32\defragsvc.dll
2014-11-26 15:09:20 ----A---- C:\windows\SYSWOW64\KBDYAK.DLL
2014-11-26 15:09:20 ----A---- C:\windows\SYSWOW64\KBDTAT.DLL
2014-11-26 15:09:20 ----A---- C:\windows\SYSWOW64\KBDRUM.DLL
2014-11-26 15:09:20 ----A---- C:\windows\SYSWOW64\KBDRU1.DLL
2014-11-26 15:09:20 ----A---- C:\windows\SYSWOW64\KBDRU.DLL
2014-11-26 15:09:20 ----A---- C:\windows\SYSWOW64\KBDBASH.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\KBDYAK.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\KBDTAT.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\KBDRUM.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\KBDRU1.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\KBDRU.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\KBDBASH.DLL
2014-11-26 15:09:20 ----A---- C:\windows\system32\Defrag.exe
2014-11-26 12:29:54 ----SD---- C:\windows\system32\CompatTel
2014-11-26 11:41:02 ----A---- C:\windows\SYSWOW64\certsentry.dll
2014-11-26 11:41:02 ----A---- C:\windows\system32\certsentry.dll
2014-11-26 11:40:30 ----A---- C:\windows\SYSWOW64\msvcr71.dll
2014-11-26 11:40:30 ----A---- C:\windows\SYSWOW64\mfc71.dll
2014-11-26 10:12:42 ----D---- C:\Program Files (x86)\Google
2014-11-25 14:23:31 ----D---- C:\Program Files\TAP-Windows
2014-11-25 14:22:59 ----D---- C:\Program Files\CyberGhost 5
2014-11-25 11:54:14 ----A---- C:\windows\system32\drivers\Neo_VPN2.sys
2014-11-25 11:50:53 ----A---- C:\windows\system32\drivers\Neo_VPN.sys
2014-11-25 11:50:31 ----A---- C:\windows\system32\vpncmd.exe
2014-11-25 11:50:10 ----D---- C:\Program Files\SoftEther VPN Client
2014-11-22 12:50:23 ----D---- C:\Users\Adam\AppData\Roaming\Comodo
2014-11-21 12:45:55 ----D---- C:\Program Files (x86)\Adobe
2014-11-21 12:45:20 ----D---- C:\ProgramData\Adobe
2014-11-21 12:40:55 ----A---- C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-21 12:17:06 ----A---- C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-21 12:14:34 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-11-21 11:28:39 ----D---- C:\windows\PCHEALTH
2014-11-21 11:20:09 ----D---- C:\Program Files\Microsoft Office
2014-11-21 11:19:44 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-11-21 11:18:42 ----D---- C:\Program Files (x86)\Microsoft Office
2014-11-21 11:18:41 ----D---- C:\ProgramData\Microsoft Help
2014-11-21 11:17:53 ----RHD---- C:\MSOCache
2014-11-21 11:10:41 ----D---- C:\windows\system32\MRT
2014-11-21 11:10:37 ----A---- C:\windows\system32\MRT.exe
2014-11-21 10:58:06 ----A---- C:\windows\SYSWOW64\TsWpfWrp.exe
2014-11-21 10:58:06 ----A---- C:\windows\system32\TsWpfWrp.exe
2014-11-21 10:55:18 ----D---- C:\Program Files (x86)\Intel
2014-11-21 10:55:11 ----D---- C:\Intel
2014-11-21 10:55:11 ----A---- C:\windows\SYSWOW64\OpenCL.DLL
2014-11-21 10:55:11 ----A---- C:\windows\system32\OpenCL.DLL
2014-11-21 10:54:53 ----D---- C:\Program Files\Intel
2014-11-21 10:53:55 ----A---- C:\windows\system32\tssdisai.dll
2014-11-21 10:53:52 ----A---- C:\windows\system32\VmHostAI.dll
2014-11-21 10:53:52 ----A---- C:\windows\system32\RDWebAI.dll
2014-11-21 10:53:52 ----A---- C:\windows\system32\poqexec.exe
2014-11-21 10:53:52 ----A---- C:\windows\system32\appserverai.dll
2014-11-21 10:53:50 ----A---- C:\windows\SYSWOW64\poqexec.exe
2014-11-21 10:51:26 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-11-21 10:51:26 ----A---- C:\windows\system32\schannel.dll
2014-11-21 10:51:23 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll
2014-11-21 10:51:23 ----A---- C:\windows\system32\ncryptsslp.dll
2014-11-21 10:50:50 ----A---- C:\windows\system32\win32k.sys
2014-11-21 10:50:36 ----A---- C:\windows\system32\rdpcorets.dll
2014-11-21 10:50:31 ----A---- C:\windows\SYSWOW64\adtschema.dll
2014-11-21 10:50:31 ----A---- C:\windows\system32\adtschema.dll
2014-11-21 10:50:30 ----A---- C:\windows\SYSWOW64\msaudite.dll
2014-11-21 10:50:30 ----A---- C:\windows\system32\rfxvmt.dll
2014-11-21 10:50:30 ----A---- C:\windows\system32\rdpudd.dll
2014-11-21 10:50:30 ----A---- C:\windows\system32\msaudite.dll
2014-11-21 10:50:30 ----A---- C:\windows\system32\drivers\rdpvideominiport.sys
2014-11-21 10:49:59 ----A---- C:\windows\system32\wmp.dll
2014-11-21 10:49:59 ----A---- C:\windows\system32\tquery.dll
2014-11-21 10:49:58 ----A---- C:\windows\SYSWOW64\wmp.dll
2014-11-21 10:49:57 ----A---- C:\windows\system32\mssrch.dll
2014-11-21 10:49:56 ----A---- C:\windows\SYSWOW64\tquery.dll
2014-11-21 10:49:54 ----A---- C:\windows\SYSWOW64\mssrch.dll
2014-11-21 10:49:53 ----A---- C:\windows\system32\MSAudDecMFT.dll
2014-11-21 10:49:52 ----A---- C:\windows\SYSWOW64\MSAudDecMFT.dll
2014-11-21 10:49:51 ----A---- C:\windows\system32\kd_02_10ec.dll
2014-11-21 10:49:50 ----A---- C:\windows\SYSWOW64\mssph.dll
2014-11-21 10:49:50 ----A---- C:\windows\system32\SearchIndexer.exe
2014-11-21 10:49:50 ----A---- C:\windows\system32\rsaenh.dll
2014-11-21 10:49:50 ----A---- C:\windows\system32\drivers\PEAuth.sys
2014-11-21 10:49:50 ----A---- C:\windows\system32\AudioSes.dll
2014-11-21 10:49:49 ----A---- C:\windows\SYSWOW64\SearchProtocolHost.exe
2014-11-21 10:49:49 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2014-11-21 10:49:49 ----A---- C:\windows\system32\Windows.Networking.dll
2014-11-21 10:49:49 ----A---- C:\windows\system32\SearchProtocolHost.exe
2014-11-21 10:49:49 ----A---- C:\windows\system32\mssph.dll
2014-11-21 10:49:49 ----A---- C:\windows\system32\dwmredir.dll
2014-11-21 10:49:49 ----A---- C:\windows\system32\conhost.exe
2014-11-21 10:49:49 ----A---- C:\windows\system32\AudioEng.dll
2014-11-21 10:49:48 ----A---- C:\windows\SYSWOW64\rsaenh.dll
2014-11-21 10:49:48 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2014-11-21 10:49:48 ----A---- C:\windows\system32\audiodg.exe
2014-11-21 10:49:47 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe
2014-11-21 10:49:47 ----A---- C:\windows\system32\wpncore.dll
2014-11-21 10:49:47 ----A---- C:\windows\system32\RecoveryDrive.exe
2014-11-21 10:49:46 ----A---- C:\windows\SYSWOW64\Windows.Networking.dll
2014-11-21 10:49:46 ----A---- C:\windows\SYSWOW64\rascfg.dll
2014-11-21 10:49:46 ----A---- C:\windows\system32\XpsGdiConverter.dll
2014-11-21 10:49:46 ----A---- C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-11-21 10:49:46 ----A---- C:\windows\system32\MFMediaEngine.dll
2014-11-21 10:49:46 ----A---- C:\windows\system32\ci.dll
2014-11-21 10:49:45 ----A---- C:\windows\SYSWOW64\mssvp.dll
2014-11-21 10:49:45 ----A---- C:\windows\SYSWOW64\MFMediaEngine.dll
2014-11-21 10:49:45 ----A---- C:\windows\system32\XpsRasterService.dll
2014-11-21 10:49:45 ----A---- C:\windows\system32\rascfg.dll
2014-11-21 10:49:45 ----A---- C:\windows\system32\mfreadwrite.dll
2014-11-21 10:49:45 ----A---- C:\windows\system32\fhengine.dll
2014-11-21 10:49:45 ----A---- C:\windows\system32\drivers\pdc.sys
2014-11-21 10:49:45 ----A---- C:\windows\system32\dmvdsitf.dll
2014-11-21 10:49:44 ----A---- C:\windows\SYSWOW64\XpsRasterService.dll
2014-11-21 10:49:44 ----A---- C:\windows\SYSWOW64\wscapi.dll
2014-11-21 10:49:44 ----A---- C:\windows\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2014-11-21 10:49:44 ----A---- C:\windows\SYSWOW64\SearchFilterHost.exe
2014-11-21 10:49:44 ----A---- C:\windows\SYSWOW64\Robocopy.exe
2014-11-21 10:49:44 ----A---- C:\windows\system32\SearchFilterHost.exe
2014-11-21 10:49:44 ----A---- C:\windows\system32\Robocopy.exe
2014-11-21 10:49:44 ----A---- C:\windows\system32\kdvm.dll
2014-11-21 10:49:44 ----A---- C:\windows\system32\iuilp.dll
2014-11-21 10:49:43 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll
2014-11-21 10:49:43 ----A---- C:\windows\SYSWOW64\mfreadwrite.dll
2014-11-21 10:49:43 ----A---- C:\windows\SYSWOW64\dmvdsitf.dll
2014-11-21 10:49:43 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2014-11-21 10:49:43 ----A---- C:\windows\system32\wscsvc.dll
2014-11-21 10:49:43 ----A---- C:\windows\system32\kdnet.dll
2014-11-21 10:49:43 ----A---- C:\windows\system32\drivers\wanarp.sys
2014-11-21 10:49:43 ----A---- C:\windows\system32\drivers\hidbth.sys
2014-11-21 10:49:43 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2014-11-21 10:49:42 ----A---- C:\windows\SYSWOW64\mssphtb.dll
2014-11-21 10:49:42 ----A---- C:\windows\SYSWOW64\fmifs.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\mssvp.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\mssprxy.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\mssphtb.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\msshooks.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\GenuineCenter.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\fmifs.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\fhsvc.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\fhsrchapi.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\fhevents.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\fhcfg.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\fhcat.dll
2014-11-21 10:49:42 ----A---- C:\windows\system32\drivers\ndproxy.sys
2014-11-21 10:49:42 ----A---- C:\windows\system32\drivers\hidi2c.sys
2014-11-21 10:49:41 ----A---- C:\windows\SYSWOW64\rasmxs.dll
2014-11-21 10:49:41 ----A---- C:\windows\SYSWOW64\rasdiag.dll
2014-11-21 10:49:41 ----A---- C:\windows\SYSWOW64\mssprxy.dll
2014-11-21 10:49:41 ----A---- C:\windows\SYSWOW64\mssitlb.dll
2014-11-21 10:49:41 ----A---- C:\windows\SYSWOW64\msshooks.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\rasmxs.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\rasdiag.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\mssitlb.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\msscntrs.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\fhtask.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\fhsrchph.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\fhshl.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\fhmanagew.exe
2014-11-21 10:49:41 ----A---- C:\windows\system32\fhlisten.dll
2014-11-21 10:49:41 ----A---- C:\windows\system32\fhcleanup.dll
2014-11-21 10:49:40 ----A---- C:\windows\SYSWOW64\rasser.dll
2014-11-21 10:49:40 ----A---- C:\windows\SYSWOW64\msscntrs.dll
2014-11-21 10:49:40 ----A---- C:\windows\system32\rasser.dll
2014-11-21 10:49:40 ----A---- C:\windows\system32\fhautoplay.dll
2014-11-21 10:49:39 ----A---- C:\windows\SYSWOW64\spwmp.dll
2014-11-21 10:49:39 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2014-11-21 10:49:39 ----A---- C:\windows\system32\spwmp.dll
2014-11-21 10:49:39 ----A---- C:\windows\system32\fhsvcctl.dll
2014-11-21 10:49:39 ----A---- C:\windows\system32\dxmasf.dll
2014-11-21 10:49:38 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2014-11-21 10:49:38 ----A---- C:\windows\system32\wmploc.DLL
2014-11-21 10:49:38 ----A---- C:\windows\system32\drivers\ndistapi.sys
2014-11-21 10:49:05 ----A---- C:\windows\SYSWOW64\msvcr120_clr0400.dll
2014-11-21 10:49:04 ----A---- C:\windows\system32\msvcr120_clr0400.dll
2014-11-21 10:48:09 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2014-11-21 10:48:09 ----A---- C:\windows\system32\oleaut32.dll
2014-11-21 10:48:05 ----A---- C:\windows\SYSWOW64\uxtheme.dll
2014-11-21 10:48:05 ----A---- C:\windows\SYSWOW64\UXInit.dll
2014-11-21 10:48:05 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-11-21 10:48:05 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2014-11-21 10:48:05 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-11-21 10:48:05 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-11-21 10:48:05 ----A---- C:\windows\system32\UXInit.dll
2014-11-21 10:48:05 ----A---- C:\windows\system32\urlmon.dll
2014-11-21 10:48:05 ----A---- C:\windows\system32\iesysprep.dll
2014-11-21 10:48:04 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-11-21 10:48:03 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-11-21 10:48:03 ----A---- C:\windows\system32\uxtheme.dll
2014-11-21 10:48:03 ----A---- C:\windows\system32\msfeeds.dll
2014-11-21 10:48:03 ----A---- C:\windows\system32\ie4uinit.exe
2014-11-21 10:48:02 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-11-21 10:48:02 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-11-21 10:48:02 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-11-21 10:48:02 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-11-21 10:48:02 ----A---- C:\windows\system32\iertutil.dll
2014-11-21 10:48:02 ----A---- C:\windows\system32\ieframe.dll
2014-11-21 10:48:02 ----A---- C:\windows\system32\iedkcs32.dll
2014-11-21 10:48:00 ----A---- C:\windows\system32\wininet.dll
2014-11-21 10:48:00 ----A---- C:\windows\system32\jscript.dll
2014-11-21 10:48:00 ----A---- C:\windows\system32\dxtrans.dll
2014-11-21 10:48:00 ----A---- C:\windows\system32\dxtmsft.dll
2014-11-21 10:47:59 ----A---- C:\windows\system32\mshtmled.dll
2014-11-21 10:47:58 ----A---- C:\windows\system32\mshtml.dll
2014-11-21 10:47:50 ----A---- C:\windows\SYSWOW64\jscript.dll
2014-11-21 10:47:49 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-11-21 10:47:49 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-11-21 10:47:49 ----A---- C:\windows\system32\jscript9.dll
2014-11-21 10:47:48 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-11-21 10:47:44 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-11-21 10:47:44 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-11-21 10:47:44 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-11-21 10:47:44 ----A---- C:\windows\system32\msrating.dll
2014-11-21 10:47:44 ----A---- C:\windows\system32\jsproxy.dll
2014-11-21 10:47:44 ----A---- C:\windows\system32\iesetup.dll
2014-11-21 10:47:44 ----A---- C:\windows\system32\iernonce.dll
2014-11-21 10:47:35 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2014-11-21 10:47:35 ----A---- C:\windows\system32\rpcrt4.dll
2014-11-21 10:46:57 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-11-21 10:46:57 ----A---- C:\windows\system32\winlogon.exe
2014-11-21 10:46:57 ----A---- C:\windows\system32\lsm.dll
2014-11-21 10:46:57 ----A---- C:\windows\system32\lsasrv.dll
2014-11-21 10:46:57 ----A---- C:\windows\system32\kerberos.dll
2014-11-21 10:46:57 ----A---- C:\windows\system32\drivers\cng.sys
2014-11-21 10:46:56 ----A---- C:\windows\SYSWOW64\usercpl.dll
2014-11-21 10:46:56 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-11-21 10:46:56 ----A---- C:\windows\system32\usercpl.dll
2014-11-21 10:46:56 ----A---- C:\windows\system32\SHCore.dll
2014-11-21 10:46:56 ----A---- C:\windows\system32\msv1_0.dll
2014-11-21 10:46:55 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-11-21 10:46:55 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-11-21 10:46:55 ----A---- C:\windows\SYSWOW64\SHCore.dll
2014-11-21 10:46:55 ----A---- C:\windows\SYSWOW64\pku2u.dll
2014-11-21 10:46:55 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-11-21 10:46:55 ----A---- C:\windows\system32\workerdd.dll
2014-11-21 10:46:55 ----A---- C:\windows\system32\wdigest.dll
2014-11-21 10:46:55 ----A---- C:\windows\system32\TSpkg.dll
2014-11-21 10:46:55 ----A---- C:\windows\system32\pku2u.dll
2014-11-21 10:46:55 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-11-21 10:46:55 ----A---- C:\windows\system32\credssp.dll
2014-11-21 10:46:30 ----A---- C:\windows\SYSWOW64\msvcp120_clr0400.dll
2014-11-21 10:46:30 ----A---- C:\windows\system32\msvcp120_clr0400.dll
2014-11-21 10:46:17 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-11-21 10:46:16 ----A---- C:\windows\system32\dnsapi.dll
2014-11-21 10:46:15 ----A---- C:\windows\SYSWOW64\WsmSvc.dll
2014-11-21 10:46:15 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2014-11-21 10:46:15 ----A---- C:\windows\system32\WsmSvc.dll
2014-11-21 10:46:15 ----A---- C:\windows\system32\drivers\Classpnp.sys
2014-11-21 10:46:12 ----A---- C:\windows\system32\dnsrslvr.dll
2014-11-21 10:46:11 ----A---- C:\windows\system32\WsmWmiPl.dll
2014-11-21 10:46:10 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll
2014-11-21 10:46:10 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2014-11-21 10:46:10 ----A---- C:\windows\SYSWOW64\FXSCOMEX.dll
2014-11-21 10:46:10 ----A---- C:\windows\SYSWOW64\FXSAPI.dll
2014-11-21 10:46:10 ----A---- C:\windows\system32\rpchttp.dll
2014-11-21 10:46:10 ----A---- C:\windows\system32\FXST30.dll
2014-11-21 10:46:10 ----A---- C:\windows\system32\FXSCOMEX.dll
2014-11-21 10:46:09 ----A---- C:\windows\system32\FXSTIFF.dll
2014-11-21 10:46:09 ----A---- C:\windows\system32\FXSAPI.dll
2014-11-21 10:46:00 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2014-11-21 10:46:00 ----A---- C:\windows\system32\cdd.dll
2014-11-21 10:45:59 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-11-21 10:45:59 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-11-21 10:45:49 ----A---- C:\windows\system32\Windows.UI.Xaml.dll
2014-11-21 10:45:45 ----A---- C:\windows\SYSWOW64\Windows.UI.Xaml.dll
2014-11-21 10:45:43 ----A---- C:\windows\system32\sysmain.dll
2014-11-21 10:45:43 ----A---- C:\windows\system32\drivers\rdbss.sys
2014-11-21 10:45:43 ----A---- C:\windows\system32\AppXDeploymentServer.dll
2014-11-21 10:45:42 ----A---- C:\windows\system32\VSSVC.exe
2014-11-21 10:45:42 ----A---- C:\windows\system32\ubpm.dll
2014-11-21 10:45:42 ----A---- C:\windows\system32\BCP47Langs.dll
2014-11-21 10:45:41 ----A---- C:\windows\SYSWOW64\ubpm.dll
2014-11-21 10:45:41 ----A---- C:\windows\SYSWOW64\BCP47Langs.dll
2014-11-21 10:45:41 ----A---- C:\windows\system32\netprofmsvc.dll
2014-11-21 10:45:41 ----A---- C:\windows\system32\netprofm.dll
2014-11-21 10:45:39 ----A---- C:\windows\system32\mfmp4srcsnk.dll
2014-11-21 10:45:38 ----A---- C:\windows\SYSWOW64\mfmp4srcsnk.dll
2014-11-21 10:45:38 ----A---- C:\windows\system32\taskhost.exe
2014-11-21 10:45:38 ----A---- C:\windows\system32\stobject.dll
2014-11-21 10:45:38 ----A---- C:\windows\system32\psmsrv.dll
2014-11-21 10:45:38 ----A---- C:\windows\system32\netplwiz.dll
2014-11-21 10:45:38 ----A---- C:\windows\system32\Magnify.exe
2014-11-21 10:45:38 ----A---- C:\windows\system32\bisrv.dll
2014-11-21 10:45:38 ----A---- C:\windows\system32\AppXDeploymentExtensions.dll
2014-11-21 10:45:37 ----A---- C:\windows\SYSWOW64\stobject.dll
2014-11-21 10:45:37 ----A---- C:\windows\SYSWOW64\netplwiz.dll
2014-11-21 10:45:37 ----A---- C:\windows\system32\drivers\spaceport.sys
2014-11-21 10:45:37 ----A---- C:\windows\system32\DevicePairing.dll
2014-11-21 10:45:36 ----A---- C:\windows\SYSWOW64\Magnify.exe
2014-11-21 10:45:36 ----A---- C:\windows\system32\taskhostex.exe
2014-11-21 10:45:36 ----A---- C:\windows\system32\AuthHost.exe
2014-11-21 10:45:35 ----A---- C:\windows\SYSWOW64\netprofm.dll
2014-11-21 10:45:35 ----A---- C:\windows\SYSWOW64\DevicePairing.dll
2014-11-21 10:45:35 ----A---- C:\windows\SYSWOW64\biwinrt.dll
2014-11-21 10:45:35 ----A---- C:\windows\system32\drivers\hidusb.sys
2014-11-21 10:45:35 ----A---- C:\windows\system32\biwinrt.dll
2014-11-21 10:45:33 ----A---- C:\windows\SYSWOW64\npmproxy.dll
2014-11-21 10:45:33 ----A---- C:\windows\SYSWOW64\muifontsetup.dll
2014-11-21 10:45:33 ----A---- C:\windows\system32\muifontsetup.dll
2014-11-21 10:45:32 ----A---- C:\windows\SYSWOW64\nlmsprep.dll
2014-11-21 10:45:32 ----A---- C:\windows\SYSWOW64\nlmproxy.dll
2014-11-21 10:44:12 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2014-11-21 10:44:12 ----A---- C:\windows\SYSWOW64\certutil.exe
2014-11-21 10:44:12 ----A---- C:\windows\system32\cryptnet.dll
2014-11-21 10:44:12 ----A---- C:\windows\system32\certutil.exe
2014-11-21 10:43:36 ----A---- C:\windows\system32\appinfo.dll
2014-11-21 10:43:35 ----A---- C:\windows\system32\consent.exe
2014-11-21 10:43:26 ----A---- C:\windows\system32\drivers\afd.sys
2014-11-21 10:43:21 ----A---- C:\windows\SYSWOW64\msxml6.dll
2014-11-21 10:43:21 ----A---- C:\windows\system32\msxml6.dll
2014-11-21 10:43:20 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2014-11-21 10:43:20 ----A---- C:\windows\system32\msxml6r.dll
2014-11-21 10:43:02 ----A---- C:\windows\SYSWOW64\mfasfsrcsnk.dll
2014-11-21 10:43:02 ----A---- C:\windows\system32\mfasfsrcsnk.dll
2014-11-21 10:43:01 ----A---- C:\windows\system32\wmpmde.dll
2014-11-21 10:43:00 ----A---- C:\windows\system32\winmde.dll
2014-11-21 10:43:00 ----A---- C:\windows\system32\Windows.Globalization.dll
2014-11-21 10:42:59 ----A---- C:\windows\SYSWOW64\netcfgx.dll
2014-11-21 10:42:59 ----A---- C:\windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-11-21 10:42:59 ----A---- C:\windows\system32\TimeBrokerServer.dll
2014-11-21 10:42:59 ----A---- C:\windows\system32\SystemEventsBrokerServer.dll
2014-11-21 10:42:59 ----A---- C:\windows\system32\drivers\storport.sys
2014-11-21 10:42:56 ----A---- C:\windows\SYSWOW64\winmde.dll
2014-11-21 10:42:56 ----A---- C:\windows\SYSWOW64\Windows.Globalization.dll
2014-11-21 10:42:56 ----A---- C:\windows\system32\wpdbusenum.dll
2014-11-21 10:42:56 ----A---- C:\windows\system32\SettingSync.dll
2014-11-21 10:42:56 ----A---- C:\windows\system32\drvstore.dll
2014-11-21 10:42:55 ----A---- C:\windows\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2014-11-21 10:42:55 ----A---- C:\windows\SYSWOW64\drvstore.dll
2014-11-21 10:42:55 ----A---- C:\windows\system32\usbmon.dll
2014-11-21 10:42:55 ----A---- C:\windows\system32\netcfgx.dll
2014-11-21 10:42:54 ----A---- C:\windows\system32\drivers\vhdmp.sys
2014-11-21 10:42:54 ----A---- C:\windows\system32\drivers\sdbus.sys
2014-11-21 10:42:53 ----A---- C:\windows\SYSWOW64\SettingSync.dll
2014-11-21 10:42:53 ----A---- C:\windows\system32\NdisImPlatform.dll
2014-11-21 10:42:53 ----A---- C:\windows\system32\drivers\tpm.sys
2014-11-21 10:42:53 ----A---- C:\windows\system32\drivers\storahci.sys
2014-11-21 10:42:53 ----A---- C:\windows\system32\drivers\dumpsd.sys
2014-11-21 10:42:53 ----A---- C:\windows\system32\discan.dll
2014-11-21 10:42:53 ----A---- C:\windows\system32\DevDispItemProvider.dll
2014-11-21 10:42:52 ----A---- C:\windows\SYSWOW64\SettingSyncInfo.dll
2014-11-21 10:42:52 ----A---- C:\windows\system32\WSDPrintProxy.DLL
2014-11-21 10:42:51 ----A---- C:\windows\SYSWOW64\DevDispItemProvider.dll
2014-11-21 10:42:51 ----A---- C:\windows\system32\SettingSyncInfo.dll
2014-11-21 10:42:51 ----A---- C:\windows\system32\drivers\mouhid.sys
2014-11-21 10:42:51 ----A---- C:\windows\system32\drivers\monitor.sys
2014-11-21 10:42:16 ----A---- C:\windows\SYSWOW64\mstscax.dll
2014-11-21 10:42:16 ----A---- C:\windows\system32\mstscax.dll
2014-11-21 10:42:15 ----A---- C:\windows\SYSWOW64\mstsc.exe
2014-11-21 10:42:15 ----A---- C:\windows\system32\termsrv.dll
2014-11-21 10:42:15 ----A---- C:\windows\system32\mstsc.exe
2014-11-21 10:42:14 ----A---- C:\windows\SYSWOW64\winsta.dll
2014-11-21 10:42:14 ----A---- C:\windows\SYSWOW64\aaclient.dll
2014-11-21 10:42:14 ----A---- C:\windows\system32\winsta.dll
2014-11-21 10:42:03 ----A---- C:\windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2014-11-21 10:41:51 ----A---- C:\windows\system32\shell32.dll
2014-11-21 10:41:50 ----A---- C:\windows\SYSWOW64\shell32.dll
2014-11-21 10:41:36 ----A---- C:\windows\system32\sppsvc.exe
2014-11-21 10:41:34 ----A---- C:\windows\system32\WSService.dll
2014-11-21 10:41:33 ----A---- C:\windows\system32\sppobjs.dll
2014-11-21 10:41:32 ----A---- C:\windows\SYSWOW64\sppc.dll
2014-11-21 10:41:32 ----A---- C:\windows\system32\sppwinob.dll
2014-11-21 10:41:32 ----A---- C:\windows\system32\sppc.dll
2014-11-21 10:41:31 ----A---- C:\windows\SYSWOW64\WSSync.dll
2014-11-21 10:41:31 ----A---- C:\windows\system32\WSSync.dll
2014-11-21 10:41:31 ----A---- C:\windows\system32\drivers\dam.sys
2014-11-21 10:41:30 ----A---- C:\windows\SYSWOW64\WSClient.dll
2014-11-21 10:41:30 ----A---- C:\windows\system32\WSClient.dll
2014-11-21 10:41:29 ----A---- C:\windows\SYSWOW64\OEMLicense.dll
2014-11-21 10:41:29 ----A---- C:\windows\system32\setupcln.dll
2014-11-21 10:41:28 ----A---- C:\windows\SYSWOW64\setupcln.dll
2014-11-21 10:41:28 ----A---- C:\windows\system32\OEMLicense.dll
2014-11-21 10:40:42 ----A---- C:\windows\SYSWOW64\duser.dll
2014-11-21 10:40:41 ----A---- C:\windows\system32\wlroamextension.dll
2014-11-21 10:40:41 ----A---- C:\windows\system32\ncsi.dll
2014-11-21 10:40:41 ----A---- C:\windows\system32\duser.dll
2014-11-21 10:40:41 ----A---- C:\windows\system32\drivers\ndis.sys
2014-11-21 10:40:40 ----A---- C:\windows\SYSWOW64\wlroamextension.dll
2014-11-21 10:40:40 ----A---- C:\windows\SYSWOW64\Windows.Networking.Connectivity.dll
2014-11-21 10:40:40 ----A---- C:\windows\system32\WWanAPI.dll
2014-11-21 10:40:40 ----A---- C:\windows\system32\Windows.Networking.Connectivity.dll
2014-11-21 10:40:40 ----A---- C:\windows\system32\hotspotauth.dll
2014-11-21 10:40:40 ----A---- C:\windows\system32\drivers\ntfs.sys
2014-11-21 10:40:40 ----A---- C:\windows\system32\drivers\ks.sys
2014-11-21 10:40:40 ----A---- C:\windows\system32\drivers\BthAvrcpTg.sys
2014-11-21 10:40:39 ----A---- C:\windows\SYSWOW64\WWanAPI.dll
2014-11-21 10:40:39 ----A---- C:\windows\SYSWOW64\mbsmsapi.dll
2014-11-21 10:40:39 ----A---- C:\windows\system32\tasklist.exe
2014-11-21 10:40:39 ----A---- C:\windows\system32\taskkill.exe
2014-11-21 10:40:39 ----A---- C:\windows\system32\mbsmsapi.dll
2014-11-21 10:40:38 ----A---- C:\windows\SYSWOW64\tasklist.exe
2014-11-21 10:40:38 ----A---- C:\windows\SYSWOW64\taskkill.exe
2014-11-21 10:40:38 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2014-11-21 10:40:38 ----A---- C:\windows\system32\wpd_ci.dll
2014-11-21 10:40:38 ----A---- C:\windows\system32\wersvc.dll
2014-11-21 10:40:38 ----A---- C:\windows\system32\nlasvc.dll
2014-11-21 10:40:38 ----A---- C:\windows\system32\nlaapi.dll
2014-11-21 10:40:38 ----A---- C:\windows\system32\drivers\crashdmp.sys
2014-11-21 10:40:37 ----A---- C:\windows\system32\drivers\BthhfHid.sys
2014-11-21 10:40:37 ----A---- C:\windows\system32\drivers\BtaMPM.sys
2014-11-21 10:40:27 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2014-11-21 10:40:24 ----A---- C:\windows\SYSWOW64\wintrust.dll
2014-11-21 10:40:24 ----A---- C:\windows\SYSWOW64\apprepsync.dll
2014-11-21 10:40:24 ----A---- C:\windows\SYSWOW64\apprepapi.dll
2014-11-21 10:40:24 ----A---- C:\windows\system32\wintrust.dll
2014-11-21 10:40:24 ----A---- C:\windows\system32\cryptsvc.dll
2014-11-21 10:40:24 ----A---- C:\windows\system32\apprepsync.dll
2014-11-21 10:40:24 ----A---- C:\windows\system32\apprepapi.dll
2014-11-21 10:40:14 ----A---- C:\windows\SYSWOW64\lpk.dll
2014-11-21 10:40:14 ----A---- C:\windows\SYSWOW64\fontsub.dll
2014-11-21 10:40:14 ----A---- C:\windows\SYSWOW64\dciman32.dll
2014-11-21 10:40:14 ----A---- C:\windows\SYSWOW64\atmlib.dll
2014-11-21 10:40:14 ----A---- C:\windows\SYSWOW64\atmfd.dll
2014-11-21 10:40:14 ----A---- C:\windows\system32\lpk.dll
2014-11-21 10:40:14 ----A---- C:\windows\system32\fontsub.dll
2014-11-21 10:40:14 ----A---- C:\windows\system32\dciman32.dll
2014-11-21 10:40:14 ----A---- C:\windows\system32\atmlib.dll
2014-11-21 10:40:14 ----A---- C:\windows\system32\atmfd.dll
2014-11-21 10:40:11 ----A---- C:\windows\SYSWOW64\osk.exe
2014-11-21 10:40:11 ----A---- C:\windows\system32\osk.exe
2014-11-21 10:39:48 ----A---- C:\windows\system32\InkEd.dll
2014-11-21 10:39:45 ----A---- C:\windows\SYSWOW64\crypt32.dll
2014-11-21 10:39:45 ----A---- C:\windows\system32\crypt32.dll
2014-11-21 10:38:11 ----A---- C:\windows\SYSWOW64\cryptdlg.dll
2014-11-21 10:38:11 ----A---- C:\windows\system32\cryptdlg.dll
2014-11-21 10:37:50 ----A---- C:\windows\system32\msvcr100_clr0400.dll
2014-11-21 10:37:48 ----A---- C:\windows\SYSWOW64\msvcr100_clr0400.dll
2014-11-21 10:35:28 ----A---- C:\windows\system32\wlidsvc.dll
2014-11-21 10:35:28 ----A---- C:\windows\system32\msctf.dll
2014-11-21 10:35:28 ----A---- C:\windows\system32\mmc.exe
2014-11-21 10:35:27 ----A---- C:\windows\SYSWOW64\msctf.dll
2014-11-21 10:35:27 ----A---- C:\windows\SYSWOW64\mmc.exe
2014-11-21 10:35:25 ----A---- C:\windows\system32\setupapi.dll
2014-11-21 10:35:24 ----A---- C:\windows\SYSWOW64\setupapi.dll
2014-11-21 10:35:24 ----A---- C:\windows\system32\WSDMon.dll
2014-11-21 10:35:24 ----A---- C:\windows\system32\Windows.Media.dll
2014-11-21 10:35:24 ----A---- C:\windows\system32\iphlpsvc.dll
2014-11-21 10:35:24 ----A---- C:\windows\system32\drivers\partmgr.sys
2014-11-21 10:35:24 ----A---- C:\windows\system32\drivers\msgpiowin32.sys
2014-11-21 10:35:24 ----A---- C:\windows\system32\drivers\HdAudio.sys
2014-11-21 10:35:23 ----A---- C:\windows\SYSWOW64\Windows.Media.dll
2014-11-21 10:35:23 ----A---- C:\windows\SYSWOW64\wiaacmgr.exe
2014-11-21 10:35:23 ----A---- C:\windows\system32\wiaacmgr.exe
2014-11-21 10:35:23 ----A---- C:\windows\system32\samsrv.dll
2014-11-21 10:35:23 ----A---- C:\windows\system32\MP4SDECD.DLL
2014-11-21 10:35:23 ----A---- C:\windows\system32\inetpp.dll
2014-11-21 10:35:22 ----A---- C:\windows\SYSWOW64\samlib.dll
2014-11-21 10:35:22 ----A---- C:\windows\SYSWOW64\MP4SDECD.DLL
2014-11-21 10:35:22 ----A---- C:\windows\system32\ncbservice.dll
2014-11-21 10:35:22 ----A---- C:\windows\system32\httpprxm.dll
2014-11-21 10:35:22 ----A---- C:\windows\system32\adhsvc.dll
2014-11-21 10:35:22 ----A---- C:\windows\system32\adhapi.dll
2014-11-21 10:35:21 ----A---- C:\windows\system32\keepaliveprovider.dll
2014-11-21 10:35:21 ----A---- C:\windows\system32\httpprxp.dll
2014-11-21 10:35:01 ----A---- C:\windows\SYSWOW64\twinui.dll
2014-11-21 10:35:01 ----A---- C:\windows\system32\twinui.dll
2014-11-21 10:34:58 ----A---- C:\windows\SYSWOW64\msi.dll
2014-11-21 10:34:58 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2014-11-21 10:34:58 ----A---- C:\windows\system32\msi.dll
2014-11-21 10:34:58 ----A---- C:\windows\system32\authui.dll
2014-11-21 10:34:58 ----A---- C:\windows\system32\actxprxy.dll
2014-11-21 10:34:57 ----A---- C:\windows\SYSWOW64\msihnd.dll
2014-11-21 10:34:57 ----A---- C:\windows\SYSWOW64\authui.dll
2014-11-21 10:34:57 ----A---- C:\windows\system32\msihnd.dll
2014-11-21 10:34:47 ----A---- C:\windows\system32\msmpeg2vdec.dll
2014-11-21 10:34:46 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2014-11-21 10:34:42 ----A---- C:\windows\system32\wuaueng.dll
2014-11-21 10:34:39 ----A---- C:\windows\SYSWOW64\wuapi.dll
2014-11-21 10:34:39 ----A---- C:\windows\system32\wudriver.dll
2014-11-21 10:34:39 ----A---- C:\windows\system32\wucltux.dll
2014-11-21 10:34:39 ----A---- C:\windows\system32\wuauclt.exe
2014-11-21 10:34:39 ----A---- C:\windows\system32\wuapi.dll
2014-11-21 10:34:38 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2014-11-21 10:34:38 ----A---- C:\windows\SYSWOW64\wudriver.dll
2014-11-21 10:34:38 ----A---- C:\windows\SYSWOW64\wuapp.exe
2014-11-21 10:34:38 ----A---- C:\windows\system32\wuwebv.dll
2014-11-21 10:34:38 ----A---- C:\windows\system32\WUSettingsProvider.dll
2014-11-21 10:34:38 ----A---- C:\windows\system32\wuapp.exe
2014-11-21 10:34:38 ----A---- C:\windows\system32\wuaext.dll
2014-11-21 10:34:38 ----A---- C:\windows\system32\storewuauth.dll
2014-11-21 10:34:11 ----A---- C:\windows\SYSWOW64\shdocvw.dll
2014-11-21 10:34:11 ----A---- C:\windows\system32\shdocvw.dll
2014-11-21 10:33:32 ----A---- C:\windows\system32\drivers\WdFilter.sys
2014-11-21 10:33:32 ----A---- C:\windows\system32\drivers\WdBoot.sys
2014-11-21 10:33:22 ----A---- C:\windows\SYSWOW64\d3d11.dll
2014-11-21 10:33:22 ----A---- C:\windows\system32\d3d11.dll
2014-11-21 10:33:14 ----A---- C:\windows\system32\ntoskrnl.exe
2014-11-21 10:33:13 ----A---- C:\windows\system32\KernelBase.dll
2014-11-21 10:33:11 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2014-11-21 10:33:11 ----A---- C:\windows\system32\sspicli.dll
2014-11-21 10:33:11 ----A---- C:\windows\system32\objsel.dll
2014-11-21 10:33:10 ----A---- C:\windows\SYSWOW64\objsel.dll
2014-11-21 10:33:10 ----A---- C:\windows\system32\drivers\ksecdd.sys
2014-11-21 10:33:10 ----A---- C:\windows\system32\dpapisrv.dll
2014-11-21 10:33:07 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-11-21 10:33:07 ----A---- C:\windows\SYSWOW64\dimsroam.dll
2014-11-21 10:33:07 ----A---- C:\windows\system32\sspisrv.dll
2014-11-21 10:33:07 ----A---- C:\windows\system32\lsass.exe
2014-11-21 10:33:07 ----A---- C:\windows\system32\dimsroam.dll
2014-11-21 10:32:34 ----A---- C:\windows\SYSWOW64\msdrm.dll
2014-11-21 10:32:34 ----A---- C:\windows\system32\msdrm.dll
2014-11-21 10:31:33 ----A---- C:\windows\system32\gdi32.dll
2014-11-21 10:31:32 ----A---- C:\windows\SYSWOW64\gdi32.dll
2014-11-21 10:30:50 ----A---- C:\windows\SYSWOW64\ReAgent.dll
2014-11-21 10:30:50 ----A---- C:\windows\system32\sysreset.exe
2014-11-21 10:30:50 ----A---- C:\windows\system32\resetengmig.dll
2014-11-21 10:30:50 ----A---- C:\windows\system32\reseteng.dll
2014-11-21 10:30:50 ----A---- C:\windows\system32\ReAgent.dll
2014-11-21 10:30:47 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2014-11-21 10:30:47 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-11-21 10:30:44 ----A---- C:\windows\SYSWOW64\esent.dll
2014-11-21 10:30:43 ----A---- C:\windows\system32\esent.dll
2014-11-21 10:30:41 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2014-11-21 10:30:41 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2014-11-21 10:30:40 ----A---- C:\windows\SYSWOW64\comctl32.dll
2014-11-21 10:30:40 ----A---- C:\windows\system32\comctl32.dll
2014-11-21 10:30:30 ----A---- C:\windows\SYSWOW64\synceng.dll
2014-11-21 10:30:30 ----A---- C:\windows\system32\synceng.dll
2014-11-21 10:30:27 ----A---- C:\windows\system32\dpnet.dll
2014-11-21 10:30:24 ----A---- C:\windows\SYSWOW64\dpnet.dll
2014-11-21 10:30:23 ----A---- C:\windows\SYSWOW64\dpnsvr.exe
2014-11-21 10:30:23 ----A---- C:\windows\SYSWOW64\dpnathlp.dll
2014-11-21 10:30:23 ----A---- C:\windows\system32\dpnsvr.exe
2014-11-21 10:30:22 ----A---- C:\windows\SYSWOW64\dpnlobby.dll
2014-11-21 10:30:22 ----A---- C:\windows\SYSWOW64\dpnhupnp.dll
2014-11-21 10:30:22 ----A---- C:\windows\SYSWOW64\dpnhpast.dll
2014-11-21 10:30:22 ----A---- C:\windows\SYSWOW64\dpnaddr.dll
2014-11-21 10:30:22 ----A---- C:\windows\system32\dpnlobby.dll
2014-11-21 10:30:22 ----A---- C:\windows\system32\dpnhupnp.dll
2014-11-21 10:30:22 ----A---- C:\windows\system32\dpnhpast.dll
2014-11-21 10:30:22 ----A---- C:\windows\system32\dpnathlp.dll
2014-11-21 10:30:22 ----A---- C:\windows\system32\dpnaddr.dll
2014-11-21 10:29:05 ----A---- C:\windows\system32\drivers\http.sys
2014-11-21 10:28:49 ----A---- C:\windows\SYSWOW64\ReAgentc.exe
2014-11-21 10:28:49 ----A---- C:\windows\system32\ReAgentc.exe
2014-11-21 10:28:33 ----A---- C:\windows\SYSWOW64\msieftp.dll
2014-11-21 10:28:33 ----A---- C:\windows\system32\msieftp.dll
2014-11-21 10:28:23 ----A---- C:\windows\SYSWOW64\tzres.dll
2014-11-21 10:28:23 ----A---- C:\windows\system32\tzres.dll
2014-11-21 10:27:44 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2014-11-21 10:27:43 ----A---- C:\windows\system32\WMPhoto.dll
2014-11-21 10:27:06 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-11-21 10:27:06 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-11-21 10:27:06 ----A---- C:\windows\system32\msxml3r.dll
2014-11-21 10:27:06 ----A---- C:\windows\system32\msxml3.dll
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbuhci.sys
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbport.sys
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbohci.sys
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbhub.sys
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbehci.sys
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbd.sys
2014-11-21 10:26:48 ----A---- C:\windows\system32\drivers\usbccgp.sys
2014-11-21 10:25:53 ----A---- C:\windows\SYSWOW64\kernel32.dll
2014-11-21 10:25:53 ----A---- C:\windows\system32\kernel32.dll
2014-11-21 10:25:51 ----A---- C:\windows\SYSWOW64\DWrite.dll
2014-11-21 10:25:51 ----A---- C:\windows\system32\DWrite.dll
2014-11-21 10:20:54 ----A---- C:\windows\system32\d2d1.dll
2014-11-21 10:20:53 ----A---- C:\windows\SYSWOW64\d2d1.dll
2014-11-21 10:20:38 ----A---- C:\windows\system32\audiosrv.dll
2014-11-21 10:20:38 ----A---- C:\windows\system32\AUDIOKSE.dll
2014-11-21 10:20:38 ----A---- C:\windows\system32\AudioEndpointBuilder.dll
2014-11-21 10:20:37 ----A---- C:\windows\system32\EncDump.dll
2014-11-21 10:15:10 ----A---- C:\windows\system32\drivers\usb8023.sys
2014-11-21 10:06:31 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2014-11-21 10:06:30 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2014-11-21 10:06:29 ----A---- C:\windows\system32\nshwfp.dll
2014-11-21 10:06:29 ----A---- C:\windows\system32\IKEEXT.DLL
2014-11-21 10:06:29 ----A---- C:\windows\system32\FWPUCLNT.DLL
2014-11-21 10:06:29 ----A---- C:\windows\system32\drivers\wfplwfs.sys
2014-11-21 10:06:29 ----A---- C:\windows\system32\BFE.DLL
2014-11-21 10:03:51 ----A---- C:\windows\system32\devinv.dll
2014-11-21 10:03:51 ----A---- C:\windows\system32\aepic.dll
2014-11-21 10:03:51 ----A---- C:\windows\system32\aepdu.dll
2014-11-21 10:03:50 ----A---- C:\windows\system32\generaltel.dll
2014-11-21 10:03:50 ----A---- C:\windows\system32\aeinv.dll
2014-11-21 10:03:43 ----D---- C:\Program Files\Microsoft Silverlight
2014-11-21 10:03:43 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-11-21 10:00:13 ----A---- C:\windows\system32\netcfg-111484.txt
2014-11-21 09:58:06 ----A---- C:\windows\system32\netcfg-73086250.txt
2014-11-21 09:48:03 ----A---- C:\windows\system32\netcfg-72482812.txt
2014-11-21 09:48:03 ----A---- C:\windows\system32\drivers\sfi.dat
2014-11-21 09:48:00 ----A---- C:\windows\system32\netcfg-72479828.txt
2014-11-21 09:47:54 ----A---- C:\windows\system32\netcfg-72474484.txt
2014-11-21 09:47:37 ----D---- C:\ProgramData\Shared Space
2014-11-21 09:46:46 ----D---- C:\Program Files\COMODO
2014-11-21 09:46:04 ----D---- C:\ProgramData\Comodo Downloader
2014-11-21 09:45:42 ----D---- C:\ProgramData\Comodo
2014-11-21 09:41:58 ----A---- C:\windows\system32\netcfg-72118656.txt
2014-11-21 09:41:58 ----A---- C:\windows\system32\netcfg-72118609.txt
2014-11-21 09:41:52 ----A---- C:\windows\system32\netcfg-72112140.txt
2014-11-21 09:41:30 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2014-11-21 09:41:30 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2014-11-21 09:41:25 ----A---- C:\windows\system32\netcfg-72085296.txt
2014-11-20 16:30:40 ----A---- C:\windows\SYSWOW64\untfs.dll
2014-11-20 16:30:40 ----A---- C:\windows\SYSWOW64\autochk.exe
2014-11-20 16:30:40 ----A---- C:\windows\system32\untfs.dll
2014-11-20 16:30:40 ----A---- C:\windows\system32\autochk.exe
2014-11-20 16:30:39 ----A---- C:\windows\SYSWOW64\scrrun.dll
2014-11-20 16:30:39 ----A---- C:\windows\SYSWOW64\scrobj.dll
2014-11-20 16:30:39 ----A---- C:\windows\SYSWOW64\cscript.exe
2014-11-20 16:30:39 ----A---- C:\windows\system32\scrrun.dll
2014-11-20 16:30:39 ----A---- C:\windows\system32\scrobj.dll
2014-11-20 16:30:39 ----A---- C:\windows\system32\cscript.exe
2014-11-20 16:30:36 ----A---- C:\windows\system32\drivers\portcls.sys
2014-11-20 16:30:35 ----A---- C:\windows\system32\SysFxUI.dll
2014-11-20 16:30:35 ----A---- C:\windows\system32\drivers\drmkaud.sys
2014-11-20 16:30:35 ----A---- C:\windows\system32\drivers\drmk.sys
2014-11-20 16:29:51 ----A---- C:\windows\SYSWOW64\packager.dll
2014-11-20 16:29:51 ----A---- C:\windows\system32\packager.dll
2014-11-20 16:29:50 ----A---- C:\windows\system32\schedsvc.dll
2014-11-20 16:29:41 ----A---- C:\windows\system32\qedit.dll
2014-11-20 16:29:41 ----A---- C:\windows\system32\pcasvc.dll
2014-11-20 16:29:41 ----A---- C:\windows\system32\pcalua.exe
2014-11-20 16:29:41 ----A---- C:\windows\system32\pcaevts.dll
2014-11-20 16:29:41 ----A---- C:\windows\system32\pcadm.dll
2014-11-20 16:29:40 ----A---- C:\windows\SYSWOW64\qedit.dll
2014-11-20 16:29:02 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2014-11-20 16:29:02 ----A---- C:\windows\system32\imagehlp.dll
2014-11-20 16:28:52 ----A---- C:\windows\system32\drivers\hidclass.sys
2014-11-20 16:28:51 ----A---- C:\windows\system32\drivers\usbscan.sys
2014-11-20 16:28:51 ----A---- C:\windows\system32\drivers\usbprint.sys
2014-11-20 16:28:51 ----A---- C:\windows\system32\drivers\hidparse.sys
2014-11-20 16:28:40 ----A---- C:\windows\SYSWOW64\rastls.dll
2014-11-20 16:28:40 ----A---- C:\windows\system32\rastls.dll
2014-11-20 16:28:39 ----A---- C:\windows\system32\drivers\usbvideo.sys
2014-11-20 16:28:39 ----A---- C:\windows\system32\drivers\usbcir.sys
2014-11-20 16:28:36 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2014-11-20 16:28:36 ----A---- C:\windows\system32\GdiPlus.dll
2014-11-20 16:28:36 ----A---- C:\windows\system32\drivers\USBXHCI.SYS
2014-11-20 16:28:36 ----A---- C:\windows\system32\drivers\USBHUB3.SYS
2014-11-20 16:28:36 ----A---- C:\windows\system32\drivers\UCX01000.SYS
2014-11-20 16:19:52 ----A---- C:\windows\SYSWOW64\wups.dll
2014-11-20 16:19:51 ----A---- C:\windows\system32\wushareduxresources.dll
2014-11-20 16:19:51 ----A---- C:\windows\system32\wups2.dll
2014-11-20 16:19:51 ----A---- C:\windows\system32\wups.dll
2014-11-20 15:56:22 ----A---- C:\windows\system32\netcfg-8186171.txt
2014-11-20 15:56:19 ----A---- C:\windows\system32\netcfg-8183062.txt
2014-11-20 15:56:19 ----A---- C:\windows\system32\netcfg-8182984.txt
2014-11-20 15:54:52 ----A---- C:\windows\system32\netcfg-8096062.txt
2014-11-20 15:53:51 ----A---- C:\windows\system32\netcfg-8034796.txt
2014-11-20 15:53:49 ----A---- C:\windows\system32\netcfg-8032312.txt
2014-11-20 15:53:39 ----A---- C:\windows\system32\netcfg-8022687.txt
2014-11-20 15:53:36 ----A---- C:\windows\system32\netcfg-8019656.txt
2014-11-20 15:53:07 ----A---- C:\windows\system32\netcfg-7990390.txt
2014-11-20 15:53:06 ----A---- C:\windows\system32\netcfg-7989828.txt
2014-11-20 15:52:04 ----A---- C:\windows\system32\netcfg-7927781.txt
2014-11-20 15:00:30 ----A---- C:\windows\system32\netcfg-4836343.txt
2014-11-20 15:00:12 ----A---- C:\windows\system32\netcfg-4818359.txt
2014-11-20 15:00:12 ----A---- C:\windows\system32\netcfg-4818328.txt
2014-11-20 15:00:12 ----A---- C:\windows\system32\netcfg-4818281.txt
2014-11-20 15:00:12 ----A---- C:\windows\system32\netcfg-4817703.txt
2014-11-20 14:45:40 ----A---- C:\windows\system32\netcfg-3946562.txt
2014-11-20 14:45:40 ----A---- C:\windows\system32\netcfg-3946546.txt
2014-11-20 14:45:40 ----A---- C:\windows\system32\netcfg-3946500.txt
2014-11-20 14:45:40 ----A---- C:\windows\system32\netcfg-3945890.txt
2014-11-20 14:44:19 ----A---- C:\windows\system32\netcfg-3864796.txt
2014-11-20 14:44:18 ----A---- C:\windows\system32\netcfg-3864234.txt
2014-11-20 14:43:45 ----A---- C:\windows\system32\netcfg-3830984.txt
2014-11-20 14:43:44 ----A---- C:\windows\system32\netcfg-3830437.txt
2014-11-20 14:42:10 ----D---- C:\Users\Adam\AppData\Roaming\Mozilla
2014-11-20 14:42:05 ----D---- C:\ProgramData\Mozilla
2014-11-20 14:42:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-20 14:42:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-20 14:27:11 ----A---- C:\windows\system32\netcfg-2837218.txt
2014-11-20 14:27:11 ----A---- C:\windows\system32\netcfg-2837187.txt
2014-11-20 14:27:11 ----A---- C:\windows\system32\netcfg-2837109.txt
2014-11-20 14:27:10 ----A---- C:\windows\system32\netcfg-2836546.txt
2014-11-20 14:25:18 ----A---- C:\windows\system32\netcfg-2724343.txt
2014-11-20 14:25:18 ----A---- C:\windows\system32\netcfg-2723796.txt
2014-11-20 14:18:03 ----A---- C:\windows\system32\netcfg-2289328.txt
2014-11-20 14:17:55 ----A---- C:\windows\system32\netcfg-2281343.txt
2014-11-20 14:17:39 ----A---- C:\windows\system32\netcfg-2265375.txt
2014-11-20 14:17:39 ----A---- C:\windows\system32\netcfg-2265343.txt
2014-11-20 14:17:39 ----A---- C:\windows\system32\netcfg-2265234.txt
2014-11-20 14:17:39 ----A---- C:\windows\system32\netcfg-2264703.txt
2014-11-20 14:15:31 ----A---- C:\windows\system32\netcfg-2136640.txt
2014-11-20 14:15:31 ----A---- C:\windows\system32\netcfg-2136609.txt
2014-11-20 13:13:01 ----SHD---- C:\System Volume Information
2014-11-20 13:10:27 ----A---- C:\windows\CSUP.TXT
2014-11-20 13:00:32 ----A---- C:\windows\system32\netcfg-1235500.txt
2014-11-20 13:00:32 ----A---- C:\windows\system32\netcfg-1235484.txt
2014-11-20 13:00:32 ----A---- C:\windows\system32\netcfg-1235437.txt
2014-11-20 13:00:32 ----A---- C:\windows\system32\netcfg-1234843.txt
2014-11-20 12:59:23 ----A---- C:\windows\system32\netcfg-1166109.txt
2014-11-20 12:59:18 ----A---- C:\windows\system32\netcfg-1161484.txt
2014-11-20 12:58:55 ----A---- C:\windows\system32\netcfg-1137781.txt
2014-11-20 12:58:53 ----A---- C:\windows\system32\netcfg-1135750.txt
2014-11-20 12:58:38 ----A---- C:\windows\system32\netcfg-1121625.txt
2014-11-20 12:58:38 ----A---- C:\windows\system32\netcfg-1121031.txt
2014-11-20 12:58:20 ----A---- C:\windows\system32\netcfg-1103453.txt
2014-11-20 12:58:17 ----A---- C:\windows\system32\netcfg-1100406.txt
2014-11-20 12:58:17 ----A---- C:\windows\system32\netcfg-1100343.txt
2014-11-20 12:58:17 ----A---- C:\windows\system32\netcfg-1099765.txt
2014-11-20 12:57:44 ----A---- C:\windows\system32\netcfg-1067156.txt
2014-11-20 12:57:44 ----A---- C:\windows\system32\netcfg-1067093.txt
2014-11-20 12:57:44 ----A---- C:\windows\system32\netcfg-1067000.txt
2014-11-20 12:57:43 ----A---- C:\windows\system32\netcfg-1066296.txt
2014-11-20 12:56:45 ----D---- C:\Users\Adam\AppData\Roaming\Macromedia
2014-11-20 12:50:37 ----A---- C:\windows\system32\netcfg-639984.txt
2014-11-20 12:50:37 ----A---- C:\windows\system32\netcfg-639703.txt
2014-11-20 12:50:33 ----A---- C:\windows\system32\netcfg-636656.txt
2014-11-20 12:50:33 ----A---- C:\windows\system32\netcfg-636625.txt
2014-11-20 12:50:19 ----A---- C:\windows\system32\netcfg-621921.txt
2014-11-20 12:48:15 ----A---- C:\windows\system32\netcfg-497953.txt
2014-11-20 12:48:14 ----A---- C:\windows\system32\netcfg-497406.txt
2014-11-20 12:44:38 ----A---- C:\windows\system32\netcfg-281062.txt
2014-11-20 12:43:14 ----D---- C:\Users\Adam\AppData\Roaming\Adobe
2014-11-20 12:42:30 ----SD---- C:\Users\Adam\AppData\Roaming\Microsoft
2014-11-20 12:22:25 ----D---- C:\windows\SoftwareDistribution
2014-11-20 12:22:21 ----D---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-20 12:22:19 ----D---- C:\ProgramData\OneKey Recovery
2014-11-20 12:22:19 ----A---- C:\windows\system32\drivers\wsvd.sys
2014-11-20 12:22:11 ----D---- C:\Program Files\Lenovo
2014-11-20 12:22:01 ----D---- C:\ProgramData\Temp
2014-11-20 12:17:59 ----ASH---- C:\hiberfil.sys
2014-11-20 12:15:49 ----A---- C:\windows\system32\netcfg-72984.txt
2014-11-20 12:15:45 ----A---- C:\windows\system32\netcfg-69515.txt
2014-11-20 12:15:43 ----A---- C:\windows\system32\netcfg-67421.txt
2014-11-20 12:15:41 ----A---- C:\windows\system32\netcfg-64937.txt
2014-11-20 12:15:40 ----A---- C:\windows\system32\netcfg-64625.txt
2014-11-20 12:15:40 ----A---- C:\windows\system32\netcfg-64250.txt
2014-11-20 12:15:40 ----A---- C:\windows\system32\netcfg-63859.txt
2014-11-20 12:15:39 ----A---- C:\windows\system32\netcfg-63531.txt
2014-11-20 12:15:39 ----A---- C:\windows\system32\netcfg-63296.txt
2014-11-20 12:15:39 ----A---- C:\windows\system32\netcfg-62968.txt
2014-11-20 12:15:38 ----A---- C:\windows\system32\netcfg-62640.txt
2014-11-20 12:15:27 ----A---- C:\windows\system32\netcfg-51218.txt
2014-11-20 12:15:26 ----A---- C:\windows\system32\netcfg-50312.txt
2014-11-20 12:14:46 ----ASH---- C:\swapfile.sys
2014-11-20 12:14:46 ----ASH---- C:\pagefile.sys
2014-11-13 11:53:20 ----A---- C:\windows\system32\drivers\inspect.sys
2014-11-13 11:53:18 ----A---- C:\windows\system32\drivers\cmdhlp.sys
2014-11-13 11:53:18 ----A---- C:\windows\system32\drivers\cmdguard.sys
2014-11-13 11:53:18 ----A---- C:\windows\system32\drivers\cmderd.sys
2014-11-13 11:52:58 ----A---- C:\windows\system32\cmdcsr.dll
2014-11-13 11:52:56 ----A---- C:\windows\SYSWOW64\guard32.dll
2014-11-13 11:52:56 ----A---- C:\windows\system32\guard64.dll
2014-11-13 11:52:48 ----A---- C:\windows\system32\cmdvrt64.dll
2014-11-13 11:52:44 ----A---- C:\windows\system32\cmdkbd64.dll
2014-11-13 11:52:36 ----A---- C:\windows\SYSWOW64\cmdvrt32.dll
2014-11-13 11:52:32 ----A---- C:\windows\SYSWOW64\cmdkbd32.dll

======List of files/folders modified in the last 1 month======

2014-12-07 10:43:56 ----D---- C:\windows\Temp
2014-12-07 10:42:44 ----D---- C:\windows\system32\sru
2014-12-07 10:42:37 ----D---- C:\windows\Inf
2014-12-06 11:41:45 ----D---- C:\windows\Microsoft.NET
2014-12-05 16:06:59 ----D---- C:\windows\Prefetch
2014-12-05 16:05:11 ----AD---- C:\windows\System32
2014-12-05 16:05:11 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-12-05 16:01:44 ----HD---- C:\$Windows.~BT
2014-12-05 16:01:33 ----AD---- C:\windows\Panther
2014-12-05 16:00:14 ----RD---- C:\Program Files (x86)
2014-12-05 13:44:13 ----D---- C:\windows\system32\config
2014-12-05 12:33:34 ----D---- C:\windows\system32\catroot
2014-12-05 12:33:25 ----SHD---- C:\windows\Installer
2014-12-05 12:15:11 ----D---- C:\windows\system32\Drivers
2014-12-04 16:16:58 ----RD---- C:\Program Files
2014-12-04 11:35:25 ----D---- C:\windows\SysWOW64
2014-12-04 11:35:11 ----D---- C:\Program Files\Common Files\microsoft shared
2014-12-04 10:24:02 ----RD---- C:\windows\assembly
2014-12-04 09:59:03 ----D---- C:\windows\Registration
2014-12-03 11:39:31 ----RSD---- C:\windows\Fonts
2014-12-02 16:55:44 ----SD---- C:\ProgramData\Microsoft
2014-12-02 16:55:02 ----D---- C:\windows\system32\Tasks
2014-12-02 16:54:36 ----D---- C:\windows\system32\DriverStore
2014-12-02 16:54:35 ----A---- C:\windows\system32\HPWia2_OJ6600.dll
2014-12-02 16:54:35 ----A---- C:\windows\system32\HPScanTRDrv_OJ6600.dll
2014-12-02 16:54:17 ----A---- C:\windows\system32\hpinksts5D12LM.dll
2014-12-02 16:54:17 ----A---- C:\windows\system32\hpinkcoi5D12.dll
2014-12-02 16:54:10 ----HD---- C:\ProgramData
2014-12-02 16:54:10 ----D---- C:\windows\twain_32
2014-12-02 13:18:22 ----AD---- C:\windows
2014-12-02 12:43:25 ----HD---- C:\Program Files\WindowsApps
2014-12-02 12:43:25 ----D---- C:\windows\AUInstallAgent
2014-11-30 11:43:24 ----D---- C:\windows\system32\NDF
2014-11-29 11:52:40 ----D---- C:\windows\Logs
2014-11-28 12:14:18 ----D---- C:\windows\WinSxS
2014-11-28 12:12:18 ----D---- C:\windows\WinStore
2014-11-28 12:12:15 ----D---- C:\windows\system32\SecureBootUpdates
2014-11-28 12:12:12 ----D---- C:\windows\SYSWOW64\wbem
2014-11-28 12:12:12 ----D---- C:\windows\SYSWOW64\en-US
2014-11-28 12:12:11 ----D---- C:\windows\system32\wbem
2014-11-28 12:12:11 ----D---- C:\windows\system32\en-US
2014-11-28 12:12:11 ----D---- C:\windows\system32\Boot
2014-11-28 12:08:10 ----D---- C:\windows\Tasks
2014-11-28 12:06:30 ----D---- C:\windows\CbsTemp
2014-11-28 12:05:24 ----A---- C:\windows\win.ini
2014-11-26 15:08:21 ----D---- C:\windows\system32\catroot2
2014-11-26 12:37:20 ----D---- C:\windows\system32\wdi
2014-11-26 12:31:29 ----D---- C:\windows\SYSWOW64\migration
2014-11-26 12:31:29 ----D---- C:\windows\system32\migration
2014-11-26 12:31:17 ----D---- C:\windows\PolicyDefinitions
2014-11-26 12:31:06 ----RD---- C:\windows\ToastData
2014-11-26 12:30:21 ----D---- C:\Program Files\Windows Defender
2014-11-26 12:30:20 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-26 12:30:15 ----D---- C:\windows\apppatch
2014-11-26 12:30:09 ----D---- C:\Program Files\Windows Journal
2014-11-26 12:27:21 ----D---- C:\windows\system32\drivers\UMDF
2014-11-26 11:53:29 ----D---- C:\Program Files (x86)\Common Files
2014-11-22 12:21:50 ----SHD---- C:\$Recycle.Bin
2014-11-21 12:14:57 ----D---- C:\windows\servicing
2014-11-21 12:10:55 ----D---- C:\windows\SYSWOW64\Dism
2014-11-21 12:10:55 ----D---- C:\Program Files\Windows Photo Viewer
2014-11-21 12:10:55 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-11-21 12:10:53 ----D---- C:\windows\system32\Dism
2014-11-21 12:10:01 ----D---- C:\Program Files\Windows Media Player
2014-11-21 12:10:01 ----D---- C:\Program Files (x86)\Windows Media Player
2014-11-21 12:09:13 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-21 12:09:05 ----D---- C:\Program Files\Internet Explorer
2014-11-21 11:30:12 ----D---- C:\windows\ShellNew
2014-11-21 11:28:39 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-11-21 11:10:41 ----D---- C:\windows\debug
2014-11-21 11:05:37 ----AD---- C:\windows\system32\oobe
2014-11-21 10:53:47 ----A---- C:\windows\system32\igfxDI.dll
2014-11-21 10:53:47 ----A---- C:\windows\system32\igfxDH.dll
2014-11-21 10:53:44 ----A---- C:\windows\system32\igdmd64.dll
2014-11-21 10:53:43 ----A---- C:\windows\SYSWOW64\igdmd32.dll
2014-11-21 10:53:42 ----A---- C:\windows\SYSWOW64\igdde32.dll
2014-11-21 10:53:42 ----A---- C:\windows\system32\igdde64.dll
2014-11-21 10:53:41 ----A---- C:\windows\SYSWOW64\igfxcmjit32.dll
2014-11-21 10:53:41 ----A---- C:\windows\SYSWOW64\igfx11cmrt32.dll
2014-11-21 10:53:41 ----A---- C:\windows\system32\igfxcmjit64.dll
2014-11-21 10:53:41 ----A---- C:\windows\system32\igfx11cmrt64.dll
2014-11-21 10:53:40 ----A---- C:\windows\system32\igfxLHMLib.dll
2014-11-21 10:53:38 ----A---- C:\windows\SYSWOW64\igfxexps32.dll
2014-11-21 10:53:38 ----A---- C:\windows\system32\MetroIntelGenericUIFramework.dll
2014-11-21 10:53:38 ----A---- C:\windows\system32\igfxcmrt64.dll
2014-11-21 10:53:36 ----A---- C:\windows\SYSWOW64\igfxcmrt32.dll
2014-11-21 10:53:34 ----A---- C:\windows\system32\igdumdim64.dll
2014-11-21 10:53:32 ----A---- C:\windows\SYSWOW64\igdumdim32.dll
2014-11-21 10:53:32 ----A---- C:\windows\system32\igfxEMLib.dll
2014-11-21 10:53:29 ----A---- C:\windows\system32\igfxDILib.dll
2014-11-21 10:53:29 ----A---- C:\windows\system32\igfxDHLib.dll
2014-11-21 10:53:28 ----A---- C:\windows\system32\igd10iumd64.dll
2014-11-21 10:53:27 ----A---- C:\windows\SYSWOW64\igd10iumd32.dll
2014-11-21 10:53:01 ----A---- C:\windows\system32\igfxLHMLibv2_0.dll
2014-11-21 10:53:01 ----A---- C:\windows\system32\igfxexps.dll
2014-11-21 10:53:00 ----A---- C:\windows\system32\iglhsip64.dll
2014-11-21 10:52:59 ----A---- C:\windows\SYSWOW64\iglhsip32.dll
2014-11-21 10:52:59 ----A---- C:\windows\system32\igfxDTCM.dll
2014-11-21 10:52:54 ----A---- C:\windows\system32\IntelOpenCL64.dll
2014-11-21 10:52:46 ----A---- C:\windows\SYSWOW64\IntelOpenCL32.dll
2014-11-21 10:52:40 ----A---- C:\windows\SYSWOW64\Intel_OpenCL_ICD32.dll
2014-11-21 10:52:40 ----A---- C:\windows\system32\Intel_OpenCL_ICD64.dll
2014-11-21 10:52:40 ----A---- C:\windows\system32\igfxOSP.dll
2014-11-21 10:52:40 ----A---- C:\windows\system32\igfxCoIn_v3958.dll
2014-11-21 10:52:39 ----A---- C:\windows\system32\igfxLHM.dll
2014-11-21 10:52:39 ----A---- C:\windows\system32\igfxEMLibv2_0.dll
2014-11-21 10:52:38 ----A---- C:\windows\system32\igfxDILibv2_0.dll
2014-11-21 10:52:38 ----A---- C:\windows\system32\igfxDHLibv2_0.dll
2014-11-21 10:52:37 ----A---- C:\windows\system32\igdusc64.dll
2014-11-21 10:52:37 ----A---- C:\windows\system32\IccLibDll_x64.dll
2014-11-21 10:52:36 ----A---- C:\windows\SYSWOW64\igdusc32.dll
2014-11-21 10:52:33 ----A---- C:\windows\system32\iglhcp64.dll
2014-11-21 10:52:32 ----A---- C:\windows\SYSWOW64\iglhcp32.dll
2014-11-21 10:52:32 ----A---- C:\windows\SYSWOW64\igdrcl32.dll
2014-11-21 10:52:32 ----A---- C:\windows\system32\igdrcl64.dll
2014-11-21 10:52:30 ----A---- C:\windows\system32\igdfcl64.dll
2014-11-21 10:52:30 ----A---- C:\windows\system32\igdail64.dll
2014-11-21 10:52:25 ----A---- C:\windows\SYSWOW64\igdail32.dll
2014-11-21 10:52:25 ----A---- C:\windows\system32\igdbcl64.dll
2014-11-21 10:52:24 ----A---- C:\windows\SYSWOW64\igdfcl32.dll
2014-11-21 10:52:18 ----A---- C:\windows\SYSWOW64\igdbcl32.dll
2014-11-21 10:52:18 ----A---- C:\windows\system32\igfxCUIServicePS.dll
2014-11-21 10:51:41 ----A---- C:\windows\SYSWOW64\IntelCpHeciSvc.exe
2014-11-21 10:51:41 ----A---- C:\windows\system32\igfxTray.exe
2014-11-21 10:51:41 ----A---- C:\windows\system32\igfxHK.exe
2014-11-21 10:51:41 ----A---- C:\windows\system32\igfxext.exe
2014-11-21 10:51:41 ----A---- C:\windows\system32\igfxEM.exe
2014-11-21 10:51:41 ----A---- C:\windows\system32\igfxCUIService.exe
2014-11-21 10:51:39 ----A---- C:\windows\SYSWOW64\ig7icd32.dll
2014-11-21 10:51:39 ----A---- C:\windows\system32\ig7icd64.dll
2014-11-21 10:51:39 ----A---- C:\windows\system32\Gfxv4_0.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\Gfxv2_0.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\GfxUIEx.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\DPTopologyAppv2_0.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\DPTopologyApp.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\difx64.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\CustomModeAppv2_0.exe
2014-11-21 10:51:39 ----A---- C:\windows\system32\CustomModeApp.exe
2014-11-21 10:44:13 ----D---- C:\windows\LiveKernelReports
2014-11-20 16:19:24 ----D---- C:\windows\system32\restore
2014-11-20 13:10:32 ----AD---- C:\windows\Web
2014-11-20 13:10:31 ----AD---- C:\windows\Help
2014-11-20 12:50:03 ----D---- C:\windows\system32\CodeIntegrity
2014-11-20 12:42:36 ----RD---- C:\windows\ImmersiveControlPanel
2014-11-20 12:42:30 ----AD---- C:\Users
2014-11-20 12:41:47 ----D---- C:\windows\rescache
2014-11-20 12:19:59 ----D---- C:\windows\SYSWOW64\drivers
2014-11-20 12:19:05 ----D---- C:\windows\system32\Sysprep

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CFRMD;CFRMD; C:\windows\system32\DRIVERS\CFRMD.sys [2014-06-25 40224]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\windows\System32\DRIVERS\cmderd.sys [2014-11-13 21304]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\system32\DRIVERS\cmdguard.sys [2014-11-13 808176]
R1 cmdhlp;COMODO Internet Security Helper Driver; C:\windows\system32\DRIVERS\cmdhlp.sys [2014-11-13 36200]
R1 inspect;@oem2.inf,%inspect_Desc%;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2014-11-13 127328]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-25 64000]
R2 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2013-02-28 36600]
R3 BCM43XX;@netbc63a.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl63a.sys [2012-06-02 5139968]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-11-21 3828152]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2012-06-02 100864]
R3 MEIx64;@oem1.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-17 62784]
R3 Neo_VPN;@oem4.inf,%Neo.Service.DispName%;VPN Client Device Driver - VPN; C:\windows\system32\DRIVERS\Neo_VPN.sys [2014-11-25 28768]
R3 Neo_VPN2;@oem5.inf,%Neo.Service.DispName%;VPN Client Device Driver - VPN2; C:\windows\system32\DRIVERS\Neo_VPN2.sys [2014-11-25 28768]
R3 tap0901;@oem6.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys [2014-11-25 40664]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-25 17920]
S0 icquni;icquni; C:\windows\system32\drivers\icquni.sys []
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel® PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2014-12-02 43008]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2012-06-13 102376]
S3 WUDFWpdFs;WUDFWpdFs; C:\windows\system32\DRIVERS\WUDFRd.sys [2012-07-25 198656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-11-21 64704]
R2 CGVPNCliService;CyberGhost 5 Client Service; C:\Program Files\CyberGhost 5\Service.exe [2014-11-25 64616]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2014-11-21 70864]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-11-13 7615952]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-12-02 2370240]
R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-11-21 2327248]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-02 89352]
R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-11-21 319376]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe [2014-12-02 240408]
R3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-11-13 2265304]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe [2014-12-02 192792]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-26 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-28 267440]
S3 cphs;Intel® Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-11-21 281488]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-26 107912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-13 114288]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-11-21 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-11-21 4925184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2014-12-04 118520]

-----------------EOF-----------------
 



#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:18 PM

Posted 09 December 2014 - 04:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/558681 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#5 consultantbis

consultantbis
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 10 December 2014 - 05:15 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17148
Run by Adam at 15:07:14 on 2014-12-10
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.3962.2800 [GMT -7:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus *Disabled/Updated* {F0BC89B2-8937-0933-021B-B17D981F2A71}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Comodo Defense+ *Enabled/Updated* {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
FW: COMODO Firewall *Disabled* {C8870897-C358-086B-2944-184866CC6D0A}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe
C:\Program Files\CyberGhost 5\Service.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k rpcss
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\dwm.exe
C:\windows\system32\taskhostex.exe
C:\windows\Explorer.EXE
C:\windows\system32\igfxEM.exe
C:\windows\system32\igfxHK.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
C:\Program Files\COMODO\GeekBuddy\unit.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://lenovo13.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [CyberGhost] "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
mRun: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\STARTG~1.LNK - C:\Program Files\COMODO\GeekBuddy\launcher.exe
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: Interfaces\{4AFAE102-A784-43F0-9398-62627DB42883} : DHCPNameServer = 205.171.3.65 205.171.2.65
TCP: Interfaces\{4AFAE102-A784-43F0-9398-62627DB42883}\16474777966696 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{4AFAE102-A784-43F0-9398-62627DB42883}\3596D607C69724964737D284F6473707F647 : DHCPNameServer = 172.16.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
.
============= SERVICES / DRIVERS ===============
.
R1 CFRMD;CFRMD;C:\windows\System32\Drivers\CFRMD.sys [2014-6-25 40224]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\windows\System32\Drivers\cmderd.sys [2014-11-13 21304]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\windows\System32\Drivers\cmdguard.sys [2014-11-13 808176]
R1 cmdhlp;COMODO Internet Security Helper Driver;C:\windows\System32\Drivers\cmdhlp.sys [2014-11-13 36200]
R2 CGVPNCliService;CyberGhost 5 Client Service;C:\Program Files\CyberGhost 5\Service.exe [2014-11-25 64616]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2014-9-25 70864]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-11-27 2370240]
R2 GeekBuddyRSP;GeekBuddyRSP Server;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-9-24 2327248]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-9-15 89352]
R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service;C:\windows\System32\igfxCUIService.exe [2014-10-1 319376]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE [2012-1-25 240408]
R3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-11-13 2265304]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2012-6-2 100864]
R3 Neo_VPN;VPN Client Device Driver - VPN;C:\windows\System32\Drivers\Neo_VPN.sys [2014-11-25 28768]
R3 Neo_VPN2;VPN Client Device Driver - VPN2;C:\windows\System32\Drivers\Neo_VPN2.sys [2014-11-25 28768]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE [2012-1-25 192792]
S3 ghsandroid;Handset ADB Interface;C:\windows\System32\Drivers\ghsandroid.sys [2011-3-30 38424]
S3 ghsdiagMDM;Handset Diagnostic Port;C:\windows\System32\Drivers\ghsdiagMDM.sys [2011-11-28 122496]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver;C:\windows\System32\Drivers\massfilter_hs.sys [2014-12-7 20232]
S3 wsvd;wsvd;C:\windows\System32\Drivers\wsvd.sys [2014-11-20 102376]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
.
=============== Created Last 30 ================
.
2014-12-09 16:56:03    --------    d--h--w-    C:\VTRoot
2014-12-07 19:29:59    --------    d---a-w-    C:\Users\Adam\.android
2014-12-07 19:29:52    20232    ----a-w-    C:\windows\System32\drivers\massfilter_hs.sys
2014-12-07 19:29:52    171272    ----a-w-    C:\windows\System32\drivers\zghsnet.sys
2014-12-07 19:29:52    162816    ----a-w-    C:\windows\System32\drivers\ghsnet.sys
2014-12-07 19:29:52    132104    ----a-w-    C:\windows\System32\drivers\zghsser.sys
2014-12-07 19:29:52    123520    ----a-w-    C:\windows\System32\drivers\ghsser.sys
2014-12-07 19:29:48    1721576    ----a-w-    C:\windows\System32\WdfCoInstaller01009.dll
2014-12-07 19:29:48    1002728    ----a-w-    C:\windows\System32\WinUSBCoInstaller2.dll
2014-12-07 19:29:47    67608    ----a-w-    C:\windows\AdbWinUsbApi.dll
2014-12-07 19:29:47    584584    ----a-w-    C:\windows\adb.exe
2014-12-07 19:29:47    102936    ----a-w-    C:\windows\AdbWinApi.dll
2014-12-07 19:29:47    --------    d-----w-    C:\Program Files\Handset_USB_Driver
2014-12-05 20:52:27    --------    d-sh--w-    C:\Recovery
2014-12-04 23:16:58    --------    d-----w-    C:\Program Files\trend micro
2014-12-04 21:58:26    --------    d-----w-    C:\Users\Adam\AppData\Roaming\Wireshark
2014-12-04 18:35:25    --------    d-----w-    C:\Program Files (x86)\WinPcap
2014-12-04 18:34:35    --------    d-----w-    C:\Program Files\Wireshark
2014-12-02 23:55:09    --------    d-----w-    C:\Program Files (x86)\Microsoft
2014-12-02 23:54:42    --------    d-----w-    C:\Users\Adam\AppData\Roaming\HpUpdate
2014-12-02 23:54:39    741480    ------w-    C:\windows\System32\HPDiscoPM5D12.dll
2014-12-02 23:54:10    --------    d-----w-    C:\Program Files\HP
2014-12-02 23:53:51    --------    d-----w-    C:\Users\Adam\AppData\Local\HP
2014-12-02 23:53:29    2873744    ----a-w-    C:\windows\System32\hpinkins5D12.exe
2014-12-02 23:48:16    --------    d-----w-    C:\Users\Adam\AppData\Local\Hewlett-Packard
2014-12-02 23:45:16    --------    d-----w-    C:\Program Files (x86)\Hp
2014-12-02 19:55:58    --------    d-----w-    C:\Program Files (x86)\Comodo
2014-11-28 19:12:17    --------    d-----w-    C:\windows\System32\AutoUpdateLicense
2014-11-28 19:11:10    --------    d-----w-    C:\Users\Adam\AppData\Local\Macromedia
2014-11-26 22:10:28    582552    ----a-w-    C:\windows\System32\AutoUpdate.exe
2014-11-26 22:10:27    695808    ----a-w-    C:\windows\System32\WSShared.dll
2014-11-26 22:10:27    568832    ----a-w-    C:\windows\SysWow64\WSShared.dll
2014-11-26 22:10:27    462760    ----a-w-    C:\windows\System32\NotificationUI.exe
2014-11-26 22:10:27    198656    ----a-w-    C:\windows\System32\Windows.ApplicationModel.Store.dll
2014-11-26 22:10:27    163840    ----a-w-    C:\windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-26 22:10:27    125952    ----a-w-    C:\windows\System32\WinSetupUI.dll
2014-11-26 22:10:27    124928    ----a-w-    C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-26 22:10:23    28616704    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-11-26 22:10:22    27853824    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-11-26 19:29:54    --------    d-s---w-    C:\windows\System32\CompatTel
2014-11-26 18:41:02    57096    ----a-w-    C:\windows\System32\certsentry.dll
2014-11-26 18:41:02    48392    ----a-w-    C:\windows\SysWow64\certsentry.dll
2014-11-26 18:40:30    348160    ----a-w-    C:\windows\SysWow64\msvcr71.dll
2014-11-26 18:40:30    1060864    ----a-w-    C:\windows\SysWow64\mfc71.dll
2014-11-26 17:12:39    --------    d-----w-    C:\Users\Adam\AppData\Local\Google
2014-11-25 21:27:59    --------    d-----w-    C:\Users\Adam\AppData\Local\CyberGhost
2014-11-25 21:23:31    --------    d-----w-    C:\Program Files\TAP-Windows
2014-11-25 21:22:59    --------    d-----w-    C:\Program Files\CyberGhost 5
2014-11-25 21:22:53    --------    d-----w-    C:\Users\Adam\AppData\Local\Programs
2014-11-25 18:54:14    28768    ----a-w-    C:\windows\System32\drivers\Neo_VPN2.sys
2014-11-25 18:50:53    28768    ----a-w-    C:\windows\System32\drivers\Neo_VPN.sys
2014-11-25 18:50:31    135736    ----a-w-    C:\windows\System32\vpncmd.exe
2014-11-25 18:50:10    --------    d-----w-    C:\Program Files\SoftEther VPN Client
2014-11-24 21:04:27    50784    ----a-w-    C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-11-24 21:04:22    17536    ----a-w-    C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-11-22 19:50:23    --------    d-----w-    C:\Users\Adam\AppData\Roaming\Comodo
2014-11-22 19:41:15    269992    ----a-w-    C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2014-11-21 19:44:02    --------    d-----w-    C:\Users\Adam\AppData\Local\Adobe
2014-11-21 19:40:55    144    ----a-w-    C:\windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-21 19:17:06    451    ----a-w-    C:\windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-21 19:14:34    713672    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
2014-11-21 19:14:34    106440    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-21 18:28:39    --------    d-----w-    C:\windows\PCHEALTH
2014-11-21 18:19:44    --------    d-----w-    C:\Program Files (x86)\Microsoft Analysis Services
2014-11-21 18:18:50    --------    d-----w-    C:\Users\Adam\AppData\Local\Microsoft Help
2014-11-21 18:10:41    --------    d-----w-    C:\windows\System32\MRT
2014-11-21 17:58:46    --------    d-sh--w-    C:\Users\Adam\IntelGraphicsProfiles
2014-11-21 17:58:06    35480    ----a-w-    C:\windows\SysWow64\TsWpfWrp.exe
2014-11-21 17:58:06    35480    ----a-w-    C:\windows\System32\TsWpfWrp.exe
2014-11-21 17:55:11    64000    ----a-w-    C:\windows\System32\OpenCL.DLL
2014-11-21 17:55:11    60416    ----a-w-    C:\windows\SysWow64\OpenCL.DLL
2014-11-21 17:55:11    --------    d-----w-    C:\Intel
2014-11-21 17:54:45    --------    d-----w-    C:\Program Files (x86)\Common Files\Intel
2014-11-21 17:53:55    144896    ----a-w-    C:\windows\System32\tssdisai.dll
2014-11-21 17:53:52    148480    ----a-w-    C:\windows\System32\poqexec.exe
2014-11-21 17:53:52    135680    ----a-w-    C:\windows\System32\appserverai.dll
2014-11-21 17:53:52    126976    ----a-w-    C:\windows\System32\RDWebAI.dll
2014-11-21 17:53:52    122880    ----a-w-    C:\windows\System32\VmHostAI.dll
2014-11-21 17:53:50    132608    ----a-w-    C:\windows\SysWow64\poqexec.exe
2014-11-21 17:51:26    414208    ----a-w-    C:\windows\System32\schannel.dll
2014-11-21 17:51:26    318976    ----a-w-    C:\windows\SysWow64\schannel.dll
2014-11-21 17:51:23    86528    ----a-w-    C:\windows\System32\ncryptsslp.dll
2014-11-21 17:51:23    72192    ----a-w-    C:\windows\SysWow64\ncryptsslp.dll
2014-11-21 17:50:50    4068864    ----a-w-    C:\windows\System32\win32k.sys
2014-11-21 17:50:36    3248640    ----a-w-    C:\windows\System32\rdpcorets.dll
2014-11-21 17:50:31    713728    ----a-w-    C:\windows\SysWow64\adtschema.dll
2014-11-21 17:50:31    713728    ----a-w-    C:\windows\System32\adtschema.dll
2014-11-21 17:50:30    36352    ----a-w-    C:\windows\System32\rfxvmt.dll
2014-11-21 17:50:30    27880    ----a-w-    C:\windows\System32\drivers\rdpvideominiport.sys
2014-11-21 17:50:30    235520    ----a-w-    C:\windows\System32\rdpudd.dll
2014-11-21 17:50:30    146944    ----a-w-    C:\windows\SysWow64\msaudite.dll
2014-11-21 17:50:30    146944    ----a-w-    C:\windows\System32\msaudite.dll
2014-11-21 17:48:09    778240    ----a-w-    C:\windows\System32\oleaut32.dll
2014-11-21 17:46:57    827904    ----a-w-    C:\windows\System32\kerberos.dll
2014-11-21 17:45:59    124112    ----a-w-    C:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2014-11-21 17:44:12    141312    ----a-w-    C:\windows\System32\cryptnet.dll
2014-11-21 17:44:12    1255936    ----a-w-    C:\windows\System32\certutil.exe
2014-11-21 17:44:12    109056    ----a-w-    C:\windows\SysWow64\cryptnet.dll
2014-11-21 17:44:12    1013248    ----a-w-    C:\windows\SysWow64\certutil.exe
2014-11-21 17:42:59    645120    ----a-w-    C:\windows\System32\Windows.Security.Authentication.OnlineId.dll
2014-11-21 17:40:44    830464    ----a-w-    C:\windows\System32\wbem\WmiPrvSD.dll
2014-11-21 17:39:49    2035200    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
2014-11-21 17:39:49    1617920    ----a-w-    C:\Program Files\Windows Journal\NBDoc.DLL
2014-11-21 17:39:49    1413632    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2014-11-21 17:39:48    881152    ----a-w-    C:\Program Files\Windows Journal\InkSeg.dll
2014-11-21 17:39:48    627712    ----a-w-    C:\Program Files\Windows Journal\MSPVWCTL.DLL
2014-11-21 17:39:48    336384    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll
2014-11-21 17:39:48    265216    ----a-w-    C:\windows\System32\InkEd.dll
2014-11-21 17:39:48    1318912    ----a-w-    C:\Program Files\Windows Journal\JNWDRV.dll
2014-11-21 17:39:48    1306624    ----a-w-    C:\Program Files\Windows Journal\JNTFiltr.dll
2014-11-21 17:39:48    1272320    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2014-11-21 17:39:48    1029120    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2014-11-21 17:39:45    1890816    ----a-w-    C:\windows\System32\crypt32.dll
2014-11-21 17:39:45    1569280    ----a-w-    C:\windows\SysWow64\crypt32.dll
2014-11-21 17:38:11    30720    ----a-w-    C:\windows\System32\cryptdlg.dll
2014-11-21 17:38:11    25088    ----a-w-    C:\windows\SysWow64\cryptdlg.dll
2014-11-21 17:37:50    17888    ----a-w-    C:\windows\System32\msvcr100_clr0400.dll
2014-11-21 17:37:48    17888    ----a-w-    C:\windows\SysWow64\msvcr100_clr0400.dll
2014-11-21 17:34:58    754176    ----a-w-    C:\windows\SysWow64\actxprxy.dll
2014-11-21 17:33:33    957184    ----a-w-    C:\Program Files\Windows Defender\MpClient.dll
2014-11-21 17:32:34    583680    ----a-w-    C:\windows\System32\msdrm.dll
2014-11-21 17:32:34    451072    ----a-w-    C:\windows\SysWow64\msdrm.dll
2014-11-21 17:31:33    1300992    ----a-w-    C:\windows\System32\gdi32.dll
2014-11-21 17:31:32    1023488    ----a-w-    C:\windows\SysWow64\gdi32.dll
2014-11-21 17:29:05    861184    ----a-w-    C:\windows\System32\drivers\http.sys
2014-11-21 17:28:49    26624    ----a-w-    C:\windows\System32\ReAgentc.exe
2014-11-21 17:28:49    24064    ----a-w-    C:\windows\SysWow64\ReAgentc.exe
2014-11-21 17:28:33    312320    ----a-w-    C:\windows\System32\msieftp.dll
2014-11-21 17:28:33    273408    ----a-w-    C:\windows\SysWow64\msieftp.dll
2014-11-21 17:28:23    2048    ----a-w-    C:\windows\SysWow64\tzres.dll
2014-11-21 17:28:23    2048    ----a-w-    C:\windows\System32\tzres.dll
2014-11-21 17:27:44    368640    ----a-w-    C:\windows\SysWow64\WMPhoto.dll
2014-11-21 17:27:43    420864    ----a-w-    C:\windows\System32\WMPhoto.dll
2014-11-21 17:27:06    2048    ----a-w-    C:\windows\SysWow64\msxml3r.dll
2014-11-21 17:27:06    2048    ----a-w-    C:\windows\System32\msxml3r.dll
2014-11-21 17:27:06    1845760    ----a-w-    C:\windows\System32\msxml3.dll
2014-11-21 17:27:06    1418752    ----a-w-    C:\windows\SysWow64\msxml3.dll
2014-11-21 17:26:48    79192    ----a-w-    C:\windows\System32\drivers\usbehci.sys
2014-11-21 17:26:48    623448    ----a-w-    C:\windows\System32\drivers\usbhub.sys
2014-11-21 17:26:48    498008    ----a-w-    C:\windows\System32\drivers\usbport.sys
2014-11-21 17:26:48    32256    ----a-w-    C:\windows\System32\drivers\usbuhci.sys
2014-11-21 17:26:48    27136    ----a-w-    C:\windows\System32\drivers\usbohci.sys
2014-11-21 17:26:48    21848    ----a-w-    C:\windows\System32\drivers\usbd.sys
2014-11-21 17:26:48    120832    ----a-w-    C:\windows\System32\drivers\usbccgp.sys
2014-11-21 17:25:51    1838080    ----a-w-    C:\windows\System32\DWrite.dll
2014-11-21 17:25:51    1421312    ----a-w-    C:\windows\SysWow64\DWrite.dll
2014-11-21 17:20:54    3842560    ----a-w-    C:\windows\System32\d2d1.dll
2014-11-21 17:20:53    3288576    ----a-w-    C:\windows\SysWow64\d2d1.dll
2014-11-21 17:20:38    783872    ----a-w-    C:\windows\System32\audiosrv.dll
2014-11-21 17:20:38    522728    ----a-w-    C:\windows\System32\AUDIOKSE.dll
2014-11-21 17:20:38    169472    ----a-w-    C:\windows\System32\AudioEndpointBuilder.dll
2014-11-21 17:20:37    267264    ----a-w-    C:\windows\System32\EncDump.dll
2014-11-21 17:15:10    20992    ----a-w-    C:\windows\System32\drivers\usb8023.sys
2014-11-21 17:12:34    --------    d-----w-    C:\Program Files (x86)\Common Files\COMODO
2014-11-21 17:06:31    702464    ----a-w-    C:\windows\SysWow64\nshwfp.dll
2014-11-21 17:06:30    245248    ----a-w-    C:\windows\SysWow64\FWPUCLNT.DLL
2014-11-21 17:06:29    96600    ----a-w-    C:\windows\System32\drivers\wfplwfs.sys
2014-11-21 17:06:29    888832    ----a-w-    C:\windows\System32\nshwfp.dll
2014-11-21 17:06:29    723968    ----a-w-    C:\windows\System32\BFE.DLL
2014-11-21 17:06:29    381952    ----a-w-    C:\windows\System32\FWPUCLNT.DLL
2014-11-21 17:06:29    1160192    ----a-w-    C:\windows\System32\IKEEXT.DLL
2014-11-21 17:03:51    87552    ----a-w-    C:\windows\System32\aepic.dll
2014-11-21 17:03:51    394240    ----a-w-    C:\windows\System32\devinv.dll
2014-11-21 17:03:51    228864    ----a-w-    C:\windows\System32\aepdu.dll
2014-11-21 17:03:50    556544    ----a-w-    C:\windows\System32\aeinv.dll
2014-11-21 17:03:50    304128    ----a-w-    C:\windows\System32\generaltel.dll
2014-11-21 16:47:37    --------    d-----w-    C:\ProgramData\Shared Space
2014-11-21 16:46:46    --------    d-----w-    C:\Program Files\COMODO
2014-11-21 16:46:26    --------    d-----w-    C:\Users\Adam\AppData\Local\Comodo
2014-11-21 16:46:04    --------    d-----w-    C:\ProgramData\Comodo Downloader
2014-11-21 16:45:42    --------    d-----w-    C:\ProgramData\Comodo
2014-11-21 16:41:30    370688    ----a-w-    C:\windows\System32\drivers\mrxsmb.sys
2014-11-21 16:41:30    215552    ----a-w-    C:\windows\System32\drivers\mrxsmb20.sys
2014-11-20 23:29:51    79872    ----a-w-    C:\windows\System32\packager.dll
2014-11-20 23:29:51    68096    ----a-w-    C:\windows\SysWow64\packager.dll
2014-11-20 23:29:50    1287680    ----a-w-    C:\windows\System32\schedsvc.dll
2014-11-20 23:29:41    596480    ----a-w-    C:\windows\System32\qedit.dll
2014-11-20 23:29:41    405504    ----a-w-    C:\windows\System32\pcasvc.dll
2014-11-20 23:29:41    31232    ----a-w-    C:\windows\System32\pcadm.dll
2014-11-20 23:29:41    13312    ----a-w-    C:\windows\System32\pcalua.exe
2014-11-20 23:29:41    11776    ----a-w-    C:\windows\System32\pcaevts.dll
2014-11-20 23:29:40    497152    ----a-w-    C:\windows\SysWow64\qedit.dll
2014-11-20 23:29:02    62976    ----a-w-    C:\windows\System32\imagehlp.dll
2014-11-20 23:29:02    59392    ----a-w-    C:\windows\SysWow64\imagehlp.dll
2014-11-20 23:19:51    99328    ----a-w-    C:\windows\System32\wushareduxresources.dll
2014-11-20 19:47:54    --------    d-----w-    C:\Users\Adam\AppData\Local\Diagnostics
2014-11-20 19:43:18    --------    d-----r-    C:\Users\Adam\Searches
2014-11-20 19:43:18    --------    d-----r-    C:\Users\Adam\Contacts
2014-11-20 19:22:19    102376    ----a-w-    C:\windows\System32\drivers\wsvd.sys
2014-11-20 19:22:19    --------    d-----w-    C:\ProgramData\OneKey Recovery
2014-11-20 19:22:11    --------    d-----w-    C:\Program Files\Lenovo
2014-11-13 18:53:18    808176    ----a-w-    C:\windows\System32\drivers\cmdguard.sys
2014-11-13 18:53:18    36200    ----a-w-    C:\windows\System32\drivers\cmdhlp.sys
2014-11-13 18:53:18    21304    ----a-w-    C:\windows\System32\drivers\cmderd.sys
2014-11-13 18:52:58    41856    ----a-w-    C:\windows\System32\cmdcsr.dll
2014-11-13 18:52:56    438912    ----a-w-    C:\windows\System32\guard64.dll
2014-11-13 18:52:56    353392    ----a-w-    C:\windows\SysWow64\guard32.dll
2014-11-13 18:52:48    354520    ----a-w-    C:\windows\System32\cmdvrt64.dll
2014-11-13 18:52:44    45784    ----a-w-    C:\windows\System32\cmdkbd64.dll
2014-11-13 18:52:36    286424    ----a-w-    C:\windows\SysWow64\cmdvrt32.dll
2014-11-13 18:52:32    40664    ----a-w-    C:\windows\SysWow64\cmdkbd32.dll
.
==================== Find3M  ====================
.
2014-12-07 19:11:53    38424    ----a-w-    C:\windows\System32\drivers\ghsandroid.sys
2014-12-07 19:11:53    1919968    ----a-w-    C:\windows\System32\wdfcoinstaller01005.dll
2014-12-07 19:11:45    122496    ----a-w-    C:\windows\System32\drivers\ghsdiagMDM.sys
2014-12-07 17:56:10    947200    ----a-w-    C:\windows\System32\drivers\UMDF\WpdMtpDr.dll
2014-12-07 17:56:10    57344    ----a-w-    C:\windows\System32\drivers\winusb.sys
2014-12-07 17:56:10    217088    ----a-w-    C:\windows\System32\WpdMtp.dll
2014-12-07 17:56:10    134656    ----a-w-    C:\windows\System32\WpdMtpUS.dll
2014-12-03 00:04:07    43008    ----a-w-    C:\windows\System32\drivers\usbscan.sys
2014-12-02 23:54:35    623504    ----a-w-    C:\windows\System32\HPWia2_OJ6600.dll
2014-12-02 23:54:35    2723216    ----a-w-    C:\windows\System32\HPScanTRDrv_OJ6600.dll
2014-12-02 23:54:17    332176    ----a-w-    C:\windows\System32\hpinksts5D12LM.dll
2014-12-02 23:54:17    270224    ----a-w-    C:\windows\System32\hpinkcoi5D12.dll
2014-11-25 21:23:37    40664    ----a-w-    C:\windows\System32\drivers\tap0901.sys
2014-11-21 17:52:59    214016    ----a-w-    C:\windows\System32\igfxDTCM.dll
2014-11-21 17:51:41    504208    ----a-w-    C:\windows\System32\igfxEM.exe
2014-11-21 17:49:59    3552768    ----a-w-    C:\windows\System32\tquery.dll
2014-11-21 17:48:09    567808    ----a-w-    C:\windows\SysWow64\oleaut32.dll
2014-11-21 17:48:05    53760    ----a-w-    C:\windows\System32\UXInit.dll
2014-11-21 17:48:05    534528    ----a-w-    C:\windows\SysWow64\uxtheme.dll
2014-11-21 17:48:05    44032    ----a-w-    C:\windows\SysWow64\UXInit.dll
2014-11-21 17:48:05    136704    ----a-w-    C:\windows\System32\iesysprep.dll
2014-11-21 17:48:05    109056    ----a-w-    C:\windows\SysWow64\iesysprep.dll
2014-11-21 17:48:03    915968    ----a-w-    C:\windows\System32\uxtheme.dll
2014-11-21 17:48:02    1762816    ----a-w-    C:\windows\SysWow64\wininet.dll
2014-11-21 17:48:02    1441280    ----a-w-    C:\windows\SysWow64\inetcpl.cpl
2014-11-21 17:48:01    1509376    ----a-w-    C:\windows\System32\inetcpl.cpl
2014-11-21 17:48:00    2237952    ----a-w-    C:\windows\System32\wininet.dll
2014-11-21 17:47:49    3959296    ----a-w-    C:\windows\System32\jscript9.dll
2014-11-21 17:47:49    2861568    ----a-w-    C:\windows\SysWow64\jscript9.dll
2014-11-21 17:47:44    67072    ----a-w-    C:\windows\System32\iesetup.dll
2014-11-21 17:47:44    61440    ----a-w-    C:\windows\SysWow64\iesetup.dll
2014-11-21 17:47:35    694272    ----a-w-    C:\windows\SysWow64\rpcrt4.dll
2014-11-21 17:47:35    1312768    ----a-w-    C:\windows\System32\rpcrt4.dll
2014-11-21 17:45:59    102608    ----a-w-    C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2014-11-21 17:43:36    70144    ----a-w-    C:\windows\System32\appinfo.dll
2014-11-21 17:43:35    112984    ----a-w-    C:\windows\System32\consent.exe
2014-11-21 17:43:26    576512    ----a-w-    C:\windows\System32\drivers\afd.sys
2014-11-21 17:43:21    2361344    ----a-w-    C:\windows\System32\msxml6.dll
2014-11-21 17:43:21    1802240    ----a-w-    C:\windows\SysWow64\msxml6.dll
2014-11-21 17:43:20    2048    ----a-w-    C:\windows\SysWow64\msxml6r.dll
2014-11-21 17:43:20    2048    ----a-w-    C:\windows\System32\msxml6r.dll
2014-11-21 17:43:06    1933312    ----a-w-    C:\windows\System32\wbem\cimwin32.dll
2014-11-21 17:43:02    850944    ----a-w-    C:\windows\SysWow64\mfasfsrcsnk.dll
2014-11-21 17:43:02    1048576    ----a-w-    C:\windows\System32\mfasfsrcsnk.dll
2014-11-21 17:43:01    1101824    ----a-w-    C:\windows\System32\wmpmde.dll
2014-11-21 17:43:00    951808    ----a-w-    C:\windows\System32\Windows.Globalization.dll
2014-11-21 17:43:00    1149952    ----a-w-    C:\windows\System32\winmde.dll
2014-11-21 17:41:36    4917760    ----a-w-    C:\windows\System32\sppsvc.exe
2014-11-21 17:40:42    567808    ----a-w-    C:\windows\SysWow64\duser.dll
2014-11-21 17:35:28    2094592    ----a-w-    C:\windows\System32\mmc.exe
2014-11-21 17:34:58    2885632    ----a-w-    C:\windows\System32\msi.dll
2014-11-21 17:33:32    35320    ----a-w-    C:\windows\System32\drivers\WdBoot.sys
2014-11-21 17:30:50    945152    ----a-w-    C:\windows\System32\resetengmig.dll
2014-10-26 00:19:11    2706432    ----a-w-    C:\windows\System32\mshtml.tlb
2014-10-26 00:13:06    2706432    ----a-w-    C:\windows\SysWow64\mshtml.tlb
.
============= FINISH: 15:08:07.13 ===============
 

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,541 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:18 PM

Posted 12 December 2014 - 10:12 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

We will check your BIOS and Master boot record.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Wait for further instructions.

#7 consultantbis

consultantbis
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 12 December 2014 - 03:55 PM

tdss log

13:53:56.0236 0x0580  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
13:53:56.0236 0x0580  UEFI system
13:53:59.0955 0x0580  ============================================================
13:53:59.0955 0x0580  Current date / time: 2014/12/12 13:53:59.0955
13:53:59.0955 0x0580  SystemInfo:
13:53:59.0955 0x0580  
13:53:59.0955 0x0580  OS Version: 6.2.9200 ServicePack: 0.0
13:53:59.0955 0x0580  Product type: Workstation
13:53:59.0955 0x0580  ComputerName: IDEA-PC
13:53:59.0955 0x0580  UserName: Adam
13:53:59.0955 0x0580  Windows directory: C:\windows
13:53:59.0955 0x0580  System windows directory: C:\windows
13:53:59.0955 0x0580  Running under WOW64
13:53:59.0955 0x0580  Processor architecture: Intel x64
13:53:59.0955 0x0580  Number of processors: 4
13:53:59.0955 0x0580  Page size: 0x1000
13:53:59.0955 0x0580  Boot type: Normal boot
13:53:59.0955 0x0580  ============================================================
13:54:02.0502 0x0580  KLMD registered as C:\windows\system32\drivers\13257304.sys
13:54:03.0159 0x0580  System UUID: {7D46A833-4C01-7328-A306-344CF37677A3}
13:54:04.0221 0x0580  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:54:04.0221 0x0580  ============================================================
13:54:04.0221 0x0580  \Device\Harddisk0\DR0:
13:54:04.0221 0x0580  GPT partitions:
13:54:04.0221 0x0580  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {AAC60267-E3CE-4B6E-801A-F758E06C3A77}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
13:54:04.0221 0x0580  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D4F1919C-A0B1-42BB-81E8-3631AFE25694}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
13:54:04.0221 0x0580  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {3178C85E-6C0E-42B7-9F31-B49D914A576C}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
13:54:04.0221 0x0580  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {B42484FC-FF5A-4B25-80FD-A8D525ACB8D1}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
13:54:04.0221 0x0580  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D1AB899C-C645-4FAA-AAF3-10B9DF170483}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x343FA800
13:54:04.0221 0x0580  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0DDCACCE-19F9-47F1-82EB-56FA12630378}, Name: , StartLBA 0x348A5000, BlocksNum 0xE1000
13:54:04.0221 0x0580  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1DD73FDE-E2B4-4E8F-A48E-8029F6963C40}, Name: Basic data partition, StartLBA 0x34986000, BlocksNum 0x3200000
13:54:04.0221 0x0580  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0C823F54-98B9-4748-B8DF-2D8C836FBAF5}, Name: Basic data partition, StartLBA 0x37B86000, BlocksNum 0x2800000
13:54:04.0221 0x0580  MBR partitions:
13:54:04.0221 0x0580  ============================================================
13:54:04.0315 0x0580  C: <-> \Device\Harddisk0\DR0\Partition5
13:54:04.0440 0x0580  D: <-> \Device\Harddisk0\DR0\Partition7
13:54:04.0440 0x0580  ============================================================
13:54:04.0440 0x0580  Initialize success
13:54:04.0440 0x0580  ============================================================
13:54:07.0143 0x13c8  ============================================================
13:54:07.0143 0x13c8  Scan started
13:54:07.0143 0x13c8  Mode: Manual;
13:54:07.0143 0x13c8  ============================================================
13:54:07.0143 0x13c8  KSN ping started
13:54:09.0815 0x13c8  KSN ping finished: true
13:54:12.0143 0x13c8  ================ Scan system memory ========================
13:54:12.0143 0x13c8  System memory - ok
13:54:12.0143 0x13c8  ================ Scan services =============================
13:54:14.0894 0x13c8  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
13:54:14.0909 0x13c8  1394ohci - ok
13:54:15.0097 0x13c8  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\windows\system32\drivers\3ware.sys
13:54:15.0097 0x13c8  3ware - ok
13:54:15.0222 0x13c8  [ A3BDA4D1186C8F47FA1BC8E91F197537, 9E0D9E5DD562E0D28874F272929736A8669903D755A7D214DCE7385CB34DD3A6 ] ACPI            C:\windows\system32\drivers\ACPI.sys
13:54:15.0237 0x13c8  ACPI - ok
13:54:15.0253 0x13c8  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\windows\system32\Drivers\acpiex.sys
13:54:15.0253 0x13c8  acpiex - ok
13:54:15.0269 0x13c8  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
13:54:15.0269 0x13c8  acpipagr - ok
13:54:15.0300 0x13c8  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
13:54:15.0300 0x13c8  AcpiPmi - ok
13:54:15.0331 0x13c8  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\windows\System32\drivers\acpitime.sys
13:54:15.0331 0x13c8  acpitime - ok
13:54:15.0456 0x13c8  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:54:15.0456 0x13c8  AdobeARMservice - ok
13:54:16.0784 0x13c8  [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:54:16.0800 0x13c8  AdobeFlashPlayerUpdateSvc - ok
13:54:16.0909 0x13c8  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
13:54:16.0925 0x13c8  adp94xx - ok
13:54:17.0050 0x13c8  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\windows\system32\drivers\adpahci.sys
13:54:17.0065 0x13c8  adpahci - ok
13:54:17.0112 0x13c8  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\windows\system32\drivers\adpu320.sys
13:54:17.0128 0x13c8  adpu320 - ok
13:54:17.0222 0x13c8  [ AB34A3211A1D2AB977DE00CD7BC5A464, B893D957718BB56E10CAFE5F393AAC62FC541B391539B06D6C684AEB37B685F1 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
13:54:17.0222 0x13c8  AeLookupSvc - ok
13:54:17.0347 0x13c8  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\windows\system32\drivers\afd.sys
13:54:17.0378 0x13c8  AFD - ok
13:54:17.0441 0x13c8  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\windows\system32\drivers\agp440.sys
13:54:17.0441 0x13c8  agp440 - ok
13:54:17.0472 0x13c8  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\windows\System32\alg.exe
13:54:17.0487 0x13c8  ALG - ok
13:54:17.0550 0x13c8  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
13:54:17.0550 0x13c8  AllUserInstallAgent - ok
13:54:17.0566 0x13c8  [ FB88D16B55F788EEB7590584FE2D8F1A, 96DDFF3D0139FC268E43C5CB2F1455BC1EAD99883453933B4B639166AAB0ED38 ] AmdK8           C:\windows\System32\drivers\amdk8.sys
13:54:17.0581 0x13c8  AmdK8 - ok
13:54:17.0597 0x13c8  [ 81402FF3373CE4DF77D5C874E369A985, 83F2091A6D97314CD3216176365ABD1D0FB74686BA457022712DE8F355AD1D90 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
13:54:17.0612 0x13c8  AmdPPM - ok
13:54:17.0644 0x13c8  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\windows\system32\drivers\amdsata.sys
13:54:17.0644 0x13c8  amdsata - ok
13:54:17.0706 0x13c8  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
13:54:17.0722 0x13c8  amdsbs - ok
13:54:17.0753 0x13c8  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\windows\system32\drivers\amdxata.sys
13:54:17.0753 0x13c8  amdxata - ok
13:54:17.0769 0x13c8  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\windows\system32\drivers\appid.sys
13:54:17.0784 0x13c8  AppID - ok
13:54:17.0831 0x13c8  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\windows\System32\appidsvc.dll
13:54:17.0847 0x13c8  AppIDSvc - ok
13:54:17.0956 0x13c8  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\windows\System32\appinfo.dll
13:54:17.0972 0x13c8  Appinfo - ok
13:54:17.0987 0x13c8  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\windows\system32\drivers\arc.sys
13:54:17.0987 0x13c8  arc - ok
13:54:18.0003 0x13c8  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\windows\system32\drivers\arcsas.sys
13:54:18.0019 0x13c8  arcsas - ok
13:54:18.0034 0x13c8  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
13:54:18.0034 0x13c8  AsyncMac - ok
13:54:18.0097 0x13c8  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\windows\system32\drivers\atapi.sys
13:54:18.0097 0x13c8  atapi - ok
13:54:18.0206 0x13c8  [ 8FB10919E1283FD108334FDBFB173574, EAD11C6FA884AAC9E8534C267E9B1D2EAB1F2A396EACC900525465A2AEAB84D3 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
13:54:18.0206 0x13c8  AudioEndpointBuilder - ok
13:54:18.0362 0x13c8  [ 37B2C3BFD6E259A5CBC0053100908157, BB2103C67ED00D2A6C19D97BDFC8D7695F1957910743CA406038262DB1BB9339 ] Audiosrv        C:\windows\System32\Audiosrv.dll
13:54:18.0394 0x13c8  Audiosrv - ok
13:54:18.0425 0x13c8  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\windows\System32\AxInstSV.dll
13:54:18.0441 0x13c8  AxInstSV - ok
13:54:18.0612 0x13c8  [ 45C6EC94DE3D466B4B452EA0E3870321, 2C32648B91B9824579309D64C899ADEF626E10E75EE66EE95C22CBE71ED1864D ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
13:54:18.0628 0x13c8  b06bdrv - ok
13:54:18.0675 0x13c8  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
13:54:18.0675 0x13c8  BasicDisplay - ok
13:54:18.0706 0x13c8  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
13:54:18.0706 0x13c8  BasicRender - ok
13:54:18.0800 0x13c8  [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe
13:54:18.0800 0x13c8  BBSvc - ok
13:54:18.0847 0x13c8  [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
13:54:18.0847 0x13c8  BBUpdate - ok
13:54:20.0222 0x13c8  [ 2FE2E0EBCDF1EF22A34B44CED1E59893, CAAF05E0F2ADE9057323FCDE4452DEF1911120BCC0854B8F447F9ACCA036FB86 ] BCM43XX         C:\windows\system32\DRIVERS\bcmwl63a.sys
13:54:20.0425 0x13c8  BCM43XX - ok
13:54:20.0503 0x13c8  [ 5BEC02F0A82187227E7457F4600DDFDA, 1B3C25D91F324FB21493C904BFA6D60DB8CB7D49A083E54CA9FFC4F3EDAE3CF4 ] BDESVC          C:\windows\System32\bdesvc.dll
13:54:20.0519 0x13c8  BDESVC - ok
13:54:20.0534 0x13c8  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\windows\system32\drivers\Beep.sys
13:54:20.0550 0x13c8  Beep - ok
13:54:20.0706 0x13c8  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\windows\System32\bfe.dll
13:54:20.0738 0x13c8  BFE - ok
13:54:20.0894 0x13c8  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\windows\System32\qmgr.dll
13:54:20.0909 0x13c8  BITS - ok
13:54:20.0956 0x13c8  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
13:54:20.0972 0x13c8  bowser - ok
13:54:21.0050 0x13c8  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
13:54:21.0050 0x13c8  BrokerInfrastructure - ok
13:54:21.0113 0x13c8  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\windows\System32\browser.dll
13:54:21.0144 0x13c8  Browser - ok
13:54:21.0191 0x13c8  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D, 2EA75F8D7D3BDDDE19B48D71D09C797BBACD40800BF557F6FD9047CA62FF2B9F ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
13:54:21.0206 0x13c8  BthAvrcpTg - ok
13:54:21.0269 0x13c8  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
13:54:21.0300 0x13c8  BthHFEnum - ok
13:54:21.0331 0x13c8  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
13:54:21.0331 0x13c8  bthhfhid - ok
13:54:21.0363 0x13c8  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
13:54:21.0363 0x13c8  BTHMODEM - ok
13:54:21.0394 0x13c8  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\windows\system32\bthserv.dll
13:54:21.0409 0x13c8  bthserv - ok
13:54:21.0425 0x13c8  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
13:54:21.0441 0x13c8  cdfs - ok
13:54:21.0488 0x13c8  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\windows\System32\drivers\cdrom.sys
13:54:21.0503 0x13c8  cdrom - ok
13:54:21.0566 0x13c8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\windows\System32\certprop.dll
13:54:21.0581 0x13c8  CertPropSvc - ok
13:54:21.0613 0x13c8  [ 0FB3259B15FFAE378630087CC970A558, 82CF4F2126302E93FA2BBD471E14FF83068101145B09FD4D2649F92BFCCF093C ] CFRMD           C:\windows\system32\DRIVERS\CFRMD.sys
13:54:21.0613 0x13c8  CFRMD - ok
13:54:21.0784 0x13c8  [ 08D4BD3F12DFF3A11E4F2C09745DA0FA, 99A19D3B43F5B21A3E23B9A91D9443ED2710C14B954C769B837626181FC4F630 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
13:54:21.0784 0x13c8  CGVPNCliService - ok
13:54:21.0800 0x13c8  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\windows\System32\drivers\circlass.sys
13:54:21.0800 0x13c8  circlass - ok
13:54:21.0925 0x13c8  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\windows\system32\drivers\CLFS.sys
13:54:21.0925 0x13c8  CLFS - ok
13:54:22.0034 0x13c8  [ BC0333301C2506DAECDFC00D2E5DFEC5, AB82EAA3604C15CBAE63BD5D4B46AE21204AE3BB3D9FC07F65E88718B9636016 ] CLPSLauncher    C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
13:54:22.0034 0x13c8  CLPSLauncher - ok
13:54:22.0081 0x13c8  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
13:54:22.0081 0x13c8  CmBatt - ok
13:54:23.0394 0x13c8  [ D8CB9FE9F13AD0C3B39F19C2A8B83CE2, FD2916686F440B75C793870635B3CE9345944843D50C2ACD721DF81DDCAA30EF ] CmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
13:54:23.0488 0x13c8  CmdAgent - ok
13:54:23.0597 0x13c8  [ E722CC0A68314EFA5BDB2F21D98D8F73, E3DEA9A3A88BB59BFB701DB66B2E60377AA129B0529A15A2DB5A0353FD944AC0 ] cmderd          C:\windows\system32\DRIVERS\cmderd.sys
13:54:23.0597 0x13c8  cmderd - ok
13:54:23.0863 0x13c8  [ 8B9B9445B13F3B559C67AE5F29A8DA3A, BAAD5FB08CEC0683796BAF6FE56149ECA8B1F2ED32268A4890D87554679C6DBB ] cmdGuard        C:\windows\system32\DRIVERS\cmdguard.sys
13:54:23.0878 0x13c8  cmdGuard - ok
13:54:23.0910 0x13c8  [ FFA48D7F70367E08BC2A0A7C8DD24E6C, 2B1382389BB93FD6AE0751686C6BD91FFC5A7471B875A3FC6CB99D076D3E2781 ] cmdhlp          C:\windows\system32\DRIVERS\cmdhlp.sys
13:54:23.0910 0x13c8  cmdhlp - ok
13:54:24.0222 0x13c8  [ 2FAABAFA8B62FD1279A5CC01C34105EE, A3FF29238DD55B16B024FA8C43C4EAF5A2AADF379238A5300281774863411B7E ] cmdvirth        C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
13:54:24.0253 0x13c8  cmdvirth - ok
13:54:24.0456 0x13c8  [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG             C:\windows\system32\Drivers\cng.sys
13:54:24.0456 0x13c8  CNG - ok
13:54:24.0519 0x13c8  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
13:54:24.0519 0x13c8  CompositeBus - ok
13:54:24.0535 0x13c8  COMSysApp - ok
13:54:24.0566 0x13c8  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\windows\system32\drivers\condrv.sys
13:54:24.0566 0x13c8  condrv - ok
13:54:24.0675 0x13c8  [ D8724B606616B2B75AF54096119580F5, 53E1DEF9F966FDE5898759A33FB62B5062A941E97B235D6F6EF79A5AD1283BDE ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
13:54:24.0691 0x13c8  cphs - ok
13:54:24.0738 0x13c8  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\windows\system32\cryptsvc.dll
13:54:24.0753 0x13c8  CryptSvc - ok
13:54:24.0785 0x13c8  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\windows\system32\drivers\dam.sys
13:54:24.0785 0x13c8  dam - ok
13:54:24.0956 0x13c8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\windows\system32\rpcss.dll
13:54:24.0972 0x13c8  DcomLaunch - ok
13:54:25.0113 0x13c8  [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc       C:\windows\System32\defragsvc.dll
13:54:25.0128 0x13c8  defragsvc - ok
13:54:25.0253 0x13c8  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
13:54:25.0269 0x13c8  DeviceAssociationService - ok
13:54:25.0441 0x13c8  [ D7A3877D9E126E21925DA873677C1D65, 466FAB854A6F4C8B5D2B398C46131AF6683B20AB9157C5243B03E62FB35DDD74 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
13:54:25.0456 0x13c8  DeviceInstall - ok
13:54:25.0503 0x13c8  [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
13:54:25.0519 0x13c8  Dfsc - ok
13:54:25.0613 0x13c8  [ 6DBE7FE196F8E9D212DCC34EDDF7C3C1, 3E1D63E2237476C2CB500B8B68565A43A639DBE187B79EC69D25C0B32F3494FA ] Dhcp            C:\windows\system32\dhcpcore.dll
13:54:25.0628 0x13c8  Dhcp - ok
13:54:25.0660 0x13c8  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\windows\system32\drivers\discache.sys
13:54:25.0675 0x13c8  discache - ok
13:54:25.0707 0x13c8  [ 560495FF4CA22E1D9B1972FA18F43B6F, 41FFDD4C1097AA857A8177E34F101A1A9C1429A4E8DEC3D395C6135A9E112CD6 ] disk            C:\windows\system32\drivers\disk.sys
13:54:25.0707 0x13c8  disk - ok
13:54:25.0738 0x13c8  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
13:54:25.0738 0x13c8  dmvsc - ok
13:54:25.0816 0x13c8  [ B9450BC3F1820A99D010D7426BCA60E9, FC7C35A0C522E5DA52B0616CF99F4903EAC14946180A18A8D8A0FF555BAA87C5 ] Dnscache        C:\windows\System32\dnsrslvr.dll
13:54:25.0816 0x13c8  Dnscache - ok
13:54:25.0910 0x13c8  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\windows\System32\dot3svc.dll
13:54:25.0925 0x13c8  dot3svc - ok
13:54:25.0988 0x13c8  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\windows\system32\dps.dll
13:54:26.0003 0x13c8  DPS - ok
13:54:26.0519 0x13c8  [ E4A0D0C8F17073BE392F062DD1F6B50E, 26CF71517C09B24B6F6AB5AC902FF0D1426351BCCD6AB571510C83D0F6E32FE6 ] DragonUpdater   C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
13:54:26.0550 0x13c8  DragonUpdater - ok
13:54:26.0628 0x13c8  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
13:54:26.0628 0x13c8  drmkaud - ok
13:54:26.0691 0x13c8  [ BF48F32EE248C3D371DA5DC93BBEADA7, C8E9B685A8F2F99140382557F11E362D899E7EC6693ADEFE762F0A3850585C63 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
13:54:26.0707 0x13c8  DsmSvc - ok
13:54:27.0050 0x13c8  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
13:54:27.0066 0x13c8  DXGKrnl - ok
13:54:27.0175 0x13c8  [ 651FBD69A9713D623D456A240F96179C, 22A1F306B454EF9C84D25EF266F3ED0E1D896B1F5BE60170E79F37F2DBCA59F4 ] e1iexpress      C:\windows\system32\DRIVERS\e1i63x64.sys
13:54:27.0175 0x13c8  e1iexpress - ok
13:54:27.0222 0x13c8  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\windows\System32\eapsvc.dll
13:54:27.0238 0x13c8  Eaphost - ok
13:54:27.0988 0x13c8  [ C815C4FAE6A816DFB58975F3D0396692, BCFB286137163C4760367F0056688D18168407CA5ED9DED95179F967FCC035DE ] ebdrv           C:\windows\system32\drivers\evbda.sys
13:54:28.0035 0x13c8  ebdrv - ok
13:54:28.0097 0x13c8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\windows\System32\lsass.exe
13:54:28.0097 0x13c8  EFS - ok
13:54:28.0144 0x13c8  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
13:54:28.0144 0x13c8  EhStorClass - ok
13:54:28.0191 0x13c8  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
13:54:28.0191 0x13c8  EhStorTcgDrv - ok
13:54:28.0222 0x13c8  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\windows\System32\drivers\errdev.sys
13:54:28.0222 0x13c8  ErrDev - ok
13:54:28.0410 0x13c8  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\windows\system32\es.dll
13:54:28.0425 0x13c8  EventSystem - ok
13:54:28.0488 0x13c8  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\windows\system32\drivers\exfat.sys
13:54:28.0519 0x13c8  exfat - ok
13:54:28.0582 0x13c8  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\windows\system32\drivers\fastfat.sys
13:54:28.0597 0x13c8  fastfat - ok
13:54:28.0738 0x13c8  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\windows\system32\fxssvc.exe
13:54:28.0769 0x13c8  Fax - ok
13:54:28.0816 0x13c8  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\windows\System32\drivers\fdc.sys
13:54:28.0816 0x13c8  fdc - ok
13:54:28.0847 0x13c8  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\windows\system32\fdPHost.dll
13:54:28.0863 0x13c8  fdPHost - ok
13:54:28.0894 0x13c8  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\windows\system32\fdrespub.dll
13:54:28.0925 0x13c8  FDResPub - ok
13:54:28.0988 0x13c8  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\windows\system32\fhsvc.dll
13:54:29.0004 0x13c8  fhsvc - ok
13:54:29.0035 0x13c8  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
13:54:29.0035 0x13c8  FileInfo - ok
13:54:29.0050 0x13c8  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
13:54:29.0050 0x13c8  Filetrace - ok
13:54:29.0082 0x13c8  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
13:54:29.0082 0x13c8  flpydisk - ok
13:54:29.0160 0x13c8  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
13:54:29.0175 0x13c8  FltMgr - ok
13:54:29.0582 0x13c8  [ 305CB1E16576F436BC8797E629A3D46D, E3644AE3FA8F755D306D9C4177262CEC451B33731074508B139F3F86AC1B5AE6 ] FontCache       C:\windows\system32\FntCache.dll
13:54:29.0644 0x13c8  FontCache - ok
13:54:29.0800 0x13c8  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:54:29.0800 0x13c8  FontCache3.0.0.0 - ok
13:54:29.0847 0x13c8  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
13:54:29.0847 0x13c8  FsDepends - ok
13:54:29.0894 0x13c8  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
13:54:29.0894 0x13c8  Fs_Rec - ok
13:54:29.0957 0x13c8  [ 79E687A2829B9EBDF488F78260651094, 205F2FA215DC40A08E08F261F3474883FFF7B27F8ECB5DF6467A1C5903608373 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
13:54:29.0972 0x13c8  fvevol - ok
13:54:29.0988 0x13c8  [ 3EF3FCCC0E70EEC5C2AD996F32BBA642, AC452FD68519DD1EFC971D223CBB3702F38146CB4203E2F6A4302EE3F76144EB ] FxPPM           C:\windows\System32\drivers\fxppm.sys
13:54:29.0988 0x13c8  FxPPM - ok
13:54:30.0035 0x13c8  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
13:54:30.0035 0x13c8  gagp30kx - ok
13:54:30.0488 0x13c8  [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
13:54:30.0519 0x13c8  GeekBuddyRSP - ok
13:54:30.0582 0x13c8  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
13:54:30.0582 0x13c8  gencounter - ok
13:54:30.0629 0x13c8  [ FAD35699987BAA96E22E13B24FF44769, 2320DA30E04BCE7E39570AF56BD1E7846D5A9E1043B1DBF3DA962C4AC9D822CE ] ghsandroid      C:\windows\System32\Drivers\ghsandroid.sys
13:54:30.0629 0x13c8  ghsandroid - ok
13:54:30.0675 0x13c8  [ 35C8434A4C8A689CDE4723FD61D286E1, 14F311B295DC122AC4D85737996B18992A24C826BE08192E3DA49B3B986F7F79 ] ghsdiagMDM      C:\windows\system32\DRIVERS\ghsdiagMDM.sys
13:54:30.0691 0x13c8  ghsdiagMDM - ok
13:54:30.0738 0x13c8  [ A1F17108F3ED752D2614D767792327C5, A4FDFD827C2044A2585918789206F6EC2092DBF99531F8FE0B255CF8B21AF27A ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
13:54:30.0738 0x13c8  GPIOClx0101 - ok
13:54:31.0113 0x13c8  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\windows\System32\gpsvc.dll
13:54:31.0144 0x13c8  gpsvc - ok
13:54:31.0222 0x13c8  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:54:31.0238 0x13c8  gupdate - ok
13:54:31.0238 0x13c8  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:54:31.0254 0x13c8  gupdatem - ok
13:54:31.0332 0x13c8  [ C2504AA983B5D411F7D31402E8B57725, B07370E6BF87546F2557C423F7450CBE90E2A13042DEA2864B6047EFE9F459C5 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:54:31.0347 0x13c8  HdAudAddService - ok
13:54:31.0394 0x13c8  [ 8D6810577E9C4F56DCB8E9BACAC7287B, A3E1FDBD368BFA315B1D1E947B6B58C240CA9E2652581E1ED1C6F5F33292BD54 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
13:54:31.0394 0x13c8  HDAudBus - ok
13:54:31.0426 0x13c8  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
13:54:31.0426 0x13c8  HidBatt - ok
13:54:31.0457 0x13c8  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\windows\System32\drivers\hidbth.sys
13:54:31.0472 0x13c8  HidBth - ok
13:54:31.0488 0x13c8  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
13:54:31.0519 0x13c8  hidi2c - ok
13:54:31.0535 0x13c8  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\windows\System32\drivers\hidir.sys
13:54:31.0535 0x13c8  HidIr - ok
13:54:31.0597 0x13c8  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\windows\system32\hidserv.dll
13:54:31.0613 0x13c8  hidserv - ok
13:54:31.0629 0x13c8  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\windows\System32\drivers\hidusb.sys
13:54:31.0644 0x13c8  HidUsb - ok
13:54:31.0676 0x13c8  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\windows\system32\kmsvc.dll
13:54:31.0676 0x13c8  hkmsvc - ok
13:54:31.0785 0x13c8  [ 6CC1AD7B0E071C317B7FB8FC6AEF0EDA, 2A907E87E491F76B75F13CD921962EA4D1FF4C705E393F8FA3F48EC701E668F5 ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:54:31.0816 0x13c8  HomeGroupListener - ok
13:54:31.0894 0x13c8  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:54:31.0926 0x13c8  HomeGroupProvider - ok
13:54:31.0957 0x13c8  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
13:54:31.0972 0x13c8  HpSAMD - ok
13:54:32.0097 0x13c8  [ 82C47A85494249623F40E43C7B04051C, 97EF087B49219B68686914B250634FF67D13B7D3F81562614F108D2A40BEBA54 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
13:54:32.0097 0x13c8  HPSupportSolutionsFrameworkService - ok
13:54:32.0285 0x13c8  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\windows\system32\drivers\HTTP.sys
13:54:32.0316 0x13c8  HTTP - ok
13:54:32.0332 0x13c8  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
13:54:32.0332 0x13c8  hwpolicy - ok
13:54:32.0363 0x13c8  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
13:54:32.0363 0x13c8  hyperkbd - ok
13:54:32.0379 0x13c8  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
13:54:32.0379 0x13c8  HyperVideo - ok
13:54:32.0410 0x13c8  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
13:54:32.0441 0x13c8  i8042prt - ok
13:54:32.0535 0x13c8  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
13:54:32.0551 0x13c8  iaStorV - ok
13:54:32.0566 0x13c8  icquni - ok
13:54:33.0457 0x13c8  [ 076023219E918D34585B231029A44571, C2AB0DE0D80D0BC6595C9F9655A890531E7952599714DC03B4ECB46947D833A8 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
13:54:33.0504 0x13c8  igfx - ok
13:54:33.0582 0x13c8  [ C814D4A0B7B91E936B2DC0828C69ACAB, A19B503CB3C598474C61DA6F1AC087CCF287F7523D2F932B21EF21E7CA1809B1 ] igfxCUIService1.0.0.0 C:\windows\system32\igfxCUIService.exe
13:54:33.0598 0x13c8  igfxCUIService1.0.0.0 - ok
13:54:33.0644 0x13c8  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
13:54:33.0660 0x13c8  iirsp - ok
13:54:33.0957 0x13c8  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\windows\System32\ikeext.dll
13:54:34.0004 0x13c8  IKEEXT - ok
13:54:34.0066 0x13c8  [ AFB27247B018A75360098435C61003EB, A12CD42F03EF314C1BC3E5BAB1BAEF457290D03F02D2A7EF64CBC9F0A5B34DBB ] inspect         C:\windows\system32\DRIVERS\inspect.sys
13:54:34.0082 0x13c8  inspect - ok
13:54:34.0098 0x13c8  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\windows\system32\drivers\intelide.sys
13:54:34.0098 0x13c8  intelide - ok
13:54:34.0129 0x13c8  [ F9E126AA767E2E6E3128434A43C9F713, 1BF023083158DB1D76E89C77D383C082F1CA19F00C8FC3B0C30A93263A32BCEA ] intelppm        C:\windows\System32\drivers\intelppm.sys
13:54:34.0144 0x13c8  intelppm - ok
13:54:34.0191 0x13c8  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
13:54:34.0191 0x13c8  IpFilterDriver - ok
13:54:34.0426 0x13c8  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
13:54:34.0441 0x13c8  iphlpsvc - ok
13:54:34.0488 0x13c8  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
13:54:34.0488 0x13c8  IPMIDRV - ok
13:54:34.0535 0x13c8  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
13:54:34.0551 0x13c8  IPNAT - ok
13:54:34.0582 0x13c8  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\windows\system32\drivers\irenum.sys
13:54:34.0582 0x13c8  IRENUM - ok
13:54:34.0598 0x13c8  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\windows\system32\drivers\isapnp.sys
13:54:34.0598 0x13c8  isapnp - ok
13:54:34.0676 0x13c8  [ F5F0DE1B7F256997501EECECE9648108, F9B602EA6B278980A299BB7A393ED09388761DE56162AC998398AB95B5A4EC3E ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
13:54:34.0691 0x13c8  iScsiPrt - ok
13:54:34.0723 0x13c8  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
13:54:34.0723 0x13c8  kbdclass - ok
13:54:34.0754 0x13c8  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
13:54:34.0769 0x13c8  kbdhid - ok
13:54:34.0785 0x13c8  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
13:54:34.0785 0x13c8  kdnic - ok
13:54:34.0816 0x13c8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\windows\system32\lsass.exe
13:54:34.0816 0x13c8  KeyIso - ok
13:54:34.0863 0x13c8  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
13:54:34.0863 0x13c8  KSecDD - ok
13:54:34.0957 0x13c8  [ 0EB535ADDC065F2D0CBFC089630A6065, F6DD544227A5B7A0C80E401EB5461963567A24834C60AF520FBABC1A9FB4E631 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
13:54:34.0957 0x13c8  KSecPkg - ok
13:54:34.0973 0x13c8  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
13:54:34.0988 0x13c8  ksthunk - ok
13:54:35.0082 0x13c8  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\windows\system32\msdtckrm.dll
13:54:35.0113 0x13c8  KtmRm - ok
13:54:35.0144 0x13c8  [ E8394F7CA5107A61A60729CEA7A21FF6, 52BAEDC65CD22BA6D125103BEBAC114F4D63E82F339FBA05016679AB51BA7D50 ] L1C             C:\windows\system32\DRIVERS\L1C63x64.sys
13:54:35.0144 0x13c8  L1C - ok
13:54:35.0254 0x13c8  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\windows\system32\srvsvc.dll
13:54:35.0269 0x13c8  LanmanServer - ok
13:54:35.0394 0x13c8  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:54:35.0410 0x13c8  LanmanWorkstation - ok
13:54:35.0473 0x13c8  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
13:54:35.0488 0x13c8  lltdio - ok
13:54:35.0644 0x13c8  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\windows\System32\lltdsvc.dll
13:54:35.0676 0x13c8  lltdsvc - ok
13:54:35.0691 0x13c8  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\windows\System32\lmhsvc.dll
13:54:35.0691 0x13c8  lmhosts - ok
13:54:35.0723 0x13c8  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
13:54:35.0723 0x13c8  LSI_SAS - ok
13:54:35.0738 0x13c8  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
13:54:35.0738 0x13c8  LSI_SAS2 - ok
13:54:35.0769 0x13c8  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
13:54:35.0769 0x13c8  LSI_SCSI - ok
13:54:35.0816 0x13c8  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
13:54:35.0816 0x13c8  LSI_SSS - ok
13:54:35.0926 0x13c8  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\windows\System32\lsm.dll
13:54:35.0941 0x13c8  LSM - ok
13:54:35.0988 0x13c8  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\windows\system32\drivers\luafv.sys
13:54:35.0988 0x13c8  luafv - ok
13:54:36.0066 0x13c8  [ D7F57860E779B84AB982E8F4F23E30D1, 118E98F8999A2CBA469FBFF8C776BFC9D92D0445AE30060EA4028731224C68B8 ] massfilter_hs   C:\windows\system32\drivers\massfilter_hs.sys
13:54:36.0082 0x13c8  massfilter_hs - ok
13:54:36.0129 0x13c8  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\windows\system32\drivers\megasas.sys
13:54:36.0129 0x13c8  megasas - ok
13:54:36.0207 0x13c8  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
13:54:36.0223 0x13c8  MegaSR - ok
13:54:36.0254 0x13c8  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
13:54:36.0254 0x13c8  MEIx64 - ok
13:54:36.0301 0x13c8  [ DBD28A7997CF7303E610989C565C9B29, 4BCB9920357DDDC9433EA73B683FAAE15572EC0346ED45F61B19EC503F5A9FED ] MMCSS           C:\windows\system32\mmcss.dll
13:54:36.0316 0x13c8  MMCSS - ok
13:54:36.0332 0x13c8  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\windows\system32\drivers\modem.sys
13:54:36.0348 0x13c8  Modem - ok
13:54:36.0395 0x13c8  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\windows\System32\drivers\monitor.sys
13:54:36.0395 0x13c8  monitor - ok
13:54:36.0410 0x13c8  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\windows\System32\drivers\mouclass.sys
13:54:36.0410 0x13c8  mouclass - ok
13:54:36.0488 0x13c8  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\windows\System32\drivers\mouhid.sys
13:54:36.0488 0x13c8  mouhid - ok
13:54:36.0504 0x13c8  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
13:54:36.0520 0x13c8  mountmgr - ok
13:54:36.0582 0x13c8  [ DFCD29AB147716CA72416FA7D2196D46, ED60BF354347697F69A78C9FBE1ADCBE0C3EB4C2CC8DB97A7FA03A68BD796066 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:54:36.0582 0x13c8  MozillaMaintenance - ok
13:54:36.0598 0x13c8  [ 36BF4D86F166ACBC14F0B8B8F90CBCEA, 9127DB0ABCCF57DEEB6447EEE33C5F4724472763DB1941D6FA74C745512D0DA2 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
13:54:36.0613 0x13c8  mpsdrv - ok
13:54:36.0879 0x13c8  [ 411EA973A1961C287927DF13891EB41E, 1DA42631346FF8B43443A4DCE838AEB3C7166FBB272FC47740B09A1A1CE5CCBC ] MpsSvc          C:\windows\system32\mpssvc.dll
13:54:36.0895 0x13c8  MpsSvc - ok
13:54:36.0941 0x13c8  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
13:54:36.0957 0x13c8  MRxDAV - ok
13:54:37.0004 0x13c8  [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
13:54:37.0020 0x13c8  mrxsmb - ok
13:54:37.0145 0x13c8  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
13:54:37.0160 0x13c8  mrxsmb10 - ok
13:54:37.0254 0x13c8  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
13:54:37.0270 0x13c8  mrxsmb20 - ok
13:54:37.0348 0x13c8  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
13:54:37.0363 0x13c8  MsBridge - ok
13:54:37.0395 0x13c8  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\windows\System32\msdtc.exe
13:54:37.0410 0x13c8  MSDTC - ok
13:54:37.0457 0x13c8  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\windows\system32\drivers\Msfs.sys
13:54:37.0473 0x13c8  Msfs - ok
13:54:37.0520 0x13c8  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
13:54:37.0520 0x13c8  msgpiowin32 - ok
13:54:37.0551 0x13c8  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
13:54:37.0551 0x13c8  mshidkmdf - ok
13:54:37.0566 0x13c8  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
13:54:37.0566 0x13c8  mshidumdf - ok
13:54:37.0598 0x13c8  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
13:54:37.0598 0x13c8  msisadrv - ok
13:54:37.0676 0x13c8  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\windows\system32\iscsiexe.dll
13:54:37.0691 0x13c8  MSiSCSI - ok
13:54:37.0691 0x13c8  msiserver - ok
13:54:37.0723 0x13c8  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
13:54:37.0723 0x13c8  MSKSSRV - ok
13:54:37.0754 0x13c8  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
13:54:37.0770 0x13c8  MsLldp - ok
13:54:37.0785 0x13c8  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
13:54:37.0785 0x13c8  MSPCLOCK - ok
13:54:37.0801 0x13c8  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
13:54:37.0801 0x13c8  MSPQM - ok
13:54:37.0910 0x13c8  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
13:54:37.0926 0x13c8  MsRPC - ok
13:54:37.0957 0x13c8  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
13:54:37.0957 0x13c8  mssmbios - ok
13:54:37.0973 0x13c8  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
13:54:37.0973 0x13c8  MSTEE - ok
13:54:38.0004 0x13c8  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
13:54:38.0004 0x13c8  MTConfig - ok
13:54:38.0035 0x13c8  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\windows\system32\Drivers\mup.sys
13:54:38.0035 0x13c8  Mup - ok
13:54:38.0051 0x13c8  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\windows\system32\drivers\mvumis.sys
13:54:38.0051 0x13c8  mvumis - ok
13:54:38.0129 0x13c8  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\windows\system32\qagentRT.dll
13:54:38.0160 0x13c8  napagent - ok
13:54:38.0270 0x13c8  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
13:54:38.0301 0x13c8  NativeWifiP - ok
13:54:38.0395 0x13c8  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\windows\System32\ncasvc.dll
13:54:38.0410 0x13c8  NcaSvc - ok
13:54:38.0441 0x13c8  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
13:54:38.0441 0x13c8  NcdAutoSetup - ok
13:54:38.0660 0x13c8  [ 03CFE4108D1DE16D6C59455B5C73319C, 0816BAB06457F7ED53F658E53314A7A1D5A0398151186A47CE11A3017D002161 ] NDIS            C:\windows\system32\drivers\ndis.sys
13:54:38.0691 0x13c8  NDIS - ok
13:54:38.0738 0x13c8  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
13:54:38.0738 0x13c8  NdisCap - ok
13:54:38.0770 0x13c8  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
13:54:38.0770 0x13c8  NdisImPlatform - ok
13:54:38.0848 0x13c8  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
13:54:38.0863 0x13c8  NdisTapi - ok
13:54:38.0879 0x13c8  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
13:54:38.0895 0x13c8  Ndisuio - ok
13:54:38.0957 0x13c8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
13:54:38.0957 0x13c8  NdisWan - ok
13:54:38.0973 0x13c8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
13:54:38.0988 0x13c8  NDISWANLEGACY - ok
13:54:39.0035 0x13c8  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
13:54:39.0051 0x13c8  NDProxy - ok
13:54:39.0098 0x13c8  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\windows\system32\drivers\Ndu.sys
13:54:39.0098 0x13c8  Ndu - ok
13:54:39.0129 0x13c8  [ 04DC476E1E5C1178724CA350F77E8D93, C2870142EC14F62F9A6086262EE997F33FB9CC5719B66DAF82544E9B6245B919 ] Neo_VPN         C:\windows\system32\DRIVERS\Neo_VPN.sys
13:54:39.0129 0x13c8  Neo_VPN - ok
13:54:39.0176 0x13c8  [ 04DC476E1E5C1178724CA350F77E8D93, C2870142EC14F62F9A6086262EE997F33FB9CC5719B66DAF82544E9B6245B919 ] Neo_VPN2        C:\windows\system32\DRIVERS\Neo_VPN2.sys
13:54:39.0176 0x13c8  Neo_VPN2 - ok
13:54:39.0238 0x13c8  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
13:54:39.0254 0x13c8  NetBIOS - ok
13:54:39.0332 0x13c8  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
13:54:39.0363 0x13c8  NetBT - ok
13:54:39.0379 0x13c8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\windows\system32\lsass.exe
13:54:39.0379 0x13c8  Netlogon - ok
13:54:39.0488 0x13c8  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\windows\System32\netman.dll
13:54:39.0504 0x13c8  Netman - ok
13:54:39.0629 0x13c8  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\windows\System32\netprofmsvc.dll
13:54:39.0645 0x13c8  netprofm - ok
13:54:39.0817 0x13c8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:54:39.0895 0x13c8  NetTcpPortSharing - ok
13:54:42.0395 0x13c8  [ 57B9C04D673F236D41FAB03842C8640B, 898DCBBBF94875059CD328B0FC75BE36A4E3DD471C6E28BFAE064BCF84349518 ] NETwNs64        C:\windows\system32\DRIVERS\NETwNs64.sys
13:54:42.0660 0x13c8  NETwNs64 - ok
13:54:42.0723 0x13c8  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
13:54:42.0723 0x13c8  nfrd960 - ok
13:54:42.0864 0x13c8  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\windows\System32\nlasvc.dll
13:54:42.0879 0x13c8  NlaSvc - ok
13:54:42.0942 0x13c8  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\windows\system32\drivers\npf.sys
13:54:42.0942 0x13c8  NPF - ok
13:54:42.0973 0x13c8  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\windows\system32\drivers\Npfs.sys
13:54:42.0989 0x13c8  Npfs - ok
13:54:43.0020 0x13c8  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
13:54:43.0020 0x13c8  npsvctrig - ok
13:54:43.0067 0x13c8  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\windows\system32\nsisvc.dll
13:54:43.0082 0x13c8  nsi - ok
13:54:43.0098 0x13c8  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
13:54:43.0114 0x13c8  nsiproxy - ok
13:54:43.0551 0x13c8  [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
13:54:43.0598 0x13c8  Ntfs - ok
13:54:43.0660 0x13c8  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\windows\system32\drivers\Null.sys
13:54:43.0676 0x13c8  Null - ok
13:54:43.0723 0x13c8  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\windows\system32\drivers\nvraid.sys
13:54:43.0739 0x13c8  nvraid - ok
13:54:43.0801 0x13c8  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\windows\system32\drivers\nvstor.sys
13:54:43.0817 0x13c8  nvstor - ok
13:54:43.0832 0x13c8  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
13:54:43.0832 0x13c8  nv_agp - ok
13:54:43.0957 0x13c8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:54:43.0957 0x13c8  ose - ok
13:54:45.0192 0x13c8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:54:45.0254 0x13c8  osppsvc - ok
13:54:45.0364 0x13c8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
13:54:45.0379 0x13c8  p2pimsvc - ok
13:54:45.0489 0x13c8  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\windows\system32\p2psvc.dll
13:54:45.0520 0x13c8  p2psvc - ok
13:54:45.0551 0x13c8  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\windows\System32\drivers\parport.sys
13:54:45.0567 0x13c8  Parport - ok
13:54:45.0598 0x13c8  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\windows\system32\drivers\partmgr.sys
13:54:45.0598 0x13c8  partmgr - ok
13:54:45.0739 0x13c8  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\windows\System32\pcasvc.dll
13:54:45.0754 0x13c8  PcaSvc - ok
13:54:45.0786 0x13c8  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\windows\system32\drivers\pci.sys
13:54:45.0801 0x13c8  pci - ok
13:54:45.0817 0x13c8  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\windows\system32\drivers\pciide.sys
13:54:45.0817 0x13c8  pciide - ok
13:54:45.0895 0x13c8  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
13:54:45.0895 0x13c8  pcmcia - ok
13:54:45.0911 0x13c8  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\windows\system32\drivers\pcw.sys
13:54:45.0911 0x13c8  pcw - ok
13:54:45.0942 0x13c8  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\windows\system32\drivers\pdc.sys
13:54:45.0942 0x13c8  pdc - ok
13:54:46.0176 0x13c8  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
13:54:46.0207 0x13c8  PEAUTH - ok
13:54:47.0723 0x13c8  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\windows\SysWow64\perfhost.exe
13:54:47.0739 0x13c8  PerfHost - ok
13:54:48.0098 0x13c8  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\windows\system32\pla.dll
13:54:48.0129 0x13c8  pla - ok
13:54:48.0176 0x13c8  [ D7A3877D9E126E21925DA873677C1D65, 466FAB854A6F4C8B5D2B398C46131AF6683B20AB9157C5243B03E62FB35DDD74 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
13:54:48.0176 0x13c8  PlugPlay - ok
13:54:48.0223 0x13c8  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
13:54:48.0239 0x13c8  PNRPAutoReg - ok
13:54:48.0348 0x13c8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
13:54:48.0364 0x13c8  PNRPsvc - ok
13:54:48.0489 0x13c8  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
13:54:48.0520 0x13c8  PolicyAgent - ok
13:54:48.0567 0x13c8  [ AAD0C7235F804728373026EEFFDBCA6C, 930592ED085A14A7AC48F0D889627CAB865C8DAD3274544CEAC40C1F0730FD13 ] Power           C:\windows\system32\umpo.dll
13:54:48.0583 0x13c8  Power - ok
13:54:48.0614 0x13c8  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
13:54:48.0629 0x13c8  PptpMiniport - ok
13:54:49.0833 0x13c8  [ 3D312AC13CB8D05822E9EFD234766BA7, 5914CAA563FAE4E21AD58A262369657135D320788A56ABF15C9D77E9ADC4CA36 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
13:54:49.0864 0x13c8  PrintNotify - ok
13:54:49.0911 0x13c8  [ 8DA167F8967AB35A2487095CB1B879A0, 78FD1D87F0A52254DFD71B76BEEA4179CECF830D1CF623A12FBD991B7C1CDDC1 ] Processor       C:\windows\System32\drivers\processr.sys
13:54:49.0942 0x13c8  Processor - ok
13:54:49.0989 0x13c8  [ 7319B31138CF508E0C4502946657A4B4, 03C57F90F673012B983720D1477822AABA6D6D54F700AB2248CAED6451B37CA3 ] ProfSvc         C:\windows\system32\profsvc.dll
13:54:50.0005 0x13c8  ProfSvc - ok
13:54:50.0020 0x13c8  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
13:54:50.0036 0x13c8  Psched - ok
13:54:50.0130 0x13c8  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\windows\system32\qwave.dll
13:54:50.0161 0x13c8  QWAVE - ok
13:54:50.0176 0x13c8  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
13:54:50.0192 0x13c8  QWAVEdrv - ok
13:54:50.0223 0x13c8  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
13:54:50.0223 0x13c8  RasAcd - ok
13:54:50.0270 0x13c8  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
13:54:50.0286 0x13c8  RasAgileVpn - ok
13:54:50.0301 0x13c8  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\windows\System32\rasauto.dll
13:54:50.0317 0x13c8  RasAuto - ok
13:54:50.0333 0x13c8  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
13:54:50.0348 0x13c8  Rasl2tp - ok
13:54:50.0442 0x13c8  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\windows\System32\rasmans.dll
13:54:50.0473 0x13c8  RasMan - ok
13:54:50.0489 0x13c8  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
13:54:50.0505 0x13c8  RasPppoe - ok
13:54:50.0536 0x13c8  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
13:54:50.0551 0x13c8  RasSstp - ok
13:54:50.0661 0x13c8  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
13:54:50.0676 0x13c8  rdbss - ok
13:54:50.0739 0x13c8  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
13:54:50.0739 0x13c8  rdpbus - ok
13:54:50.0801 0x13c8  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
13:54:50.0817 0x13c8  RDPDR - ok
13:54:50.0864 0x13c8  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
13:54:50.0864 0x13c8  RdpVideoMiniport - ok
13:54:50.0911 0x13c8  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
13:54:50.0926 0x13c8  RDPWD - ok
13:54:50.0989 0x13c8  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
13:54:51.0005 0x13c8  rdyboost - ok
13:54:51.0083 0x13c8  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\windows\System32\mprdim.dll
13:54:51.0114 0x13c8  RemoteAccess - ok
13:54:51.0161 0x13c8  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\windows\system32\regsvc.dll
13:54:51.0192 0x13c8  RemoteRegistry - ok
13:54:51.0223 0x13c8  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
13:54:51.0223 0x13c8  rpcapd - ok
13:54:51.0270 0x13c8  [ 381E606B90F32E501D1E2C852D211AB9, F307DA40A376C694868EB30186EA6420705C8BFCEA74B25F988E67FE728F0A8D ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
13:54:51.0286 0x13c8  RpcEptMapper - ok
13:54:51.0333 0x13c8  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\windows\system32\locator.exe
13:54:51.0333 0x13c8  RpcLocator - ok
13:54:51.0520 0x13c8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\windows\system32\rpcss.dll
13:54:51.0536 0x13c8  RpcSs - ok
13:54:51.0583 0x13c8  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
13:54:51.0583 0x13c8  rspndr - ok
13:54:51.0645 0x13c8  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
13:54:51.0645 0x13c8  s3cap - ok
13:54:51.0676 0x13c8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\windows\system32\lsass.exe
13:54:51.0692 0x13c8  SamSs - ok
13:54:51.0723 0x13c8  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
13:54:51.0723 0x13c8  sbp2port - ok
13:54:51.0801 0x13c8  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\windows\System32\SCardSvr.dll
13:54:51.0833 0x13c8  SCardSvr - ok
13:54:51.0911 0x13c8  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
13:54:51.0926 0x13c8  scfilter - ok
13:54:52.0270 0x13c8  [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule        C:\windows\system32\schedsvc.dll
13:54:52.0301 0x13c8  Schedule - ok
13:54:52.0364 0x13c8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\windows\System32\certprop.dll
13:54:52.0380 0x13c8  SCPolicySvc - ok
13:54:52.0458 0x13c8  [ 047315E75392CEA447ACC86257824C16, 955F065C026DA807BDA241546A619913DA39112BD8CDBDB82562B2883317CE0B ] sdbus           C:\windows\System32\drivers\sdbus.sys
13:54:52.0458 0x13c8  sdbus - ok
13:54:52.0552 0x13c8  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\windows\System32\SDRSVC.dll
13:54:52.0567 0x13c8  SDRSVC - ok
13:54:52.0630 0x13c8  [ 6BF842A03DAA25CBBA9A585E25731E06, A13C4AA4061B698E43A5E752188E23E7F89D3F843B9EDCBED2992B01F5F7D3D3 ] sdstor          C:\windows\System32\drivers\sdstor.sys
13:54:52.0630 0x13c8  sdstor - ok
13:54:52.0645 0x13c8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
13:54:52.0661 0x13c8  secdrv - ok
13:54:52.0692 0x13c8  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\windows\system32\seclogon.dll
13:54:52.0692 0x13c8  seclogon - ok
13:54:52.0739 0x13c8  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\windows\System32\sens.dll
13:54:52.0755 0x13c8  SENS - ok
13:54:52.0802 0x13c8  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\windows\system32\sensrsvc.dll
13:54:52.0817 0x13c8  SensrSvc - ok
13:54:52.0848 0x13c8  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\windows\system32\drivers\SerCx.sys
13:54:52.0848 0x13c8  SerCx - ok
13:54:52.0864 0x13c8  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\windows\System32\drivers\serenum.sys
13:54:52.0864 0x13c8  Serenum - ok
13:54:52.0911 0x13c8  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\windows\System32\drivers\serial.sys
13:54:52.0911 0x13c8  Serial - ok
13:54:52.0942 0x13c8  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\windows\System32\drivers\sermouse.sys
13:54:52.0942 0x13c8  sermouse - ok
13:54:53.0036 0x13c8  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\windows\system32\sessenv.dll
13:54:53.0052 0x13c8  SessionEnv - ok
13:54:53.0067 0x13c8  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
13:54:53.0067 0x13c8  sfloppy - ok
13:54:53.0177 0x13c8  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\windows\System32\ipnathlp.dll
13:54:53.0208 0x13c8  SharedAccess - ok
13:54:53.0458 0x13c8  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:54:53.0489 0x13c8  ShellHWDetection - ok
13:54:53.0567 0x13c8  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
13:54:53.0567 0x13c8  SiSRaid2 - ok
13:54:53.0583 0x13c8  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
13:54:53.0583 0x13c8  SiSRaid4 - ok
13:54:53.0630 0x13c8  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
13:54:53.0630 0x13c8  SNMPTRAP - ok
13:54:53.0755 0x13c8  [ FD3AF5575B99871BADB94E7699DBCE08, 847A78C1388683984AFA7D00B7C7F8741BC1DFBF4999AAD1E2EFC22D3C316846 ] spaceport       C:\windows\system32\drivers\spaceport.sys
13:54:53.0755 0x13c8  spaceport - ok
13:54:53.0786 0x13c8  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
13:54:53.0802 0x13c8  SpbCx - ok
13:54:54.0036 0x13c8  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\windows\System32\spoolsv.exe
13:54:54.0052 0x13c8  Spooler - ok
13:54:55.0099 0x13c8  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\windows\system32\sppsvc.exe
13:54:55.0161 0x13c8  sppsvc - ok
13:54:55.0286 0x13c8  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\windows\system32\DRIVERS\srv.sys
13:54:55.0302 0x13c8  srv - ok
13:54:55.0442 0x13c8  [ C0FD2ED5C834B0AE35CD7B159C1874B6, 37EC8495A0B8DD61EE2AEEFA339D16EC09DCF1A3C092C08A3F40C10E956A49C8 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
13:54:55.0474 0x13c8  srv2 - ok
13:54:55.0536 0x13c8  [ E1A5D5FCEAD692D15A496AC6D40703F5, 48631677A052C9E3AF939F560CA73906ABD28D32FB3DDC136DFD1B1CBF803EE7 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
13:54:55.0552 0x13c8  srvnet - ok
13:54:55.0630 0x13c8  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
13:54:55.0645 0x13c8  SSDPSRV - ok
13:54:55.0677 0x13c8  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\windows\system32\sstpsvc.dll
13:54:55.0692 0x13c8  SstpSvc - ok
13:54:55.0755 0x13c8  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\windows\system32\drivers\stexstor.sys
13:54:55.0755 0x13c8  stexstor - ok
13:54:55.0911 0x13c8  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\windows\System32\wiaservc.dll
13:54:55.0942 0x13c8  stisvc - ok
13:54:55.0974 0x13c8  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\windows\system32\drivers\storahci.sys
13:54:55.0989 0x13c8  storahci - ok
13:54:56.0005 0x13c8  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
13:54:56.0005 0x13c8  storflt - ok
13:54:56.0052 0x13c8  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\windows\system32\storsvc.dll
13:54:56.0067 0x13c8  StorSvc - ok
13:54:56.0130 0x13c8  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\windows\system32\drivers\storvsc.sys
13:54:56.0130 0x13c8  storvsc - ok
13:54:56.0161 0x13c8  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\windows\system32\svsvc.dll
13:54:56.0161 0x13c8  svsvc - ok
13:54:56.0208 0x13c8  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\windows\System32\drivers\swenum.sys
13:54:56.0208 0x13c8  swenum - ok
13:54:56.0333 0x13c8  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\windows\System32\swprv.dll
13:54:56.0349 0x13c8  swprv - ok
13:54:56.0661 0x13c8  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\windows\system32\sysmain.dll
13:54:56.0724 0x13c8  SysMain - ok
13:54:56.0817 0x13c8  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
13:54:56.0817 0x13c8  SystemEventsBroker - ok
13:54:56.0864 0x13c8  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
13:54:56.0895 0x13c8  TabletInputService - ok
13:54:56.0942 0x13c8  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\windows\system32\DRIVERS\tap0901.sys
13:54:56.0942 0x13c8  tap0901 - ok
13:54:57.0130 0x13c8  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\windows\System32\tapisrv.dll
13:54:57.0192 0x13c8  TapiSrv - ok
13:54:57.0724 0x13c8  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
13:54:57.0755 0x13c8  Tcpip - ok
13:54:58.0271 0x13c8  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
13:54:58.0302 0x13c8  TCPIP6 - ok
13:54:58.0349 0x13c8  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
13:54:58.0364 0x13c8  tcpipreg - ok
13:54:58.0411 0x13c8  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
13:54:58.0411 0x13c8  tdx - ok
13:54:58.0427 0x13c8  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\windows\System32\drivers\terminpt.sys
13:54:58.0442 0x13c8  terminpt - ok
13:54:58.0599 0x13c8  [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService     C:\windows\System32\termsrv.dll
13:54:58.0630 0x13c8  TermService - ok
13:54:58.0692 0x13c8  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\windows\system32\themeservice.dll
13:54:58.0708 0x13c8  Themes - ok
13:54:58.0755 0x13c8  [ DBD28A7997CF7303E610989C565C9B29, 4BCB9920357DDDC9433EA73B683FAAE15572EC0346ED45F61B19EC503F5A9FED ] THREADORDER     C:\windows\system32\mmcss.dll
13:54:58.0755 0x13c8  THREADORDER - ok
13:54:58.0880 0x13c8  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
13:54:58.0896 0x13c8  TimeBroker - ok
13:54:58.0989 0x13c8  [ 6F0BFF80EE2A5BC841286A51F893CBAD, 79C58352002D9E3274170B6933FE3600F7C74E9DDB38C74805C42C53ADD35F28 ] TPM             C:\windows\system32\drivers\tpm.sys
13:54:58.0989 0x13c8  TPM - ok
13:54:59.0036 0x13c8  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\windows\System32\trkwks.dll
13:54:59.0052 0x13c8  TrkWks - ok
13:54:59.0177 0x13c8  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:54:59.0192 0x13c8  TrustedInstaller - ok
13:54:59.0255 0x13c8  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
13:54:59.0271 0x13c8  TsUsbFlt - ok
13:54:59.0286 0x13c8  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
13:54:59.0286 0x13c8  TsUsbGD - ok
13:54:59.0333 0x13c8  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
13:54:59.0349 0x13c8  tunnel - ok
13:54:59.0364 0x13c8  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\windows\system32\drivers\uagp35.sys
13:54:59.0380 0x13c8  uagp35 - ok
13:54:59.0396 0x13c8  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
13:54:59.0396 0x13c8  UASPStor - ok
13:54:59.0489 0x13c8  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
13:54:59.0489 0x13c8  UCX01000 - ok
13:54:59.0567 0x13c8  [ DC5A461591C71AF7F19DC048A81E3F88, C6689C70B6CDE5A5707C06ABDC9CABF87CCE549BD23B96969EF3AA177A889320 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
13:54:59.0599 0x13c8  udfs - ok
13:54:59.0646 0x13c8  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\windows\system32\UI0Detect.exe
13:54:59.0661 0x13c8  UI0Detect - ok
13:54:59.0692 0x13c8  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
13:54:59.0692 0x13c8  uliagpkx - ok
13:54:59.0724 0x13c8  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\windows\System32\drivers\umbus.sys
13:54:59.0755 0x13c8  umbus - ok
13:54:59.0771 0x13c8  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\windows\System32\drivers\umpass.sys
13:54:59.0771 0x13c8  UmPass - ok
13:54:59.0833 0x13c8  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\windows\System32\umrdp.dll
13:54:59.0849 0x13c8  UmRdpService - ok
13:55:00.0005 0x13c8  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\windows\System32\upnphost.dll
13:55:00.0036 0x13c8  upnphost - ok
13:55:00.0083 0x13c8  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
13:55:00.0099 0x13c8  usbccgp - ok
13:55:00.0146 0x13c8  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\windows\System32\drivers\usbcir.sys
13:55:00.0161 0x13c8  usbcir - ok
13:55:00.0193 0x13c8  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\windows\System32\drivers\usbehci.sys
13:55:00.0193 0x13c8  usbehci - ok
13:55:00.0333 0x13c8  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\windows\System32\drivers\usbhub.sys
13:55:00.0333 0x13c8  usbhub - ok
13:55:00.0458 0x13c8  [ B1E910DDC08A8536116214326124903C, 8A1C69DD8ACC00A42CD86791397093342A86B2428DCBFC2CB21F0232D948B7B5 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
13:55:00.0474 0x13c8  USBHUB3 - ok
13:55:00.0505 0x13c8  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\windows\System32\drivers\usbohci.sys
13:55:00.0505 0x13c8  usbohci - ok
13:55:00.0536 0x13c8  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\windows\System32\drivers\usbprint.sys
13:55:00.0536 0x13c8  usbprint - ok
13:55:00.0599 0x13c8  [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
13:55:00.0614 0x13c8  usbscan - ok
13:55:00.0677 0x13c8  [ F77177F6C95B2116EE7AD23B5EF57007, 646E345DE5AFF26B338E17BC9D03D0EDA5608DF77D7685DE7AFF6E4113B9EB87 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
13:55:00.0693 0x13c8  USBSTOR - ok
13:55:00.0724 0x13c8  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
13:55:00.0724 0x13c8  usbuhci - ok
13:55:00.0771 0x13c8  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
13:55:00.0802 0x13c8  usbvideo - ok
13:55:00.0880 0x13c8  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
13:55:00.0896 0x13c8  USBXHCI - ok
13:55:00.0911 0x13c8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\windows\system32\lsass.exe
13:55:00.0911 0x13c8  VaultSvc - ok
13:55:00.0943 0x13c8  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
13:55:00.0943 0x13c8  vdrvroot - ok
13:55:01.0130 0x13c8  [ 728C2DEEE875D6968632638922D6A1D7, 0E0D0770F435143D141A669CD361BC2C0D494BBC6BCA3A1CE16985F5B8DE7390 ] vds             C:\windows\System32\vds.exe
13:55:01.0146 0x13c8  vds - ok
13:55:01.0177 0x13c8  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
13:55:01.0177 0x13c8  VerifierExt - ok
13:55:01.0318 0x13c8  [ D4051AA2ACD38AABF9DEC24B8A331EB1, 377D5DD98E4E09F3CCC330852F9FD9E4CC2069AE1A1C1AFBC90002FE3101708B ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
13:55:01.0333 0x13c8  vhdmp - ok
13:55:01.0396 0x13c8  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\windows\system32\drivers\viaide.sys
13:55:01.0396 0x13c8  viaide - ok
13:55:01.0474 0x13c8  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\windows\system32\drivers\vmbus.sys
13:55:01.0474 0x13c8  vmbus - ok
13:55:01.0536 0x13c8  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
13:55:01.0536 0x13c8  VMBusHID - ok
13:55:01.0693 0x13c8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\windows\System32\ICSvc.dll
13:55:01.0771 0x13c8  vmicheartbeat - ok
13:55:01.0818 0x13c8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
13:55:01.0833 0x13c8  vmickvpexchange - ok
13:55:01.0864 0x13c8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\windows\System32\ICSvc.dll
13:55:01.0880 0x13c8  vmicrdv - ok
13:55:01.0943 0x13c8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\windows\System32\ICSvc.dll
13:55:01.0958 0x13c8  vmicshutdown - ok
13:55:02.0021 0x13c8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\windows\System32\ICSvc.dll
13:55:02.0036 0x13c8  vmictimesync - ok
13:55:02.0130 0x13c8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\windows\System32\ICSvc.dll
13:55:02.0146 0x13c8  vmicvss - ok
13:55:02.0224 0x13c8  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\windows\system32\drivers\volmgr.sys
13:55:02.0224 0x13c8  volmgr - ok
13:55:02.0364 0x13c8  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
13:55:02.0380 0x13c8  volmgrx - ok
13:55:02.0521 0x13c8  [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap         C:\windows\system32\drivers\volsnap.sys
13:55:02.0521 0x13c8  volsnap - ok
13:55:02.0568 0x13c8  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\windows\System32\drivers\vpci.sys
13:55:02.0568 0x13c8  vpci - ok
13:55:02.0614 0x13c8  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
13:55:02.0630 0x13c8  vsmraid - ok
13:55:02.0927 0x13c8  [ FE37051171F3B90B18037FDBAC5B9D76, F220D71512E059F298F3CD958D69BE7225A8E8D492387347E75A0E615159782A ] VSS             C:\windows\system32\vssvc.exe
13:55:02.0974 0x13c8  VSS - ok
13:55:03.0036 0x13c8  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
13:55:03.0052 0x13c8  VSTXRAID - ok
13:55:03.0099 0x13c8  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
13:55:03.0099 0x13c8  vwifibus - ok
13:55:03.0130 0x13c8  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
13:55:03.0130 0x13c8  vwififlt - ok
13:55:03.0161 0x13c8  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
13:55:03.0161 0x13c8  vwifimp - ok
13:55:03.0271 0x13c8  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\windows\system32\w32time.dll
13:55:03.0302 0x13c8  W32Time - ok
13:55:03.0333 0x13c8  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\windows\System32\drivers\wacompen.sys
13:55:03.0333 0x13c8  WacomPen - ok
13:55:03.0380 0x13c8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
13:55:03.0396 0x13c8  Wanarp - ok
13:55:03.0411 0x13c8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
13:55:03.0411 0x13c8  Wanarpv6 - ok
13:55:03.0818 0x13c8  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\windows\system32\wbengine.exe
13:55:03.0865 0x13c8  wbengine - ok
13:55:04.0005 0x13c8  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
13:55:04.0036 0x13c8  WbioSrvc - ok
13:55:04.0130 0x13c8  [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc          C:\windows\System32\wcmsvc.dll
13:55:04.0146 0x13c8  Wcmsvc - ok
13:55:04.0255 0x13c8  [ 68C2831A05A339DA8462C6F45BFCB84C, A7F79EF9D337B775851C8BB585CA6279C9ACD56B36B28594AA5B4C29B4DF9516 ] wcncsvc         C:\windows\System32\wcncsvc.dll
13:55:04.0286 0x13c8  wcncsvc - ok
13:55:04.0302 0x13c8  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:55:04.0302 0x13c8  WcsPlugInService - ok
13:55:04.0365 0x13c8  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\windows\system32\drivers\wd.sys
13:55:04.0365 0x13c8  Wd - ok
13:55:04.0411 0x13c8  [ B7FD627AAE8E95848BFEC437C923A87E, 26188FC7E86AD9B92FB732DD3EC5E8EAB18EB52B21E854B27798EC08C49167D8 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
13:55:04.0411 0x13c8  WdBoot - ok
13:55:04.0646 0x13c8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
13:55:04.0661 0x13c8  Wdf01000 - ok
13:55:04.0708 0x13c8  [ FAC362ED29713A535C6E2EEFFA5B4733, C4AF6C5A74389F9F51668433D4478806016C4913CB241F77513601803D532EC0 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
13:55:04.0708 0x13c8  WdFilter - ok
13:55:04.0771 0x13c8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\windows\system32\wdi.dll
13:55:04.0786 0x13c8  WdiServiceHost - ok
13:55:04.0833 0x13c8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\windows\system32\wdi.dll
13:55:04.0833 0x13c8  WdiSystemHost - ok
13:55:04.0880 0x13c8  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6, 4281100271761521F75F4D5A3D2E9FF40A9C7D81CEDAFD2EDD95788534090CA6 ] WebClient       C:\windows\System32\webclnt.dll
13:55:04.0896 0x13c8  WebClient - ok
13:55:04.0943 0x13c8  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\windows\system32\wecsvc.dll
13:55:04.0958 0x13c8  Wecsvc - ok
13:55:05.0005 0x13c8  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
13:55:05.0021 0x13c8  wercplsupport - ok
13:55:05.0068 0x13c8  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\windows\System32\WerSvc.dll
13:55:05.0083 0x13c8  WerSvc - ok
13:55:05.0146 0x13c8  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
13:55:05.0146 0x13c8  WFPLWFS - ok
13:55:05.0193 0x13c8  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\windows\System32\wiarpc.dll
13:55:05.0193 0x13c8  WiaRpc - ok
13:55:05.0240 0x13c8  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
13:55:05.0240 0x13c8  WIMMount - ok
13:55:05.0302 0x13c8  WinDefend - ok
13:55:05.0443 0x13c8  [ 1369928779943B5C7AABA263E6E2BBC1, 5DB4E77912051839B842F43B01933A07D72BD9E772F129573B1504361A9AA6A4 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
13:55:05.0474 0x13c8  WinHttpAutoProxySvc - ok
13:55:05.0661 0x13c8  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
13:55:05.0677 0x13c8  Winmgmt - ok
13:55:06.0396 0x13c8  [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM           C:\windows\system32\WsmSvc.dll
13:55:06.0583 0x13c8  WinRM - ok
13:55:06.0662 0x13c8  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
13:55:06.0677 0x13c8  WinUsb - ok
13:55:07.0005 0x13c8  [ CAC452B32656A0A51356912F4A9943CA, 36C5F537C9D288245F359E7CF2BF1FA4C04D8387134143790720D0097D8363D0 ] WlanSvc         C:\windows\System32\wlansvc.dll
13:55:07.0037 0x13c8  WlanSvc - ok
13:55:07.0412 0x13c8  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\windows\system32\wlidsvc.dll
13:55:07.0505 0x13c8  wlidsvc - ok
13:55:07.0630 0x13c8  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
13:55:07.0630 0x13c8  WmiAcpi - ok
13:55:07.0740 0x13c8  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
13:55:07.0740 0x13c8  wmiApSrv - ok
13:55:07.0787 0x13c8  WMPNetworkSvc - ok
13:55:07.0849 0x13c8  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
13:55:07.0849 0x13c8  wpcfltr - ok
13:55:07.0896 0x13c8  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\windows\System32\wpcsvc.dll
13:55:07.0912 0x13c8  WPCSvc - ok
13:55:07.0974 0x13c8  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
13:55:07.0990 0x13c8  WPDBusEnum - ok
13:55:08.0021 0x13c8  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
13:55:08.0021 0x13c8  WpdUpFltr - ok
13:55:08.0037 0x13c8  [ 58D492F986EC519ECDD54D93618758F8, 7B9FA33B6D579CEC385D3E28A97F8C8B6662D612DB6CE35C6055E72E94EBF16A ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
13:55:08.0052 0x13c8  ws2ifsl - ok
13:55:08.0099 0x13c8  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\windows\System32\wscsvc.dll
13:55:08.0099 0x13c8  wscsvc - ok
13:55:08.0115 0x13c8  WSearch - ok
13:55:08.0646 0x13c8  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\windows\System32\WSService.dll
13:55:08.0787 0x13c8  WSService - ok
13:55:08.0834 0x13c8  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
13:55:08.0849 0x13c8  wsvd - ok
13:55:09.0474 0x13c8  [ C5B45464B98F211FE58AEE62CFF21F05, A0AB6142F35707102B75C9C29A749C7EB12CB6F5E85E6BA67C5B961AF7EB3BE8 ] wuauserv        C:\windows\system32\wuaueng.dll
13:55:09.0615 0x13c8  wuauserv - ok
13:55:09.0646 0x13c8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
13:55:09.0662 0x13c8  WudfPf - ok
13:55:09.0740 0x13c8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
13:55:09.0771 0x13c8  WUDFRd - ok
13:55:09.0834 0x13c8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
13:55:09.0849 0x13c8  wudfsvc - ok
13:55:09.0865 0x13c8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
13:55:09.0880 0x13c8  WUDFWpdFs - ok
13:55:09.0896 0x13c8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
13:55:09.0912 0x13c8  WUDFWpdMtp - ok
13:55:10.0037 0x13c8  [ 9FE55B90B1778C4FE351ECD1AEFD8AAF, FEFDB31D2956C18536BD17A4B031495AEC62679247FD177D7B29BA26DFA6FBC1 ] WwanSvc         C:\windows\System32\wwansvc.dll
13:55:10.0068 0x13c8  WwanSvc - ok
13:55:10.0084 0x13c8  ================ Scan global ===============================
13:55:10.0193 0x13c8  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
13:55:10.0287 0x13c8  [ B36597EF454D4FEA2F11429A9A1424BD, B312998C6B5BE4B03803D2FACC0FBE1D025B538D6E681E99FE587941B0C7EF3A ] C:\windows\system32\winsrv.dll
13:55:10.0349 0x13c8  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
13:55:10.0505 0x13c8  [ B6AEF1771CCA54B67DA4932753F74124, 83A353CAC6111C16EB880345E7D89DC9D56F0A3C79F854A4BB7DBABF7270C29F ] C:\windows\system32\services.exe
13:55:10.0521 0x13c8  [ Global ] - ok
13:55:10.0521 0x13c8  ================ Scan MBR ==================================
13:55:10.0568 0x13c8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:55:10.0599 0x13c8  \Device\Harddisk0\DR0 - ok
13:55:10.0599 0x13c8  ================ Scan VBR ==================================
13:55:10.0615 0x13c8  [ 8AFBD00392061F6F2EECF964EA6F22F9 ] \Device\Harddisk0\DR0\Partition1
13:55:10.0677 0x13c8  \Device\Harddisk0\DR0\Partition1 - ok
13:55:10.0693 0x13c8  [ 342FB8AF44E9E3E25E3FB135EFCA0147 ] \Device\Harddisk0\DR0\Partition2
13:55:10.0724 0x13c8  \Device\Harddisk0\DR0\Partition2 - ok
13:55:10.0755 0x13c8  [ 0885D9BE01B3A4428B1AA3FD082F968A ] \Device\Harddisk0\DR0\Partition3
13:55:10.0771 0x13c8  \Device\Harddisk0\DR0\Partition3 - ok
13:55:10.0802 0x13c8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
13:55:10.0818 0x13c8  \Device\Harddisk0\DR0\Partition4 - ok
13:55:10.0834 0x13c8  [ D394318ED47E8D8712AA1F2F2C30E485 ] \Device\Harddisk0\DR0\Partition5
13:55:10.0881 0x13c8  \Device\Harddisk0\DR0\Partition5 - ok
13:55:10.0912 0x13c8  [ AD5BE9850CEBD87DC09671DD410501B1 ] \Device\Harddisk0\DR0\Partition6
13:55:11.0005 0x13c8  \Device\Harddisk0\DR0\Partition6 - ok
13:55:11.0068 0x13c8  [ 0FDE3741E60B353AE527C047C65EC188 ] \Device\Harddisk0\DR0\Partition7
13:55:11.0177 0x13c8  \Device\Harddisk0\DR0\Partition7 - ok
13:55:11.0209 0x13c8  [ EEC0FBC58EECD187101E32C6D346A6B9 ] \Device\Harddisk0\DR0\Partition8
13:55:11.0302 0x13c8  \Device\Harddisk0\DR0\Partition8 - ok
13:55:11.0302 0x13c8  ================ Scan generic autorun ======================
13:55:11.0912 0x13c8  [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
13:55:11.0927 0x13c8  tvncontrol - ok
13:55:12.0271 0x13c8  [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:55:12.0287 0x13c8  Adobe ARM - ok
13:55:12.0412 0x13c8  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
13:55:12.0427 0x13c8  HP Software Update - ok
13:55:12.0615 0x13c8  [ B00DC457F1E921FCB9974B44CA25A829, 0EF202DFCCE98CFB1F96AE0576D35BC650BB05A327798207358EE6345D3F608C ] C:\Program Files\CyberGhost 5\CyberGhost.EXE
13:55:12.0631 0x13c8  CyberGhost - ok
13:55:12.0631 0x13c8  Waiting for KSN requests completion. In queue: 109
13:55:13.0646 0x13c8  Waiting for KSN requests completion. In queue: 109
13:55:14.0662 0x13c8  Waiting for KSN requests completion. In queue: 109
13:55:15.0756 0x13c8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
13:55:15.0756 0x13c8  AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.0.0.4337 ), 0x61000 ( enabled : updated )
13:55:15.0771 0x13c8  FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.0.0.4337 ), 0x61010 ( enabled )
13:55:18.0600 0x13c8  ============================================================
13:55:18.0600 0x13c8  Scan finished
13:55:18.0600 0x13c8  ============================================================
13:55:18.0600 0x0dd0  Detected object count: 0
13:55:18.0615 0x0dd0  Actual detected object count: 0
 



#8 consultantbis

consultantbis
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 12 December 2014 - 04:31 PM

Hi, I had a browser open during the scans, let me know if that's okay.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2014 03
Ran by Adam (administrator) on IDEA-PC on 12-12-2014 14:18:44
Running from C:\Users\Adam\Desktop
Loaded Profile: Adam (Available profiles: Adam)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(Intel Corporation) C:\windows\System32\igfxCUIService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Microsoft Corporation) C:\windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\windows\System32\igfxEM.exe
(Intel Corporation) C:\windows\System32\igfxHK.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
() C:\Program Files (x86)\Google\Update\Install\{3EC06FDA-EC94-4C2A-914F-715EF60BBF00}\39.0.2171.95_39.0.2171.71_chrome_updater.exe
(Google Inc.) C:\windows\Temp\CR_12B61.tmp\setup.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-11-21] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2014-12-02] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-423090887-583849361-153837240-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-25] (CyberGhost S.R.L.)
HKU\S-1-5-21-423090887-583849361-153837240-1001\...\MountPoints2: {73c03525-7cd2-11e4-be79-208984323307} - "F:\Windows\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-423090887-583849361-153837240-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKU\S-1-5-21-423090887-583849361-153837240-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\S-1-5-21-423090887-583849361-153837240-1001 -> DefaultScope {A9FD5C40-B7EA-412D-9544-51FD5867721A} URL =
SearchScopes: HKU\S-1-5-21-423090887-583849361-153837240-1001 -> {A9FD5C40-B7EA-412D-9544-51FD5867721A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Tcpip\Parameters: [DhcpNameServer] 192.168.16.1

FireFox:
========
FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Ghostery - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\firefox@ghostery.com.xpi [2014-11-26]
FF Extension: Quora Sneak - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\jid1-sh7EcEjlHaN8RA@jetpack.xpi [2014-11-26]
FF Extension: Facebook profile picture revealer - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\jid1-UvjUdyxSwWa06Q122@jetpack.xpi [2014-11-26]
FF Extension: S3.Google Translator - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\s3google@translator.xpi [2014-11-26]
FF Extension: Search by Image for Google - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi [2014-11-26]
FF Extension: Dirt Farmer's Click Trap Remover - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\{CBC19BCA-AD23-486D-BF24-37C4F13C431C}.xpi [2014-11-26]
FF Extension: DownThemAll! - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-11-26]
FF Extension: Greasemonkey - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-11-26]
FF Extension: Mason - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\{F632A5EA-F825-4AE7-94B5-233CFBA9F423}.xpi [2014-11-26]

Chrome:
=======
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-26]
CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-26]
CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-28]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-26]
CHR Extension: (Download FB Album mod) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2014-11-26]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-26]
CHR Extension: (Google Sheets) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-26]
CHR Extension: (Google Wallet) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-26]
CHR Extension: (Photo download for Facebook) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaeofonahpollpigknepbpnabhgbpcjc [2014-11-26]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-25] (CyberGhost S.R.L)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-11-21] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7615952 2014-11-13] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2014-11-13] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-12-02] (Comodo Security Solutions, Inc.)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-11-21] (Comodo Security Solutions, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-12-02] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-11-21] (Intel Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2014-12-04] (Riverbed Technology, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-11-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-25] (Windows ® Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21304 2014-11-13] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [808176 2014-11-13] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [36200 2014-11-13] (COMODO)
S3 ghsandroid; C:\Windows\System32\Drivers\ghsandroid.sys [38424 2014-12-07] (Google Inc)
S3 ghsdiagMDM; C:\Windows\system32\DRIVERS\ghsdiagMDM.sys [122496 2014-12-07] (HS Incorporated)
S0 icquni; No ImagePath
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127328 2014-11-13] (COMODO)
S3 massfilter_hs; C:\windows\system32\drivers\massfilter_hs.sys [20232 2014-12-07] (HandSet Incorporated)
R3 Neo_VPN; C:\Windows\system32\DRIVERS\Neo_VPN.sys [28768 2014-11-25] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 Neo_VPN2; C:\Windows\system32\DRIVERS\Neo_VPN2.sys [28768 2014-11-25] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
U3 aswMBR; \??\C:\Users\Adam\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Adam\AppData\Local\Temp\aswVmm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-12 14:18 - 2014-12-12 14:19 - 00012987 _____ () C:\Users\Adam\Desktop\FRST.txt
2014-12-12 14:17 - 2014-12-12 14:18 - 00000000 ____D () C:\FRST
2014-12-12 14:15 - 2014-12-12 14:15 - 00001835 _____ () C:\Users\Adam\Desktop\aswMBR.txt
2014-12-12 14:15 - 2014-12-12 14:15 - 00000916 _____ () C:\Users\Adam\Desktop\aswMBR.zip
2014-12-12 14:15 - 2014-12-12 14:15 - 00000512 _____ () C:\Users\Adam\Desktop\MBR.dat
2014-12-12 13:43 - 2014-12-12 13:43 - 02119680 _____ (Farbar) C:\Users\Adam\Desktop\FRST64.exe
2014-12-12 13:41 - 2014-12-12 13:43 - 05198336 _____ (AVAST Software) C:\Users\Adam\Desktop\aswMBR.exe
2014-12-12 13:37 - 2014-12-12 13:37 - 06973760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-12-12 13:37 - 2014-12-12 13:37 - 03286016 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 01623552 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 01024512 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00630272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2014-12-12 13:37 - 2014-12-12 13:37 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-12-12 13:37 - 2014-12-12 13:37 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-12-12 13:37 - 2014-12-12 13:37 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-12-12 13:36 - 2014-12-12 13:36 - 00499008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2014-12-12 13:36 - 2014-10-27 15:10 - 00390841 _____ () C:\windows\system32\ApnDatabase.xml
2014-12-12 13:32 - 2014-12-12 13:32 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Adam\Desktop\tdsskiller(1).exe
2014-12-11 13:39 - 2014-12-11 13:39 - 00000000 ____D () C:\windows\system32\appraiser
2014-12-10 15:32 - 2014-12-10 15:32 - 01519104 _____ (Microsoft Corporation) C:\windows\system32\vssapi.dll
2014-12-10 15:32 - 2014-12-10 15:32 - 01484288 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2014-12-10 15:32 - 2014-12-10 15:32 - 01195520 _____ (Microsoft Corporation) C:\windows\SysWOW64\vssapi.dll
2014-12-10 15:32 - 2014-12-10 15:32 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\vsstrace.dll
2014-12-10 15:32 - 2014-12-10 15:32 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\vsstrace.dll
2014-12-10 15:32 - 2014-12-10 15:32 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\eventcls.dll
2014-12-10 15:32 - 2014-12-10 15:32 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\eventcls.dll
2014-12-10 15:09 - 2014-12-10 15:09 - 00001987 _____ () C:\Users\Adam\Desktop\attach.zip
2014-12-10 15:08 - 2014-12-10 15:09 - 00005740 _____ () C:\Users\Adam\Desktop\attach.txt
2014-12-10 15:08 - 2014-12-10 15:08 - 00027452 _____ () C:\Users\Adam\Desktop\dds.txt
2014-12-10 15:04 - 2014-12-10 15:04 - 00688992 _____ (Swearware) C:\Users\Adam\Downloads\dds (1).com
2014-12-10 15:03 - 2014-12-10 15:03 - 00688992 ____R (Swearware) C:\Users\Adam\Downloads\dds.com
2014-12-10 14:59 - 2014-12-10 14:59 - 19764736 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 19283456 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 17562112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 15400960 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 14364672 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 13758976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 02237952 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 02054656 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 01762816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 01627648 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-10 14:59 - 2014-12-10 14:59 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-10 14:59 - 2014-12-10 14:59 - 01409536 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 01339392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 01181696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 01083392 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00740864 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00673792 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00623616 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00513536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmpeg2srcsnk.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00458240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00412672 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00396288 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00212992 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-10 14:59 - 2014-12-10 14:59 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-12-10 14:59 - 2014-11-21 00:00 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-12-10 14:59 - 2014-11-20 23:54 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-12-10 14:58 - 2014-12-10 14:58 - 01890816 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-12-10 14:58 - 2014-12-10 14:58 - 01569792 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-12-09 09:56 - 2014-12-09 09:56 - 00000000 ___HD () C:\VTRoot
2014-12-07 13:43 - 2014-12-07 13:43 - 00309620 _____ () C:\Users\Adam\Downloads\droidsheep-15.apk
2014-12-07 12:29 - 2014-12-07 12:29 - 01721576 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01009.dll
2014-12-07 12:29 - 2014-12-07 12:29 - 01002728 _____ (Microsoft Corporation) C:\windows\system32\WinUSBCoInstaller2.dll
2014-12-07 12:29 - 2014-12-07 12:29 - 00584584 _____ () C:\windows\adb.exe
2014-12-07 12:29 - 2014-12-07 12:29 - 00171272 _____ (ZTE Incorporated) C:\windows\system32\Drivers\zghsnet.sys
2014-12-07 12:29 - 2014-12-07 12:29 - 00162816 _____ (HS Coporation) C:\windows\system32\Drivers\ghsnet.sys
2014-12-07 12:29 - 2014-12-07 12:29 - 00132104 _____ (ZTE Incorporated) C:\windows\system32\Drivers\zghsser.sys
2014-12-07 12:29 - 2014-12-07 12:29 - 00123520 _____ (HS Coporation) C:\windows\system32\Drivers\ghsser.sys
2014-12-07 12:29 - 2014-12-07 12:29 - 00102936 _____ (Google, inc) C:\windows\AdbWinApi.dll
2014-12-07 12:29 - 2014-12-07 12:29 - 00067608 _____ (Google, inc) C:\windows\AdbWinUsbApi.dll
2014-12-07 12:29 - 2014-12-07 12:29 - 00020232 _____ (HandSet Incorporated) C:\windows\system32\Drivers\massfilter_hs.sys
2014-12-07 12:29 - 2014-12-07 12:29 - 00000000 ____D () C:\Users\Adam\.android
2014-12-07 12:29 - 2014-12-07 12:29 - 00000000 ____D () C:\Program Files\Handset_USB_Driver
2014-12-07 11:05 - 2014-12-07 11:05 - 00914051 _____ ( ) C:\Users\Adam\Downloads\rarextractor_setup(1).exe
2014-12-07 11:03 - 2014-12-07 11:03 - 00230744 _____ () C:\Users\Adam\Downloads\rarextractor_setup.exe
2014-12-07 10:57 - 2014-12-12 14:17 - 03562238 _____ () C:\windows\system32\Drivers\fvstore.dat
2014-12-07 10:56 - 2014-12-07 10:56 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-12-05 13:52 - 2014-12-05 13:52 - 00000000 __SHD () C:\Recovery
2014-12-05 13:44 - 2014-12-05 13:44 - 00262144 _____ () C:\windows\system32\config\userdiff
2014-12-05 10:34 - 2014-12-05 10:34 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Adam\Downloads\tdsskiller.exe
2014-12-04 16:16 - 2014-12-07 10:46 - 00000000 ____D () C:\Program Files\trend micro
2014-12-04 16:16 - 2014-12-04 16:17 - 00000000 ____D () C:\rsit
2014-12-04 16:16 - 2014-12-04 16:16 - 01222144 _____ () C:\Users\Adam\Downloads\RSITx64.exe
2014-12-04 15:06 - 2014-12-04 15:06 - 00041951 _____ () C:\Users\Adam\Desktop\gmer.zip
2014-12-04 14:58 - 2014-12-04 14:58 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Wireshark
2014-12-04 14:40 - 2014-12-04 14:58 - 00709977 _____ () C:\Users\Adam\Desktop\gmer.txt
2014-12-04 14:08 - 2014-12-04 14:08 - 00000000 _____ () C:\Users\Adam\Desktop\New Text Document (2).txt
2014-12-04 11:52 - 2014-12-04 11:52 - 00380416 _____ () C:\Users\Adam\Downloads\cyrz5j6s (1).exe
2014-12-04 11:35 - 2014-12-04 11:35 - 00001541 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2014-12-04 11:35 - 2014-12-04 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-12-04 11:35 - 2014-12-04 11:35 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-12-04 11:34 - 2014-12-04 11:35 - 00000000 ____D () C:\Program Files\Wireshark
2014-12-04 11:24 - 2014-12-04 11:30 - 29812640 _____ (Wireshark development team) C:\Users\Adam\Downloads\Wireshark-win64-1.12.2.exe
2014-12-04 11:18 - 2014-12-04 11:18 - 00000000 ____D () C:\Users\Adam\Downloads\aircrack-ng-1.2-rc1-win
2014-12-04 11:14 - 2014-12-04 11:16 - 05226981 _____ () C:\Users\Adam\Downloads\aircrack-ng-1.2-rc1-win.zip
2014-12-04 11:09 - 2014-12-04 11:10 - 00000000 ____D () C:\Users\Adam\Desktop\Tor Browser
2014-12-04 11:04 - 2014-12-04 11:09 - 34305058 _____ () C:\Users\Adam\Downloads\torbrowser-install-4.0.2_en-US.exe
2014-12-04 09:40 - 2014-12-04 09:40 - 00380416 _____ () C:\Users\Adam\Downloads\vst0g34r.exe
2014-12-04 09:40 - 2014-12-04 09:40 - 00380416 _____ () C:\Users\Adam\Downloads\cyrz5j6s.exe
2014-12-04 09:39 - 2014-12-04 09:39 - 00380416 _____ () C:\Users\Adam\Downloads\8v6f6tir.exe
2014-12-02 16:55 - 2014-12-02 16:55 - 00003596 _____ () C:\windows\System32\Tasks\HPCustParticipation HP Officejet 6600
2014-12-02 16:54 - 2014-12-10 14:54 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\HpUpdate
2014-12-02 16:54 - 2014-12-02 16:54 - 00002163 _____ () C:\Users\Public\Desktop\HP Officejet 6600.lnk
2014-12-02 16:54 - 2014-12-02 16:54 - 00001135 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 6600.lnk
2014-12-02 16:54 - 2014-12-02 16:54 - 00000958 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-12-02 16:54 - 2014-12-02 16:54 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-12-02 16:54 - 2014-12-02 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-12-02 16:54 - 2014-12-02 16:54 - 00000000 ____D () C:\ProgramData\HP
2014-12-02 16:54 - 2014-12-02 16:54 - 00000000 ____D () C:\Program Files\HP
2014-12-02 16:54 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\windows\system32\HPDiscoPM5D12.dll
2014-12-02 16:53 - 2014-12-02 17:06 - 00000000 ____D () C:\Users\Adam\AppData\Local\HP
2014-12-02 16:53 - 2014-12-02 16:54 - 02873744 _____ (Hewlett-Packard Co.) C:\windows\system32\hpinkins5D12.exe
2014-12-02 16:48 - 2014-12-02 16:48 - 00000000 ____D () C:\Users\Adam\AppData\Local\Hewlett-Packard
2014-12-02 16:45 - 2014-12-02 16:54 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-12-02 16:44 - 2014-12-02 16:44 - 05152768 _____ () C:\Users\Adam\Downloads\HPSupportSolutionsFramework-11.51.0027.msi
2014-12-02 13:18 - 2014-12-05 10:23 - 00004707 _____ () C:\windows\comsetup.log
2014-12-02 13:08 - 2014-12-05 10:25 - 00062868 _____ () C:\windows\diagwrn.xml
2014-12-02 13:08 - 2014-12-05 10:25 - 00062868 _____ () C:\windows\diagerr.xml
2014-12-02 12:55 - 2014-12-02 12:55 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-12-01 10:58 - 2014-12-01 10:58 - 02347384 _____ (ESET) C:\Users\Adam\Downloads\esetsmartinstaller_enu.exe
2014-11-29 12:22 - 2014-12-05 16:00 - 00427120 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-28 12:12 - 2014-11-29 11:52 - 00000000 ____D () C:\windows\system32\AutoUpdateLicense
2014-11-28 12:11 - 2014-11-28 12:11 - 00000000 ____D () C:\Users\Adam\AppData\Local\Macromedia
2014-11-28 12:08 - 2014-12-12 14:20 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-28 12:08 - 2014-12-09 12:20 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 15:10 - 2014-11-26 15:10 - 00695808 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-11-26 15:10 - 2014-11-26 15:10 - 00582552 _____ (Microsoft Corporation) C:\windows\system32\AutoUpdate.exe
2014-11-26 15:10 - 2014-11-26 15:10 - 00568832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-11-26 15:10 - 2014-11-26 15:10 - 00462760 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-11-26 15:10 - 2014-11-26 15:10 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-11-26 15:10 - 2014-11-26 15:10 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-26 15:10 - 2014-11-26 15:10 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2014-11-26 15:10 - 2014-11-26 15:10 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-26 15:10 - 2014-10-21 20:34 - 00010777 _____ () C:\windows\system32\AutoconfigV2.cab
2014-11-26 15:09 - 2014-11-26 15:09 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 02238464 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 01824784 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 01539584 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 01408952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 01403896 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-11-26 15:09 - 2014-11-26 15:09 - 01271664 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-11-26 15:09 - 2014-11-26 15:09 - 01220608 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 01217352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-11-26 15:09 - 2014-11-26 15:09 - 01093904 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-11-26 15:09 - 2014-11-26 15:09 - 00618496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-11-26 15:09 - 2014-11-26 15:09 - 00340480 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 00328000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-11-26 15:09 - 2014-11-26 15:09 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-11-26 15:09 - 2014-11-26 15:09 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 00181248 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-11-26 15:09 - 2014-11-26 15:09 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00006144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-11-26 15:09 - 2014-07-11 17:02 - 00478352 _____ () C:\windows\SysWOW64\locale.nls
2014-11-26 15:09 - 2014-07-11 17:00 - 00478352 _____ () C:\windows\system32\locale.nls
2014-11-26 12:29 - 2014-12-11 13:39 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-26 11:49 - 2014-11-26 11:49 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-11-26 11:49 - 2014-11-26 11:49 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-11-26 11:41 - 2014-12-02 12:56 - 00057096 _____ (COMODO CA Limited) C:\windows\system32\certsentry.dll
2014-11-26 11:41 - 2014-12-02 12:56 - 00048392 _____ (COMODO CA Limited) C:\windows\SysWOW64\certsentry.dll
2014-11-26 11:40 - 2014-11-26 11:40 - 01060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2014-11-26 11:40 - 2014-11-26 11:40 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2014-11-26 10:51 - 2014-11-26 10:51 - 01055936 _____ (Adobe) C:\Users\Adam\Downloads\install_flashplayer15x32_mssd_aaa_aih.exe
2014-11-26 10:20 - 2014-11-26 10:20 - 00002262 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-26 10:20 - 2014-11-26 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-26 10:12 - 2014-12-12 14:17 - 00000910 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-26 10:12 - 2014-12-12 13:48 - 00000906 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-26 10:12 - 2014-11-26 10:20 - 00000000 ____D () C:\Users\Adam\AppData\Local\Google
2014-11-26 10:12 - 2014-11-26 10:20 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-26 10:12 - 2014-11-26 10:12 - 00880784 _____ (Google Inc.) C:\Users\Adam\Downloads\ChromeSetup.exe
2014-11-26 10:12 - 2014-11-26 10:12 - 00003882 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-26 10:12 - 2014-11-26 10:12 - 00003646 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-25 14:27 - 2014-12-09 11:00 - 00000000 ____D () C:\Users\Adam\AppData\Local\CyberGhost
2014-11-25 14:23 - 2014-11-25 14:27 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-11-25 14:23 - 2014-11-25 14:23 - 00001739 _____ () C:\Users\Adam\Desktop\CyberGhost 5.lnk
2014-11-25 14:23 - 2014-11-25 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2014-11-25 14:22 - 2014-11-25 14:27 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-11-25 14:21 - 2014-11-25 14:22 - 09629976 _____ (CyberGhost S.R.L. ) C:\Users\Adam\Downloads\CG_5.0.14.7.exe
2014-11-25 11:54 - 2014-11-25 11:54 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\windows\system32\Drivers\Neo_VPN2.sys
2014-11-25 11:50 - 2014-11-25 14:15 - 00000000 ____D () C:\Program Files\SoftEther VPN Client
2014-11-25 11:50 - 2014-11-25 11:50 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\windows\system32\vpncmd.exe
2014-11-25 11:50 - 2014-11-25 11:50 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\windows\system32\Drivers\Neo_VPN.sys
2014-11-22 12:50 - 2014-11-22 12:50 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Comodo
2014-11-22 12:28 - 2014-11-22 12:38 - 00000032 _____ () C:\Users\Adam\Desktop\New Text Document.txt
2014-11-21 12:46 - 2014-12-12 13:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-21 12:46 - 2014-11-21 12:46 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-11-21 12:45 - 2014-11-21 12:58 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-21 12:45 - 2014-11-21 12:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-21 12:44 - 2014-11-28 12:10 - 00000000 ____D () C:\Users\Adam\AppData\Local\Adobe
2014-11-21 12:40 - 2014-11-21 12:40 - 00000144 _____ () C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-21 12:17 - 2014-11-21 12:17 - 00000451 _____ () C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-21 12:14 - 2014-12-10 14:59 - 00714184 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-21 12:14 - 2014-12-10 14:59 - 00106440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-21 11:30 - 2014-11-21 11:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-11-21 11:28 - 2014-11-21 11:28 - 00000000 ____D () C:\windows\PCHEALTH
2014-11-21 11:21 - 2014-11-21 11:21 - 00000000 ____D () C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-11-21 11:20 - 2014-11-21 11:20 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-21 11:19 - 2014-11-21 11:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-11-21 11:18 - 2014-12-10 15:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-21 11:18 - 2014-11-21 11:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-21 11:18 - 2014-11-21 11:18 - 00000000 ____D () C:\Users\Adam\AppData\Local\Microsoft Help
2014-11-21 11:17 - 2014-11-21 11:17 - 00000000 __RHD () C:\MSOCache
2014-11-21 11:10 - 2014-12-10 15:37 - 00000000 ____D () C:\windows\system32\MRT
2014-11-21 11:10 - 2014-12-10 15:33 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-21 10:58 - 2014-11-21 10:58 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-11-21 10:58 - 2014-11-21 10:58 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-11-21 10:55 - 2014-11-21 10:55 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-11-21 10:55 - 2014-11-21 10:55 - 00000000 ____D () C:\Intel
2014-11-21 10:55 - 2014-11-21 10:52 - 00064000 _____ (Khronos Group) C:\windows\system32\OpenCL.DLL
2014-11-21 10:55 - 2014-11-21 10:52 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.DLL
2014-11-21 10:54 - 2014-11-21 10:54 - 00000000 ____D () C:\Program Files\Intel
2014-11-21 10:53 - 2014-11-21 10:53 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-11-21 10:53 - 2014-11-21 10:53 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2014-11-21 10:53 - 2014-11-21 10:53 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\appserverai.dll
2014-11-21 10:53 - 2014-11-21 10:53 - 00132608 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2014-11-21 10:53 - 2014-11-21 10:53 - 00126976 _____ (Microsoft Corporation) C:\windows\system32\RDWebAI.dll
2014-11-21 10:53 - 2014-11-21 10:53 - 00122880 _____ (Microsoft Corporation) C:\windows\system32\VmHostAI.dll
2014-11-21 10:51 - 2014-11-21 10:51 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-21 10:51 - 2014-11-21 10:51 - 00318976 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-21 10:51 - 2014-11-21 10:51 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2014-11-21 10:51 - 2014-11-21 10:51 - 00072192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 04068864 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-21 10:50 - 2014-11-21 10:50 - 03248640 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00713728 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00713728 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\rfxvmt.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00027880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 14267904 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 11878912 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 09374208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-11-21 10:49 - 2014-11-21 10:49 - 09374208 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-11-21 10:49 - 2014-11-21 10:49 - 03552768 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 02767360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 02107904 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 01593344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 01444864 _____ (Microsoft Corporation) C:\windows\system32\MSAudDecMFT.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 01113600 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSAudDecMFT.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00869544 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00805376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00804352 _____ (Microsoft Corporation) C:\windows\system32\RecoveryDrive.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00745984 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00670208 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00659456 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00595456 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00503080 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00489576 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00468992 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00463768 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00456704 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00446792 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00435200 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00426024 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\GenuineCenter.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00403968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00324368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\fhcfg.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00306952 _____ (Microsoft Corporation) C:\windows\system32\kd_02_10ec.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00303848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00302592 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00298456 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00281088 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00280576 _____ (Microsoft Corporation) C:\windows\system32\fhcat.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00253544 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00252928 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00231936 _____ (Microsoft Corporation) C:\windows\system32\fhengine.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00228352 _____ (Microsoft Corporation) C:\windows\system32\XpsRasterService.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00214528 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\iuilp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\dmvdsitf.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\dwmredir.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00171008 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmvdsitf.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsRasterService.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\fhmanagew.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00137728 _____ (Microsoft Corporation) C:\windows\system32\fhshl.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00123880 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\rascfg.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\fhsvc.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00108544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rascfg.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\mssitlb.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidbth.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssitlb.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00086280 _____ (Microsoft Corporation) C:\windows\system32\kdnet.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\fhsrchapi.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00077960 _____ (Microsoft Corporation) C:\windows\system32\kdvm.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\rasdiag.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fhevents.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00069864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\fhsrchph.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\fhlisten.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\fhautoplay.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00060928 _____ (Microsoft Corporation) C:\windows\system32\ndptsp.tsp
2014-11-21 10:49 - 2014-11-21 10:49 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasdiag.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\fhcleanup.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ndptsp.tsp
2014-11-21 10:49 - 2014-11-21 10:49 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\fmifs.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\kmddsp.tsp
2014-11-21 10:49 - 2014-11-21 10:49 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\fmifs.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\rasmxs.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidi2c.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00038912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kmddsp.tsp
2014-11-21 10:49 - 2014-11-21 10:49 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\fhtask.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasmxs.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\rasser.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndistapi.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasser.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\fhsvcctl.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00009216 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2014-11-21 10:49 - 2014-11-21 10:49 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2014-11-21 10:49 - 2014-11-21 10:49 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2014-11-21 10:48 - 2014-11-21 10:48 - 00778240 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-21 10:48 - 2014-11-21 10:48 - 00567808 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-21 10:47 - 2014-11-21 10:47 - 01312768 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-11-21 10:47 - 2014-11-21 10:47 - 00694272 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 02837504 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 02233152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-11-21 10:46 - 2014-11-21 10:46 - 02043392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 01453400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-11-21 10:46 - 2014-11-21 10:46 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 01043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00827904 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00678600 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00616448 _____ (Microsoft Corporation) C:\windows\system32\FXSAPI.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\FXSCOMEX.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-11-21 10:46 - 2014-11-21 10:46 - 00570216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-11-21 10:46 - 2014-11-21 10:46 - 00536776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00499712 _____ (Microsoft Corporation) C:\windows\SysWOW64\FXSCOMEX.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00432640 _____ (Microsoft Corporation) C:\windows\system32\FXSTIFF.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00328512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2014-11-21 10:46 - 2014-11-21 10:46 - 00318464 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00309248 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\FXST30.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00238080 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00227840 _____ (Microsoft Corporation) C:\windows\SysWOW64\FXSAPI.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00227328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00188928 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00187904 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00178688 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00171840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-21 10:46 - 2014-11-21 10:46 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\workerdd.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 13644288 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 10788864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 01332736 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 01131520 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00812544 _____ (Microsoft Corporation) C:\windows\system32\Magnify.exe
2014-11-21 10:45 - 2014-11-21 10:45 - 00758784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Magnify.exe
2014-11-21 10:45 - 2014-11-21 10:45 - 00708096 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00560640 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00501760 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00470528 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00449536 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00427520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2014-11-21 10:45 - 2014-11-21 10:45 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\intl.cpl
2014-11-21 10:45 - 2014-11-21 10:45 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00389632 _____ (Microsoft Corporation) C:\windows\SysWOW64\intl.cpl
2014-11-21 10:45 - 2014-11-21 10:45 - 00389120 _____ (Microsoft Corporation) C:\windows\system32\BCP47Langs.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00330240 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\BCP47Langs.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00303616 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00284416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2014-11-21 10:45 - 2014-11-21 10:45 - 00247296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\netplwiz.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\netplwiz.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\biwinrt.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00120736 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2014-11-21 10:45 - 2014-11-21 10:45 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\netprofm.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\psmsrv.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\biwinrt.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2014-11-21 10:45 - 2014-11-21 10:45 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\taskhostex.exe
2014-11-21 10:45 - 2014-11-21 10:45 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2014-11-21 10:45 - 2014-11-21 10:45 - 00018432 _____ (Microsoft Corporation) C:\windows\SysWOW64\npmproxy.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\muifontsetup.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00015872 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlmproxy.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\muifontsetup.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlmsprep.dll
2014-11-21 10:45 - 2013-05-03 21:51 - 00014848 _____ (Microsoft) C:\windows\system32\rars.rs
2014-11-21 10:45 - 2013-05-03 21:10 - 00014848 _____ (Microsoft) C:\windows\SysWOW64\rars.rs
2014-11-21 10:44 - 2014-11-21 10:44 - 01255936 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2014-11-21 10:44 - 2014-11-21 10:44 - 01013248 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2014-11-21 10:44 - 2014-11-21 10:44 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2014-11-21 10:44 - 2014-11-21 10:44 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 02361344 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 01802240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 01149952 _____ (Microsoft Corporation) C:\windows\system32\winmde.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 01101824 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 01048576 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 00951808 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-11-21 10:43 - 2014-11-21 10:43 - 00112984 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-11-21 10:43 - 2014-11-21 10:43 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 05982208 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 05095424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 01125376 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-11-21 10:42 - 2014-11-21 10:42 - 01049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-11-21 10:42 - 2014-11-21 10:42 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmde.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\drvstore.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00601088 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvstore.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00332520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-11-21 10:42 - 2014-11-21 10:42 - 00300544 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\usbmon.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00194792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2014-11-21 10:42 - 2014-11-21 10:42 - 00180224 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00171008 _____ (Microsoft Corporation) C:\windows\system32\TimeBrokerServer.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl
2014-11-21 10:42 - 2014-11-21 10:42 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\discan.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00148712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2014-11-21 10:42 - 2014-11-21 10:42 - 00145408 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl
2014-11-21 10:42 - 2014-11-21 10:42 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncInfo.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00125160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2014-11-21 10:42 - 2014-11-21 10:42 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\NdisImPlatform.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncInfo.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00077544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storahci.sys
2014-11-21 10:42 - 2014-11-21 10:42 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\WSDPrintProxy.DLL
2014-11-21 10:42 - 2014-11-21 10:42 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\DevDispItemProvider.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevDispItemProvider.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\monitor.sys
2014-11-21 10:42 - 2014-11-21 10:42 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys
2014-11-21 10:41 - 2014-11-21 10:41 - 04917760 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2014-11-21 10:41 - 2014-11-21 10:41 - 02371728 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 01164288 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\WSSync.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSSync.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00110592 _____ () C:\windows\system32\OEMLicense.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00083968 _____ () C:\windows\SysWOW64\OEMLicense.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00058200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 01933544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 01557504 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-11-21 10:40 - 2014-11-21 10:40 - 01440256 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-11-21 10:40 - 2014-11-21 10:40 - 00993512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\duser.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00611840 _____ (Microsoft Corporation) C:\windows\system32\wpd_ci.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00567808 _____ (Microsoft Corporation) C:\windows\SysWOW64\duser.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00543232 _____ (Microsoft Corporation) C:\windows\system32\wlroamextension.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\WWanAPI.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00411880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-11-21 10:40 - 2014-11-21 10:40 - 00410624 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlroamextension.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00385024 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00370688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWanAPI.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00362496 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00356352 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00300032 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.Connectivity.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\hotspotauth.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00197632 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.Connectivity.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\apprepapi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\taskkill.exe
2014-11-21 10:40 - 2014-11-21 10:40 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\tasklist.exe
2014-11-21 10:40 - 2014-11-21 10:40 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\apprepsync.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\wersvc.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepapi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\tasklist.exe
2014-11-21 10:40 - 2014-11-21 10:40 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskkill.exe
2014-11-21 10:40 - 2014-11-21 10:40 - 00075776 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepsync.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00061672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crashdmp.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 00055296 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00037632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthAvrcpTg.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00029952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthhfHid.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BtaMPM.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00003072 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00003072 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2014-11-21 10:39 - 2014-11-21 10:39 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2014-11-21 10:38 - 2014-11-21 10:38 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2014-11-21 10:38 - 2014-11-21 10:38 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2014-11-21 10:37 - 2014-11-21 10:37 - 00017888 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100_clr0400.dll
2014-11-21 10:37 - 2014-11-21 10:37 - 00017888 _____ (Microsoft Corporation) C:\windows\system32\msvcr100_clr0400.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 10115072 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 08858624 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 02094592 _____ (Microsoft Corporation) C:\windows\system32\mmc.exe
2014-11-21 10:35 - 2014-11-21 10:35 - 01964544 _____ (Microsoft Corporation) C:\windows\system32\wlidsvc.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 01886208 _____ (Microsoft Corporation) C:\windows\system32\setupapi.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 01752064 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupapi.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 01611776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mmc.exe
2014-11-21 10:35 - 2014-11-21 10:35 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00894464 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00890880 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2014-11-21 10:35 - 2014-11-21 10:35 - 00436736 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2014-11-21 10:35 - 2014-11-21 10:35 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2014-11-21 10:35 - 2014-11-21 10:35 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00256000 _____ (Microsoft Corporation) C:\windows\system32\WSDMon.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\ncbservice.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\httpprxm.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00095232 _____ (Microsoft Corporation) C:\windows\system32\wiaacmgr.exe
2014-11-21 10:35 - 2014-11-21 10:35 - 00091880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys
2014-11-21 10:35 - 2014-11-21 10:35 - 00083968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiaacmgr.exe
2014-11-21 10:35 - 2014-11-21 10:35 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\adhsvc.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00028904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpiowin32.sys
2014-11-21 10:35 - 2014-11-21 10:35 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\adhapi.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\httpprxp.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\keepaliveprovider.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02893824 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02416640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02400256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02307072 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02037760 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00754176 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00393216 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00295424 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 02062848 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 01711616 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00982016 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00559104 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00270024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-11-21 10:33 - 2014-11-21 10:33 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00100184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-11-21 10:33 - 2014-11-21 10:33 - 00099840 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-11-21 10:33 - 2014-11-21 10:33 - 00035320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-11-21 10:33 - 2014-11-21 10:33 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-11-21 10:32 - 2014-11-21 10:32 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-11-21 10:32 - 2014-11-21 10:32 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-11-21 10:31 - 2014-11-21 10:31 - 01300992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-11-21 10:31 - 2014-11-21 10:31 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 02851840 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 02382336 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 01011200 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00945152 _____ (Microsoft Corporation) C:\windows\system32\resetengmig.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2014-11-21 10:30 - 2014-11-21 10:30 - 00652288 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00541696 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00443392 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00375808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00375808 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00132096 _____ (Microsoft Corporation) C:\windows\system32\sysreset.exe
2014-11-21 10:30 - 2014-11-21 10:30 - 00094208 _____ (Microsoft Corporation) C:\windows\system32\synceng.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00072192 _____ (Microsoft Corporation) C:\windows\SysWOW64\synceng.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\dpnathlp.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnathlp.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00054488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2014-11-21 10:30 - 2014-11-21 10:30 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\dpnsvr.exe
2014-11-21 10:30 - 2014-11-21 10:30 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnsvr.exe
2014-11-21 10:30 - 2014-11-21 10:30 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\dpnhupnp.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\dpnhpast.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnhupnp.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnhpast.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dpnlobby.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00003584 _____ (Microsoft Corporation) C:\windows\system32\dpnaddr.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00003072 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnlobby.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00002560 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnaddr.dll
2014-11-21 10:29 - 2014-11-21 10:29 - 00861184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2014-11-21 10:28 - 2014-11-21 10:28 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2014-11-21 10:28 - 2014-11-21 10:28 - 00273408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2014-11-21 10:28 - 2014-11-21 10:28 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\ReAgentc.exe
2014-11-21 10:28 - 2014-11-21 10:28 - 00024064 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgentc.exe
2014-11-21 10:28 - 2014-11-21 10:28 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-11-21 10:28 - 2014-11-21 10:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-11-21 10:27 - 2014-11-21 10:27 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-21 10:27 - 2014-11-21 10:27 - 01418752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-21 10:27 - 2014-11-21 10:27 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2014-11-21 10:27 - 2014-11-21 10:27 - 00368640 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2014-11-21 10:27 - 2014-11-21 10:27 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-21 10:27 - 2014-11-21 10:27 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-21 10:26 - 2014-11-21 10:26 - 00623448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-11-21 10:26 - 2014-11-21 10:26 - 00498008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-11-21 10:26 - 2014-11-21 10:26 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-11-21 10:26 - 2014-11-21 10:26 - 00079192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-11-21 10:26 - 2014-11-21 10:26 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-11-21 10:26 - 2014-11-21 10:26 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-11-21 10:26 - 2014-11-21 10:26 - 00021848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-11-21 10:25 - 2014-11-21 10:25 - 01838080 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2014-11-21 10:25 - 2014-11-21 10:25 - 01421312 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2014-11-21 10:25 - 2014-11-21 10:25 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-11-21 10:25 - 2014-11-21 10:25 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-11-21 10:20 - 2014-11-21 10:20 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-11-21 10:20 - 2014-11-21 10:20 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-11-21 10:20 - 2014-11-21 10:20 - 00783872 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-21 10:20 - 2014-11-21 10:20 - 00522728 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-21 10:20 - 2014-11-21 10:20 - 00267264 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-21 10:20 - 2014-11-21 10:20 - 00169472 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2014-11-21 10:15 - 2014-11-21 09:50 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2014-11-21 10:12 - 2014-11-21 10:12 - 00002024 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk
2014-11-21 10:06 - 2014-11-21 10:11 - 987942848 _____ (Microsoft Corporation) C:\Users\Adam\Downloads\MicrosoftInstaller.exe
2014-11-21 10:06 - 2013-10-10 04:53 - 00096600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2014-11-21 10:06 - 2013-10-10 02:21 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2014-11-21 10:06 - 2013-10-10 02:20 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2014-11-21 10:06 - 2013-06-10 12:16 - 00888832 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2014-11-21 10:06 - 2013-06-10 12:15 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2014-11-21 10:06 - 2013-06-10 12:10 - 00702464 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2014-11-21 10:06 - 2013-06-10 12:10 - 00245248 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2014-11-21 10:04 - 2014-11-26 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-21 10:03 - 2014-11-26 16:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-21 10:03 - 2014-11-26 16:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-21 10:00 - 2014-11-21 10:00 - 00000117 _____ () C:\windows\system32\netcfg-111484.txt
2014-11-21 09:58 - 2014-11-21 09:58 - 00000117 _____ () C:\windows\system32\netcfg-73086250.txt
2014-11-21 09:48 - 2014-12-12 14:16 - 01474832 _____ () C:\windows\system32\Drivers\sfi.dat
2014-11-21 09:48 - 2014-11-21 09:48 - 00001888 _____ () C:\Users\Public\Desktop\COMODO Internet Security.lnk
2014-11-21 09:48 - 2014-11-21 09:48 - 00000117 _____ () C:\windows\system32\netcfg-72482812.txt
2014-11-21 09:48 - 2014-11-21 09:48 - 00000117 _____ () C:\windows\system32\netcfg-72479828.txt
2014-11-21 09:48 - 2014-11-21 09:48 - 00000000 ____D () C:\windows\System32\Tasks\COMODO
2014-11-21 09:47 - 2014-11-21 09:48 - 00000167 _____ () C:\windows\system32\netcfg-72474484.txt
2014-11-21 09:47 - 2014-11-21 09:47 - 00000000 ____D () C:\ProgramData\Shared Space
2014-11-21 09:46 - 2014-12-02 12:56 - 00001055 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2014-11-21 09:46 - 2014-11-21 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-11-21 09:46 - 2014-11-21 09:47 - 00000000 ____D () C:\Program Files\COMODO
2014-11-21 09:46 - 2014-11-21 09:46 - 00000000 ____D () C:\Users\Adam\AppData\Local\Comodo
2014-11-21 09:46 - 2014-11-21 09:46 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-11-21 09:45 - 2014-11-21 09:48 - 00000000 ____D () C:\ProgramData\Comodo
2014-11-21 09:44 - 2014-11-21 09:45 - 224188624 _____ (COMODO) C:\Users\Adam\Downloads\cispremium_installer_5962_fe.exe
2014-11-21 09:41 - 2014-11-21 09:42 - 00000117 _____ () C:\windows\system32\netcfg-72118656.txt
2014-11-21 09:41 - 2014-11-21 09:41 - 00000117 _____ () C:\windows\system32\netcfg-72118609.txt
2014-11-21 09:41 - 2014-11-21 09:41 - 00000117 _____ () C:\windows\system32\netcfg-72112140.txt
2014-11-21 09:41 - 2014-11-21 09:41 - 00000117 _____ () C:\windows\system32\netcfg-72085296.txt
2014-11-21 09:41 - 2013-02-05 15:29 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-11-21 09:41 - 2013-02-05 15:28 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-11-20 16:30 - 2013-10-10 02:32 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2014-11-20 16:30 - 2013-10-10 02:30 - 00162304 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrobj.dll
2014-11-20 16:30 - 2013-10-10 02:30 - 00156160 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2014-11-20 16:30 - 2013-10-10 02:24 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2014-11-20 16:30 - 2013-10-10 02:23 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2014-11-20 16:30 - 2013-10-10 02:22 - 00222720 _____ (Microsoft Corporation) C:\windows\system32\scrobj.dll
2014-11-20 16:30 - 2013-10-10 02:22 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2014-11-20 16:30 - 2013-09-27 20:35 - 00288768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2014-11-20 16:30 - 2013-05-14 19:25 - 00888320 _____ (Microsoft Corporation) C:\windows\system32\autochk.exe
2014-11-20 16:30 - 2013-05-14 19:25 - 00542208 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2014-11-20 16:30 - 2013-05-14 19:24 - 00793088 _____ (Microsoft Corporation) C:\windows\SysWOW64\autochk.exe
2014-11-20 16:30 - 2013-05-14 19:24 - 00482816 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2014-11-20 16:30 - 2012-10-10 22:45 - 00370176 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2014-11-20 16:30 - 2012-10-10 22:19 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2014-11-20 16:30 - 2012-10-10 22:18 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2014-11-20 16:29 - 2014-10-23 05:47 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-20 16:29 - 2014-10-23 04:04 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-20 16:29 - 2014-07-31 16:40 - 01287680 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-11-20 16:29 - 2014-06-06 07:06 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-11-20 16:29 - 2014-06-06 03:17 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-11-20 16:29 - 2013-10-18 22:45 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2014-11-20 16:29 - 2013-10-18 21:04 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2014-11-20 16:29 - 2012-10-23 20:25 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2014-11-20 16:29 - 2012-10-23 20:24 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2014-11-20 16:29 - 2012-10-23 20:24 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2014-11-20 16:29 - 2012-10-23 20:05 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2014-11-20 16:28 - 2014-12-02 17:04 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys
2014-11-20 16:28 - 2014-09-02 19:48 - 00510464 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-11-20 16:28 - 2014-09-02 19:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-11-20 16:28 - 2013-07-05 15:02 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2014-11-20 16:28 - 2013-07-05 15:01 - 00210560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2014-11-20 16:28 - 2013-07-01 18:41 - 00447320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-11-20 16:28 - 2013-07-01 18:41 - 00337752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2014-11-20 16:28 - 2013-07-01 18:41 - 00213336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2014-11-20 16:28 - 2013-07-01 15:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2014-11-20 16:28 - 2013-06-28 20:08 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2014-11-20 16:28 - 2013-06-28 20:07 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-11-20 16:28 - 2013-02-01 22:41 - 01437184 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2014-11-20 16:28 - 2013-02-01 22:31 - 01690624 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2014-11-20 16:19 - 2013-08-15 22:21 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-11-20 16:19 - 2013-08-15 22:21 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-11-20 16:19 - 2013-08-15 15:43 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-11-20 16:19 - 2012-11-05 21:00 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wushareduxresources.dll
2014-11-20 15:56 - 2014-11-20 15:56 - 00000117 _____ () C:\windows\system32\netcfg-8186171.txt
2014-11-20 15:56 - 2014-11-20 15:56 - 00000117 _____ () C:\windows\system32\netcfg-8183062.txt
2014-11-20 15:56 - 2014-11-20 15:56 - 00000117 _____ () C:\windows\system32\netcfg-8182984.txt
2014-11-20 15:54 - 2014-11-20 15:54 - 00000117 _____ () C:\windows\system32\netcfg-8096062.txt
2014-11-20 15:53 - 2014-11-20 15:53 - 00000117 _____ () C:\windows\system32\netcfg-8034796.txt
2014-11-20 15:53 - 2014-11-20 15:53 - 00000117 _____ () C:\windows\system32\netcfg-8032312.txt
2014-11-20 15:53 - 2014-11-20 15:53 - 00000117 _____ () C:\windows\system32\netcfg-8022687.txt
2014-11-20 15:53 - 2014-11-20 15:53 - 00000117 _____ () C:\windows\system32\netcfg-8019656.txt
2014-11-20 15:53 - 2014-11-20 15:53 - 00000117 _____ () C:\windows\system32\netcfg-7990390.txt
2014-11-20 15:53 - 2014-11-20 15:53 - 00000117 _____ () C:\windows\system32\netcfg-7989828.txt
2014-11-20 15:52 - 2014-11-20 15:52 - 00000117 _____ () C:\windows\system32\netcfg-7927781.txt
2014-11-20 15:00 - 2014-11-20 15:00 - 00000117 _____ () C:\windows\system32\netcfg-4836343.txt
2014-11-20 15:00 - 2014-11-20 15:00 - 00000117 _____ () C:\windows\system32\netcfg-4818359.txt
2014-11-20 15:00 - 2014-11-20 15:00 - 00000117 _____ () C:\windows\system32\netcfg-4818328.txt
2014-11-20 15:00 - 2014-11-20 15:00 - 00000117 _____ () C:\windows\system32\netcfg-4818281.txt
2014-11-20 15:00 - 2014-11-20 15:00 - 00000117 _____ () C:\windows\system32\netcfg-4817703.txt
2014-11-20 14:45 - 2014-11-20 14:45 - 00000117 _____ () C:\windows\system32\netcfg-3946562.txt
2014-11-20 14:45 - 2014-11-20 14:45 - 00000117 _____ () C:\windows\system32\netcfg-3946546.txt
2014-11-20 14:45 - 2014-11-20 14:45 - 00000117 _____ () C:\windows\system32\netcfg-3946500.txt
2014-11-20 14:45 - 2014-11-20 14:45 - 00000117 _____ () C:\windows\system32\netcfg-3945890.txt
2014-11-20 14:44 - 2014-11-20 14:44 - 00000117 _____ () C:\windows\system32\netcfg-3864796.txt
2014-11-20 14:44 - 2014-11-20 14:44 - 00000117 _____ () C:\windows\system32\netcfg-3864234.txt
2014-11-20 14:43 - 2014-11-20 14:43 - 00000117 _____ () C:\windows\system32\netcfg-3830984.txt
2014-11-20 14:43 - 2014-11-20 14:43 - 00000117 _____ () C:\windows\system32\netcfg-3830437.txt
2014-11-20 14:42 - 2014-11-20 14:42 - 00001166 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-20 14:42 - 2014-11-20 14:42 - 00001154 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-20 14:42 - 2014-11-20 14:42 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Mozilla
2014-11-20 14:42 - 2014-11-20 14:42 - 00000000 ____D () C:\Users\Adam\AppData\Local\Mozilla
2014-11-20 14:42 - 2014-11-20 14:42 - 00000000 ____D () C:\ProgramData\Mozilla
2014-11-20 14:42 - 2014-11-20 14:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-20 14:42 - 2014-11-20 14:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-20 14:27 - 2014-11-20 14:27 - 00000117 _____ () C:\windows\system32\netcfg-2837218.txt
2014-11-20 14:27 - 2014-11-20 14:27 - 00000117 _____ () C:\windows\system32\netcfg-2837187.txt
2014-11-20 14:27 - 2014-11-20 14:27 - 00000117 _____ () C:\windows\system32\netcfg-2837109.txt
2014-11-20 14:27 - 2014-11-20 14:27 - 00000117 _____ () C:\windows\system32\netcfg-2836546.txt
2014-11-20 14:25 - 2014-11-20 14:25 - 00000117 _____ () C:\windows\system32\netcfg-2724343.txt
2014-11-20 14:25 - 2014-11-20 14:25 - 00000117 _____ () C:\windows\system32\netcfg-2723796.txt
2014-11-20 14:18 - 2014-11-20 14:18 - 00000117 _____ () C:\windows\system32\netcfg-2289328.txt
2014-11-20 14:17 - 2014-11-20 14:17 - 00000117 _____ () C:\windows\system32\netcfg-2281343.txt
2014-11-20 14:17 - 2014-11-20 14:17 - 00000117 _____ () C:\windows\system32\netcfg-2265375.txt
2014-11-20 14:17 - 2014-11-20 14:17 - 00000117 _____ () C:\windows\system32\netcfg-2265343.txt
2014-11-20 14:17 - 2014-11-20 14:17 - 00000117 _____ () C:\windows\system32\netcfg-2265234.txt
2014-11-20 14:17 - 2014-11-20 14:17 - 00000117 _____ () C:\windows\system32\netcfg-2264703.txt
2014-11-20 14:15 - 2014-11-20 14:15 - 00000117 _____ () C:\windows\system32\netcfg-2136640.txt
2014-11-20 14:15 - 2014-11-20 14:15 - 00000117 _____ () C:\windows\system32\netcfg-2136609.txt
2014-11-20 13:10 - 2014-11-20 13:05 - 00000012 _____ () C:\windows\CSUP.TXT
2014-11-20 13:00 - 2014-11-20 13:00 - 00000117 _____ () C:\windows\system32\netcfg-1235500.txt
2014-11-20 13:00 - 2014-11-20 13:00 - 00000117 _____ () C:\windows\system32\netcfg-1235484.txt
2014-11-20 13:00 - 2014-11-20 13:00 - 00000117 _____ () C:\windows\system32\netcfg-1235437.txt
2014-11-20 13:00 - 2014-11-20 13:00 - 00000117 _____ () C:\windows\system32\netcfg-1234843.txt
2014-11-20 12:59 - 2014-11-20 12:59 - 00000117 _____ () C:\windows\system32\netcfg-1166109.txt
2014-11-20 12:59 - 2014-11-20 12:59 - 00000117 _____ () C:\windows\system32\netcfg-1161484.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1137781.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1135750.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1121625.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1121031.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1103453.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1100406.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1100343.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1099765.txt
2014-11-20 12:57 - 2014-11-20 12:57 - 00000117 _____ () C:\windows\system32\netcfg-1067156.txt
2014-11-20 12:57 - 2014-11-20 12:57 - 00000117 _____ () C:\windows\system32\netcfg-1067093.txt
2014-11-20 12:57 - 2014-11-20 12:57 - 00000117 _____ () C:\windows\system32\netcfg-1067000.txt
2014-11-20 12:57 - 2014-11-20 12:57 - 00000117 _____ () C:\windows\system32\netcfg-1066296.txt
2014-11-20 12:56 - 2014-11-20 12:56 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Macromedia
2014-11-20 12:50 - 2014-11-20 12:50 - 00000117 _____ () C:\windows\system32\netcfg-639984.txt
2014-11-20 12:50 - 2014-11-20 12:50 - 00000117 _____ () C:\windows\system32\netcfg-639703.txt
2014-11-20 12:50 - 2014-11-20 12:50 - 00000117 _____ () C:\windows\system32\netcfg-636656.txt
2014-11-20 12:50 - 2014-11-20 12:50 - 00000117 _____ () C:\windows\system32\netcfg-636625.txt
2014-11-20 12:50 - 2014-11-20 12:50 - 00000117 _____ () C:\windows\system32\netcfg-621921.txt
2014-11-20 12:48 - 2014-11-28 12:50 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-423090887-583849361-153837240-1001
2014-11-20 12:48 - 2014-11-20 12:48 - 00000117 _____ () C:\windows\system32\netcfg-497953.txt
2014-11-20 12:48 - 2014-11-20 12:48 - 00000117 _____ () C:\windows\system32\netcfg-497406.txt
2014-11-20 12:44 - 2014-11-20 12:44 - 00000117 _____ () C:\windows\system32\netcfg-281062.txt
2014-11-20 12:43 - 2014-11-21 15:26 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Adobe
2014-11-20 12:43 - 2014-11-20 12:43 - 00001437 _____ () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-20 12:43 - 2014-11-20 12:43 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-11-20 12:42 - 2014-12-08 10:16 - 00000000 ____D () C:\Users\Adam\AppData\Local\VirtualStore
2014-11-20 12:42 - 2014-12-07 12:29 - 00000000 ____D () C:\Users\Adam
2014-11-20 12:42 - 2014-11-20 12:43 - 00000000 ____D () C:\Users\Adam\AppData\Local\Packages
2014-11-20 12:42 - 2014-11-20 12:42 - 00000020 ___SH () C:\Users\Adam\ntuser.ini
2014-11-20 12:42 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 12:42 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-20 12:42 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-20 12:42 - 2012-07-26 01:13 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-20 12:24 - 2014-11-20 12:43 - 00034254 ____H () C:\windows\MODULES.LOG
2014-11-20 12:22 - 2014-12-12 13:44 - 01768638 _____ () C:\windows\WindowsUpdate.log
2014-11-20 12:22 - 2014-11-20 12:22 - 01619275 _____ () C:\windows\MFGSTAT.zip
2014-11-20 12:22 - 2014-11-20 12:22 - 00002097 _____ () C:\Users\Public\Desktop\OneKey Recovery.lnk
2014-11-20 12:22 - 2014-11-20 12:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneKey Recovery
2014-11-20 12:22 - 2014-11-20 12:22 - 00000000 ____D () C:\ProgramData\Temp
2014-11-20 12:22 - 2014-11-20 12:22 - 00000000 ____D () C:\ProgramData\OneKey Recovery
2014-11-20 12:22 - 2014-11-20 12:22 - 00000000 ____D () C:\Program Files\Lenovo
2014-11-20 12:22 - 2014-11-20 12:22 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2014-11-20 12:22 - 2012-06-13 18:10 - 00102376 _____ ("CyberLink) C:\windows\system32\Drivers\wsvd.sys
2014-11-20 12:19 - 2014-11-20 12:21 - 00000011 _____ () C:\windows\system32\lendrvchk.scp
2014-11-20 12:19 - 2014-11-20 12:19 - 00000021 _____ () C:\windows\SysWOW64\Drivers\17AA_Lenovo_Lenovo_G580_20150.MRK
2014-11-20 12:18 - 2014-11-20 12:18 - 00002064 _____ () C:\windows\DPINST.LOG
2014-11-20 12:15 - 2014-11-20 12:15 - 00001140 _____ () C:\windows\system32\netcfg-72984.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00001136 _____ () C:\windows\system32\netcfg-69515.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00001135 _____ () C:\windows\system32\netcfg-67421.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000185 _____ () C:\windows\system32\netcfg-64937.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000164 _____ () C:\windows\system32\netcfg-51218.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000161 _____ () C:\windows\system32\netcfg-64625.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000160 _____ () C:\windows\system32\netcfg-64250.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000160 _____ () C:\windows\system32\netcfg-63859.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000160 _____ () C:\windows\system32\netcfg-50312.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000159 _____ () C:\windows\system32\netcfg-63296.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000157 _____ () C:\windows\system32\netcfg-63531.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000157 _____ () C:\windows\system32\netcfg-62640.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000150 _____ () C:\windows\system32\netcfg-62968.txt
2014-11-19 04:31 - 2014-11-19 04:31 - 01217192 _____ (Microsoft Corporation) C:\windows\SysWOW64\FM20.DLL
2014-11-13 11:53 - 2014-11-13 11:53 - 00808176 _____ (COMODO) C:\windows\system32\Drivers\cmdguard.sys
2014-11-13 11:53 - 2014-11-13 11:53 - 00127328 _____ (COMODO) C:\windows\system32\Drivers\inspect.sys
2014-11-13 11:53 - 2014-11-13 11:53 - 00036200 _____ (COMODO) C:\windows\system32\Drivers\cmdhlp.sys
2014-11-13 11:53 - 2014-11-13 11:53 - 00021304 _____ (COMODO) C:\windows\system32\Drivers\cmderd.sys
2014-11-13 11:52 - 2014-11-13 11:52 - 00438912 _____ (COMODO) C:\windows\system32\guard64.dll
2014-11-13 11:52 - 2014-11-13 11:52 - 00354520 _____ (COMODO) C:\windows\system32\cmdvrt64.dll
2014-11-13 11:52 - 2014-11-13 11:52 - 00353392 _____ (COMODO) C:\windows\SysWOW64\guard32.dll
2014-11-13 11:52 - 2014-11-13 11:52 - 00286424 _____ (COMODO) C:\windows\SysWOW64\cmdvrt32.dll
2014-11-13 11:52 - 2014-11-13 11:52 - 00045784 _____ (COMODO) C:\windows\system32\cmdkbd64.dll
2014-11-13 11:52 - 2014-11-13 11:52 - 00041856 _____ (COMODO) C:\windows\system32\cmdcsr.dll
2014-11-13 11:52 - 2014-11-13 11:52 - 00040664 _____ (COMODO) C:\windows\SysWOW64\cmdkbd32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-12 14:00 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\sru
2014-12-12 13:53 - 2012-07-26 00:28 - 01123376 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-12 13:46 - 2012-07-26 00:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-12 13:43 - 2012-07-26 00:59 - 00000000 ____D () C:\windows\CbsTemp
2014-12-12 13:38 - 2012-06-22 05:02 - 00110744 _____ (Qualcomm Atheros Co., Ltd.) C:\windows\system32\Drivers\L1C63x64.sys
2014-12-12 13:37 - 2012-07-26 00:24 - 02207744 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2014-12-12 13:18 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\NDF
2014-12-11 13:41 - 2012-08-01 08:51 - 00029982 _____ () C:\windows\PFRO.log
2014-12-11 13:40 - 2012-07-25 22:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-12-11 13:39 - 2012-07-26 01:12 - 00000000 ___RD () C:\windows\ToastData
2014-12-11 13:39 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\AppCompat
2014-12-07 13:41 - 2012-07-26 00:21 - 01169488 _____ () C:\windows\setupact.log
2014-12-07 12:11 - 2011-11-28 07:07 - 00122496 _____ (HS Incorporated) C:\windows\system32\Drivers\ghsdiagMDM.sys
2014-12-07 12:11 - 2011-11-10 03:23 - 01919968 _____ (Microsoft Corporation) C:\windows\system32\wdfcoinstaller01005.dll
2014-12-07 12:11 - 2011-03-30 01:21 - 00038424 _____ (Google Inc) C:\windows\system32\Drivers\ghsandroid.sys
2014-12-07 11:17 - 2012-08-01 09:50 - 00000000 ____D () C:\windows\Panther
2014-12-07 10:56 - 2012-07-25 19:26 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\winusb.sys
2014-12-07 10:56 - 2012-07-25 17:49 - 00217088 _____ (Microsoft Corporation) C:\windows\system32\WpdMtp.dll
2014-12-07 10:56 - 2012-07-25 17:49 - 00134656 _____ (Microsoft Corporation) C:\windows\system32\WpdMtpUS.dll
2014-12-05 16:01 - 2014-09-24 08:57 - 00000000 ___HD () C:\$Windows.~BT
2014-12-05 10:25 - 2012-07-26 01:13 - 00005035 _____ () C:\windows\DtcInstall.log
2014-12-04 11:35 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-04 09:59 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\Registration
2014-12-02 16:54 - 2012-09-12 05:43 - 02723216 _____ (Hewlett-Packard Co.) C:\windows\system32\HPScanTRDrv_OJ6600.dll
2014-12-02 16:54 - 2012-09-12 05:43 - 00623504 _____ (Hewlett-Packard) C:\windows\system32\HPWia2_OJ6600.dll
2014-12-02 16:54 - 2012-09-12 05:43 - 00332176 _____ (Hewlett-Packard Co.) C:\windows\system32\hpinksts5D12LM.dll
2014-12-02 16:54 - 2012-09-12 05:43 - 00270224 _____ (Hewlett-Packard Co.) C:\windows\system32\hpinkcoi5D12.dll
2014-12-02 13:22 - 2012-07-25 22:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-12-02 12:43 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-11-28 12:12 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\WinStore
2014-11-28 12:12 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\SecureBootUpdates
2014-11-28 12:05 - 2012-07-25 22:26 - 00000167 _____ () C:\windows\win.ini
2014-11-26 12:31 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-26 12:31 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-26 12:31 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-11-26 12:30 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-26 12:30 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-26 12:30 - 2012-07-26 01:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-26 12:30 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-26 12:30 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-26 12:30 - 2012-07-26 00:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-11-25 14:23 - 2013-08-22 05:40 - 00040664 _____ (The OpenVPN Project) C:\windows\system32\Drivers\tap0901.sys
2014-11-21 12:14 - 2012-07-25 22:37 - 00000000 ____D () C:\windows\servicing
2014-11-21 12:10 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-11-21 12:10 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-11-21 12:10 - 2012-07-25 22:38 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-11-21 12:10 - 2012-07-25 22:38 - 00000000 ____D () C:\windows\system32\Dism
2014-11-21 11:30 - 2012-07-26 00:52 - 00000000 ____D () C:\windows\ShellNew
2014-11-21 11:05 - 2012-07-25 22:38 - 00000000 ____D () C:\windows\system32\oobe
2014-11-21 10:53 - 2014-10-01 20:54 - 12196712 _____ (Intel Corporation) C:\windows\system32\igd10iumd64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 11815600 _____ (Intel Corporation) C:\windows\SysWOW64\igd10iumd32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 10956576 _____ (Intel Corporation) C:\windows\system32\igdumdim64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 10474536 _____ (Intel Corporation) C:\windows\SysWOW64\igdumdim32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 02023936 _____ (Intel Corporation) C:\windows\system32\igfxcmjit64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 01756160 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmjit32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 01137080 _____ (Intel Corporation) C:\windows\system32\iglhsip64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00734720 _____ (Intel Corporation) C:\windows\system32\MetroIntelGenericUIFramework.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00665088 _____ (Intel Corporation) C:\windows\system32\igfxDH.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00450576 _____ (Intel Corporation) C:\windows\system32\igdmd64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00361984 _____ (Intel Corporation) C:\windows\SysWOW64\igdmd32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00272384 _____ (Intel Corporation) C:\windows\system32\igfxDI.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00223744 _____ () C:\windows\system32\igdde64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00188456 _____ (Intel Corporation) C:\windows\system32\igfxcmrt64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00184320 _____ (Intel Corporation) C:\windows\system32\igfx11cmrt64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00183808 _____ () C:\windows\SysWOW64\igdde32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00159056 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmrt32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00154624 _____ (Intel Corporation) C:\windows\SysWOW64\igfx11cmrt32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00058368 _____ ( ) C:\windows\system32\igfxDHLib.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00031408 _____ (Intel Corporation) C:\windows\system32\igfxexps.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00030720 _____ (Intel Corporation) C:\windows\SysWOW64\igfxexps32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00010752 _____ ( ) C:\windows\system32\igfxDILib.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00010240 _____ ( ) C:\windows\system32\igfxEMLib.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00005120 _____ ( ) C:\windows\system32\igfxLHMLibv2_0.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00005120 _____ ( ) C:\windows\system32\igfxLHMLib.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 22905344 _____ (Intel Corporation) C:\windows\system32\igdfcl64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 17837568 _____ (Intel Corporation) C:\windows\SysWOW64\igdfcl32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 04598392 _____ (Intel Corporation) C:\windows\system32\igdusc64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 03828152 _____ (Intel Corporation) C:\windows\system32\Drivers\igdkmd64.sys
2014-11-21 10:52 - 2014-10-01 20:54 - 03663128 _____ (Intel Corporation) C:\windows\SysWOW64\igdusc32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 01677824 _____ (Intel Corporation) C:\windows\system32\igdrcl64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 01555456 _____ (Intel Corporation) C:\windows\SysWOW64\igdrcl32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 01132960 _____ (Intel Corporation) C:\windows\SysWOW64\iglhsip32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00372736 _____ (Intel Corporation) C:\windows\system32\igfxOSP.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00358912 _____ (Intel Corporation) C:\windows\system32\IntelOpenCL64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00330240 _____ (Intel Corporation) C:\windows\system32\igdbcl64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00294912 _____ (Intel Corporation) C:\windows\SysWOW64\IntelOpenCL32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00291328 _____ (Intel Corporation) C:\windows\SysWOW64\igdbcl32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00254976 _____ () C:\windows\system32\igfxCPL.cpl
2014-11-21 10:52 - 2014-10-01 20:54 - 00250368 _____ (Intel Corporation) C:\windows\system32\igfxLHM.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00218808 _____ (Intel Corporation) C:\windows\system32\iglhcp64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00214016 _____ (Intel Corporation) C:\windows\system32\igfxDTCM.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00183800 _____ (Intel Corporation) C:\windows\SysWOW64\iglhcp32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00183296 _____ (Intel Corporation) C:\windows\system32\igfxCoIn_v3958.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00160256 _____ () C:\windows\system32\igdail64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00143360 _____ () C:\windows\SysWOW64\igdail32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00070144 _____ () C:\windows\system32\igfxCUIServicePS.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00069632 _____ ( ) C:\windows\system32\igfxDHLibv2_0.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00064000 _____ (Khronos Group) C:\windows\system32\Intel_OpenCL_ICD64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\Intel_OpenCL_ICD32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00010240 _____ ( ) C:\windows\system32\igfxEMLibv2_0.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00010240 _____ ( ) C:\windows\system32\igfxDILibv2_0.dll
2014-11-21 10:51 - 2014-10-01 20:54 - 08401408 _____ (Intel Corporation) C:\windows\system32\ig7icd64.dll
2014-11-21 10:51 - 2014-10-01 20:54 - 06553600 _____ (Intel Corporation) C:\windows\SysWOW64\ig7icd32.dll
2014-11-21 10:51 - 2014-10-01 20:54 - 00504208 _____ (Intel Corporation) C:\windows\system32\igfxEM.exe
2014-11-21 10:51 - 2014-10-01 20:54 - 00448912 _____ (Intel Corporation) C:\windows\system32\igfxTray.exe
2014-11-21 10:51 - 2014-10-01 20:54 - 00319376 _____ (Intel Corporation) C:\windows\system32\igfxCUIService.exe
2014-11-21 10:51 - 2014-10-01 20:54 - 00281488 _____ (Intel Corporation) C:\windows\SysWOW64\IntelCpHeciSvc.exe
2014-11-21 10:51 - 2014-10-01 20:54 - 00246672 _____ (Intel Corporation) C:\windows\system32\igfxHK.exe
2014-11-21 10:51 - 2014-10-01 20:54 - 00193936 _____ (Intel Corporation) C:\windows\system32\igfxext.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 04354448 _____ (Intel Corporation) C:\windows\system32\Gfxv4_0.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 04350864 _____ (Intel Corporation) C:\windows\system32\Gfxv2_0.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 00932752 _____ (Intel Corporation) C:\windows\system32\GfxUIEx.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 00546704 _____ (Intel Corporation) C:\windows\system32\DPTopologyApp.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 00546192 _____ (Intel Corporation) C:\windows\system32\DPTopologyAppv2_0.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 00400272 _____ (Intel Corporation) C:\windows\system32\CustomModeApp.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 00399760 _____ (Intel Corporation) C:\windows\system32\CustomModeAppv2_0.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 00155536 _____ (Intel Corporation) C:\windows\system32\difx64.exe
2014-11-21 10:44 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\LiveKernelReports
2014-11-20 16:19 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\restore
2014-11-20 13:10 - 2012-07-26 01:13 - 00262144 _____ () C:\windows\system32\config\BCD-Template
2014-11-20 13:10 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\Web
2014-11-20 13:10 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\Help
2014-11-20 13:10 - 2012-07-25 22:37 - 00000000 ___HD () C:\Users\Default
2014-11-20 12:42 - 2012-07-26 01:12 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2014-11-20 12:41 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\rescache
2014-11-20 12:19 - 2012-07-25 22:38 - 00000000 ____D () C:\windows\system32\Sysprep

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-12 13:25

==================== End Of Log ============================

Attached Files



#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,541 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:18 PM

Posted 13 December 2014 - 09:30 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
start

CloseProcesses:

() C:\Program Files (x86)\Google\Update\Install\{3EC06FDA-EC94-4C2A-914F-715EF60BBF00}\39.0.2171.95_39.0.2171.71_chrome_updater.exe
(Google Inc.) C:\windows\Temp\CR_12B61.tmp\setup.exe
HKLM-x32\...\Run: [] => [X]
CHR Extension: (Google Wallet) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-26]
S0 icquni; No ImagePath
U3 aswMBR; \??\C:\Users\Adam\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Adam\AppData\Local\Temp\aswVmm.sys [X]

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log Fixlog.txt please post it to your reply.
===

As previously requested can you please run the aswMBR.exe and post the logs.

How is the computer running now?

#10 consultantbis

consultantbis
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 13 December 2014 - 04:10 PM

Hi, the pc seems okay as to performance. It had some odd quarks with updates that were installed regarding windows 8. The log pasted above your last post, I think is the aswMBR.exe log. But I will repost again in another reply.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2014
Ran by Adam (administrator) on IDEA-PC on 13-12-2014 13:59:32
Running from C:\Users\Adam\Desktop
Loaded Profile: Adam (Available profiles: Adam)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(Intel Corporation) C:\windows\System32\igfxCUIService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Microsoft Corporation) C:\windows\System32\LogonUI.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Intel Corporation) C:\windows\System32\igfxEM.exe
(Intel Corporation) C:\windows\System32\igfxHK.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-11-21] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2014-12-02] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-423090887-583849361-153837240-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-25] (CyberGhost S.R.L.)
HKU\S-1-5-21-423090887-583849361-153837240-1001\...\RunOnce: [Adobe Speed Launcher] => 1418503408
HKU\S-1-5-21-423090887-583849361-153837240-1001\...\MountPoints2: {73c03525-7cd2-11e4-be79-208984323307} - "F:\Windows\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-423090887-583849361-153837240-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKU\S-1-5-21-423090887-583849361-153837240-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\S-1-5-21-423090887-583849361-153837240-1001 -> DefaultScope {A9FD5C40-B7EA-412D-9544-51FD5867721A} URL =
SearchScopes: HKU\S-1-5-21-423090887-583849361-153837240-1001 -> {A9FD5C40-B7EA-412D-9544-51FD5867721A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Tcpip\Parameters: [DhcpNameServer] 192.168.16.1

FireFox:
========
FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Ghostery - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\firefox@ghostery.com.xpi [2014-11-26]
FF Extension: Quora Sneak - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\jid1-sh7EcEjlHaN8RA@jetpack.xpi [2014-11-26]
FF Extension: Facebook profile picture revealer - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\jid1-UvjUdyxSwWa06Q122@jetpack.xpi [2014-11-26]
FF Extension: S3.Google Translator - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\s3google@translator.xpi [2014-11-26]
FF Extension: Search by Image for Google - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi [2014-11-26]
FF Extension: Dirt Farmer's Click Trap Remover - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\{CBC19BCA-AD23-486D-BF24-37C4F13C431C}.xpi [2014-11-26]
FF Extension: DownThemAll! - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-11-26]
FF Extension: Greasemonkey - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-11-26]
FF Extension: Mason - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\989xgz9y.default\Extensions\{F632A5EA-F825-4AE7-94B5-233CFBA9F423}.xpi [2014-11-26]

Chrome:
=======
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-26]
CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-26]
CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-28]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-26]
CHR Extension: (Download FB Album mod) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2014-11-26]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-26]
CHR Extension: (Google Sheets) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-26]
CHR Extension: (Google Wallet) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-26]
CHR Extension: (Photo download for Facebook) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaeofonahpollpigknepbpnabhgbpcjc [2014-11-26]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-25] (CyberGhost S.R.L)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-11-21] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2014-12-12] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2014-12-12] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-12-02] (Comodo Security Solutions, Inc.)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-11-21] (Comodo Security Solutions, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-12-02] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-11-21] (Intel Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2014-12-04] (Riverbed Technology, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-11-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-25] (Windows ® Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2014-12-08] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [807568 2014-12-08] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35080 2014-12-08] (COMODO)
S3 ghsandroid; C:\Windows\System32\Drivers\ghsandroid.sys [38424 2014-12-07] (Google Inc)
S3 ghsdiagMDM; C:\Windows\system32\DRIVERS\ghsdiagMDM.sys [122496 2014-12-07] (HS Incorporated)
S0 icquni; No ImagePath
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [126208 2014-12-08] (COMODO)
S3 massfilter_hs; C:\windows\system32\drivers\massfilter_hs.sys [20232 2014-12-07] (HandSet Incorporated)
R3 Neo_VPN; C:\Windows\system32\DRIVERS\Neo_VPN.sys [28768 2014-11-25] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 Neo_VPN2; C:\Windows\system32\DRIVERS\Neo_VPN2.sys [28768 2014-11-25] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 13:58 - 2014-12-13 13:58 - 00000000 ____D () C:\Users\Adam\Desktop\FRST-OlderVersion
2014-12-13 13:56 - 2014-12-13 13:56 - 00000553 _____ () C:\Users\Adam\Desktop\fixlist.txt
2014-12-12 14:35 - 2014-12-12 14:35 - 00003028 _____ () C:\windows\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2014-12-12 14:24 - 2014-12-12 14:24 - 00010980 _____ () C:\Users\Adam\Desktop\Addition.zip
2014-12-12 14:21 - 2014-12-12 14:23 - 00072334 _____ () C:\Users\Adam\Desktop\Addition.txt
2014-12-12 14:18 - 2014-12-13 13:59 - 00012716 _____ () C:\Users\Adam\Desktop\FRST.txt
2014-12-12 14:17 - 2014-12-13 13:59 - 00000000 ____D () C:\FRST
2014-12-12 14:15 - 2014-12-12 14:15 - 00001835 _____ () C:\Users\Adam\Desktop\aswMBR.txt
2014-12-12 14:15 - 2014-12-12 14:15 - 00000916 _____ () C:\Users\Adam\Desktop\aswMBR.zip
2014-12-12 14:15 - 2014-12-12 14:15 - 00000512 _____ () C:\Users\Adam\Desktop\MBR.dat
2014-12-12 13:43 - 2014-12-13 13:58 - 02119168 _____ (Farbar) C:\Users\Adam\Desktop\FRST64.exe
2014-12-12 13:41 - 2014-12-12 13:43 - 05198336 _____ (AVAST Software) C:\Users\Adam\Desktop\aswMBR.exe
2014-12-12 13:37 - 2014-12-12 13:37 - 06973760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-12-12 13:37 - 2014-12-12 13:37 - 03286016 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 01623552 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 01024512 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00630272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2014-12-12 13:37 - 2014-12-12 13:37 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-12-12 13:37 - 2014-12-12 13:37 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-12-12 13:37 - 2014-12-12 13:37 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-12-12 13:37 - 2014-12-12 13:37 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-12-12 13:36 - 2014-12-12 13:36 - 00499008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2014-12-12 13:36 - 2014-10-27 15:10 - 00390841 _____ () C:\windows\system32\ApnDatabase.xml
2014-12-12 13:32 - 2014-12-12 13:32 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Adam\Desktop\tdsskiller(1).exe
2014-12-11 13:39 - 2014-12-11 13:39 - 00000000 ____D () C:\windows\system32\appraiser
2014-12-10 15:32 - 2014-12-10 15:32 - 01519104 _____ (Microsoft Corporation) C:\windows\system32\vssapi.dll
2014-12-10 15:32 - 2014-12-10 15:32 - 01484288 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2014-12-10 15:32 - 2014-12-10 15:32 - 01195520 _____ (Microsoft Corporation) C:\windows\SysWOW64\vssapi.dll
2014-12-10 15:32 - 2014-12-10 15:32 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\vsstrace.dll
2014-12-10 15:32 - 2014-12-10 15:32 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\vsstrace.dll
2014-12-10 15:32 - 2014-12-10 15:32 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\eventcls.dll
2014-12-10 15:32 - 2014-12-10 15:32 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\eventcls.dll
2014-12-10 15:09 - 2014-12-10 15:09 - 00001987 _____ () C:\Users\Adam\Desktop\attach.zip
2014-12-10 15:08 - 2014-12-10 15:09 - 00005740 _____ () C:\Users\Adam\Desktop\attach.txt
2014-12-10 15:08 - 2014-12-10 15:08 - 00027452 _____ () C:\Users\Adam\Desktop\dds.txt
2014-12-10 15:04 - 2014-12-10 15:04 - 00688992 _____ (Swearware) C:\Users\Adam\Downloads\dds (1).com
2014-12-10 15:03 - 2014-12-10 15:03 - 00688992 ____R (Swearware) C:\Users\Adam\Downloads\dds.com
2014-12-10 14:59 - 2014-12-10 14:59 - 19764736 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 19283456 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 17562112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 15400960 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 14364672 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 13758976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 02237952 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 02054656 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 01762816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 01627648 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-10 14:59 - 2014-12-10 14:59 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-10 14:59 - 2014-12-10 14:59 - 01409536 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 01339392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 01181696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 01083392 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00740864 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00673792 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00623616 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00513536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmpeg2srcsnk.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00458240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00412672 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00396288 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00212992 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-10 14:59 - 2014-12-10 14:59 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-10 14:59 - 2014-12-10 14:59 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-12-10 14:59 - 2014-11-21 00:00 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-12-10 14:59 - 2014-11-20 23:54 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-12-10 14:58 - 2014-12-10 14:58 - 01890816 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-12-10 14:58 - 2014-12-10 14:58 - 01569792 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-12-07 13:43 - 2014-12-07 13:43 - 00309620 _____ () C:\Users\Adam\Downloads\droidsheep-15.apk
2014-12-07 12:29 - 2014-12-07 12:29 - 01721576 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01009.dll
2014-12-07 12:29 - 2014-12-07 12:29 - 01002728 _____ (Microsoft Corporation) C:\windows\system32\WinUSBCoInstaller2.dll
2014-12-07 12:29 - 2014-12-07 12:29 - 00584584 _____ () C:\windows\adb.exe
2014-12-07 12:29 - 2014-12-07 12:29 - 00171272 _____ (ZTE Incorporated) C:\windows\system32\Drivers\zghsnet.sys
2014-12-07 12:29 - 2014-12-07 12:29 - 00162816 _____ (HS Coporation) C:\windows\system32\Drivers\ghsnet.sys
2014-12-07 12:29 - 2014-12-07 12:29 - 00132104 _____ (ZTE Incorporated) C:\windows\system32\Drivers\zghsser.sys
2014-12-07 12:29 - 2014-12-07 12:29 - 00123520 _____ (HS Coporation) C:\windows\system32\Drivers\ghsser.sys
2014-12-07 12:29 - 2014-12-07 12:29 - 00102936 _____ (Google, inc) C:\windows\AdbWinApi.dll
2014-12-07 12:29 - 2014-12-07 12:29 - 00067608 _____ (Google, inc) C:\windows\AdbWinUsbApi.dll
2014-12-07 12:29 - 2014-12-07 12:29 - 00020232 _____ (HandSet Incorporated) C:\windows\system32\Drivers\massfilter_hs.sys
2014-12-07 12:29 - 2014-12-07 12:29 - 00000000 ____D () C:\Users\Adam\.android
2014-12-07 12:29 - 2014-12-07 12:29 - 00000000 ____D () C:\Program Files\Handset_USB_Driver
2014-12-07 11:05 - 2014-12-07 11:05 - 00914051 _____ ( ) C:\Users\Adam\Downloads\rarextractor_setup(1).exe
2014-12-07 11:03 - 2014-12-07 11:03 - 00230744 _____ () C:\Users\Adam\Downloads\rarextractor_setup.exe
2014-12-07 10:56 - 2014-12-07 10:56 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-12-05 13:52 - 2014-12-05 13:52 - 00000000 __SHD () C:\Recovery
2014-12-05 13:44 - 2014-12-05 13:44 - 00262144 _____ () C:\windows\system32\config\userdiff
2014-12-05 10:34 - 2014-12-05 10:34 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Adam\Downloads\tdsskiller.exe
2014-12-04 16:16 - 2014-12-07 10:46 - 00000000 ____D () C:\Program Files\trend micro
2014-12-04 16:16 - 2014-12-04 16:17 - 00000000 ____D () C:\rsit
2014-12-04 16:16 - 2014-12-04 16:16 - 01222144 _____ () C:\Users\Adam\Downloads\RSITx64.exe
2014-12-04 15:06 - 2014-12-04 15:06 - 00041951 _____ () C:\Users\Adam\Desktop\gmer.zip
2014-12-04 14:58 - 2014-12-04 14:58 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Wireshark
2014-12-04 14:40 - 2014-12-04 14:58 - 00709977 _____ () C:\Users\Adam\Desktop\gmer.txt
2014-12-04 14:08 - 2014-12-04 14:08 - 00000000 _____ () C:\Users\Adam\Desktop\New Text Document (2).txt
2014-12-04 11:52 - 2014-12-04 11:52 - 00380416 _____ () C:\Users\Adam\Downloads\cyrz5j6s (1).exe
2014-12-04 11:35 - 2014-12-04 11:35 - 00001541 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2014-12-04 11:35 - 2014-12-04 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-12-04 11:35 - 2014-12-04 11:35 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-12-04 11:34 - 2014-12-04 11:35 - 00000000 ____D () C:\Program Files\Wireshark
2014-12-04 11:24 - 2014-12-04 11:30 - 29812640 _____ (Wireshark development team) C:\Users\Adam\Downloads\Wireshark-win64-1.12.2.exe
2014-12-04 11:18 - 2014-12-04 11:18 - 00000000 ____D () C:\Users\Adam\Downloads\aircrack-ng-1.2-rc1-win
2014-12-04 11:14 - 2014-12-04 11:16 - 05226981 _____ () C:\Users\Adam\Downloads\aircrack-ng-1.2-rc1-win.zip
2014-12-04 11:09 - 2014-12-04 11:10 - 00000000 ____D () C:\Users\Adam\Desktop\Tor Browser
2014-12-04 11:04 - 2014-12-04 11:09 - 34305058 _____ () C:\Users\Adam\Downloads\torbrowser-install-4.0.2_en-US.exe
2014-12-04 09:40 - 2014-12-04 09:40 - 00380416 _____ () C:\Users\Adam\Downloads\vst0g34r.exe
2014-12-04 09:40 - 2014-12-04 09:40 - 00380416 _____ () C:\Users\Adam\Downloads\cyrz5j6s.exe
2014-12-04 09:39 - 2014-12-04 09:39 - 00380416 _____ () C:\Users\Adam\Downloads\8v6f6tir.exe
2014-12-02 16:55 - 2014-12-02 16:55 - 00003596 _____ () C:\windows\System32\Tasks\HPCustParticipation HP Officejet 6600
2014-12-02 16:54 - 2014-12-10 14:54 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\HpUpdate
2014-12-02 16:54 - 2014-12-02 16:54 - 00002163 _____ () C:\Users\Public\Desktop\HP Officejet 6600.lnk
2014-12-02 16:54 - 2014-12-02 16:54 - 00001135 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 6600.lnk
2014-12-02 16:54 - 2014-12-02 16:54 - 00000958 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-12-02 16:54 - 2014-12-02 16:54 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-12-02 16:54 - 2014-12-02 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-12-02 16:54 - 2014-12-02 16:54 - 00000000 ____D () C:\ProgramData\HP
2014-12-02 16:54 - 2014-12-02 16:54 - 00000000 ____D () C:\Program Files\HP
2014-12-02 16:54 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\windows\system32\HPDiscoPM5D12.dll
2014-12-02 16:53 - 2014-12-02 17:06 - 00000000 ____D () C:\Users\Adam\AppData\Local\HP
2014-12-02 16:53 - 2014-12-02 16:54 - 02873744 _____ (Hewlett-Packard Co.) C:\windows\system32\hpinkins5D12.exe
2014-12-02 16:48 - 2014-12-02 16:48 - 00000000 ____D () C:\Users\Adam\AppData\Local\Hewlett-Packard
2014-12-02 16:45 - 2014-12-02 16:54 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-12-02 16:44 - 2014-12-02 16:44 - 05152768 _____ () C:\Users\Adam\Downloads\HPSupportSolutionsFramework-11.51.0027.msi
2014-12-02 13:18 - 2014-12-05 10:23 - 00004707 _____ () C:\windows\comsetup.log
2014-12-02 13:08 - 2014-12-05 10:25 - 00062868 _____ () C:\windows\diagwrn.xml
2014-12-02 13:08 - 2014-12-05 10:25 - 00062868 _____ () C:\windows\diagerr.xml
2014-12-02 12:55 - 2014-12-02 12:55 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-12-01 10:58 - 2014-12-01 10:58 - 02347384 _____ (ESET) C:\Users\Adam\Downloads\esetsmartinstaller_enu.exe
2014-11-29 12:22 - 2014-12-05 16:00 - 00427120 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-28 12:12 - 2014-11-29 11:52 - 00000000 ____D () C:\windows\system32\AutoUpdateLicense
2014-11-28 12:11 - 2014-11-28 12:11 - 00000000 ____D () C:\Users\Adam\AppData\Local\Macromedia
2014-11-28 12:08 - 2014-12-12 14:20 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-28 12:08 - 2014-12-09 12:20 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 15:10 - 2014-11-26 15:10 - 00695808 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-11-26 15:10 - 2014-11-26 15:10 - 00582552 _____ (Microsoft Corporation) C:\windows\system32\AutoUpdate.exe
2014-11-26 15:10 - 2014-11-26 15:10 - 00568832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-11-26 15:10 - 2014-11-26 15:10 - 00462760 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-11-26 15:10 - 2014-11-26 15:10 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-11-26 15:10 - 2014-11-26 15:10 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-26 15:10 - 2014-11-26 15:10 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2014-11-26 15:10 - 2014-11-26 15:10 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-26 15:10 - 2014-10-21 20:34 - 00010777 _____ () C:\windows\system32\AutoconfigV2.cab
2014-11-26 15:09 - 2014-11-26 15:09 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 02238464 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 01824784 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 01539584 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 01408952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 01403896 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-11-26 15:09 - 2014-11-26 15:09 - 01271664 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-11-26 15:09 - 2014-11-26 15:09 - 01220608 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 01217352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-11-26 15:09 - 2014-11-26 15:09 - 01093904 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-11-26 15:09 - 2014-11-26 15:09 - 00618496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-11-26 15:09 - 2014-11-26 15:09 - 00340480 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 00328000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-11-26 15:09 - 2014-11-26 15:09 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-11-26 15:09 - 2014-11-26 15:09 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 00181248 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-11-26 15:09 - 2014-11-26 15:09 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-11-26 15:09 - 2014-11-26 15:09 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-11-26 15:09 - 2014-11-26 15:09 - 00006144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-11-26 15:09 - 2014-07-11 17:02 - 00478352 _____ () C:\windows\SysWOW64\locale.nls
2014-11-26 15:09 - 2014-07-11 17:00 - 00478352 _____ () C:\windows\system32\locale.nls
2014-11-26 12:29 - 2014-12-11 13:39 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-26 11:49 - 2014-11-26 11:49 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-11-26 11:49 - 2014-11-26 11:49 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-11-26 11:41 - 2014-12-02 12:56 - 00057096 _____ (COMODO CA Limited) C:\windows\system32\certsentry.dll
2014-11-26 11:41 - 2014-12-02 12:56 - 00048392 _____ (COMODO CA Limited) C:\windows\SysWOW64\certsentry.dll
2014-11-26 11:40 - 2014-11-26 11:40 - 01060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2014-11-26 11:40 - 2014-11-26 11:40 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2014-11-26 10:51 - 2014-11-26 10:51 - 01055936 _____ (Adobe) C:\Users\Adam\Downloads\install_flashplayer15x32_mssd_aaa_aih.exe
2014-11-26 10:20 - 2014-12-12 14:23 - 00002194 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-26 10:20 - 2014-11-26 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-26 10:12 - 2014-12-13 13:43 - 00000906 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-26 10:12 - 2014-12-12 14:23 - 00000910 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-26 10:12 - 2014-11-26 10:20 - 00000000 ____D () C:\Users\Adam\AppData\Local\Google
2014-11-26 10:12 - 2014-11-26 10:20 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-26 10:12 - 2014-11-26 10:12 - 00880784 _____ (Google Inc.) C:\Users\Adam\Downloads\ChromeSetup.exe
2014-11-26 10:12 - 2014-11-26 10:12 - 00003882 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-26 10:12 - 2014-11-26 10:12 - 00003646 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-25 14:27 - 2014-12-09 11:00 - 00000000 ____D () C:\Users\Adam\AppData\Local\CyberGhost
2014-11-25 14:23 - 2014-11-25 14:27 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-11-25 14:23 - 2014-11-25 14:23 - 00001739 _____ () C:\Users\Adam\Desktop\CyberGhost 5.lnk
2014-11-25 14:23 - 2014-11-25 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2014-11-25 14:22 - 2014-11-25 14:27 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-11-25 14:21 - 2014-11-25 14:22 - 09629976 _____ (CyberGhost S.R.L. ) C:\Users\Adam\Downloads\CG_5.0.14.7.exe
2014-11-25 11:54 - 2014-11-25 11:54 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\windows\system32\Drivers\Neo_VPN2.sys
2014-11-25 11:50 - 2014-11-25 14:15 - 00000000 ____D () C:\Program Files\SoftEther VPN Client
2014-11-25 11:50 - 2014-11-25 11:50 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\windows\system32\vpncmd.exe
2014-11-25 11:50 - 2014-11-25 11:50 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\windows\system32\Drivers\Neo_VPN.sys
2014-11-22 12:50 - 2014-11-22 12:50 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Comodo
2014-11-22 12:28 - 2014-11-22 12:38 - 00000032 _____ () C:\Users\Adam\Desktop\New Text Document.txt
2014-11-21 12:46 - 2014-12-12 13:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-21 12:46 - 2014-11-21 12:46 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-11-21 12:45 - 2014-11-21 12:58 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-21 12:45 - 2014-11-21 12:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-21 12:44 - 2014-11-28 12:10 - 00000000 ____D () C:\Users\Adam\AppData\Local\Adobe
2014-11-21 12:40 - 2014-11-21 12:40 - 00000144 _____ () C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-21 12:17 - 2014-11-21 12:17 - 00000451 _____ () C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-21 12:14 - 2014-12-10 14:59 - 00714184 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-21 12:14 - 2014-12-10 14:59 - 00106440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-21 11:30 - 2014-11-21 11:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-11-21 11:28 - 2014-11-21 11:28 - 00000000 ____D () C:\windows\PCHEALTH
2014-11-21 11:21 - 2014-11-21 11:21 - 00000000 ____D () C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-11-21 11:20 - 2014-11-21 11:20 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-21 11:19 - 2014-11-21 11:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-11-21 11:18 - 2014-12-10 15:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-21 11:18 - 2014-11-21 11:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-21 11:18 - 2014-11-21 11:18 - 00000000 ____D () C:\Users\Adam\AppData\Local\Microsoft Help
2014-11-21 11:17 - 2014-11-21 11:17 - 00000000 __RHD () C:\MSOCache
2014-11-21 11:10 - 2014-12-10 15:37 - 00000000 ____D () C:\windows\system32\MRT
2014-11-21 11:10 - 2014-12-10 15:33 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-21 10:58 - 2014-11-21 10:58 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-11-21 10:58 - 2014-11-21 10:58 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-11-21 10:55 - 2014-11-21 10:55 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-11-21 10:55 - 2014-11-21 10:55 - 00000000 ____D () C:\Intel
2014-11-21 10:55 - 2014-11-21 10:52 - 00064000 _____ (Khronos Group) C:\windows\system32\OpenCL.DLL
2014-11-21 10:55 - 2014-11-21 10:52 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.DLL
2014-11-21 10:54 - 2014-11-21 10:54 - 00000000 ____D () C:\Program Files\Intel
2014-11-21 10:53 - 2014-11-21 10:53 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-11-21 10:53 - 2014-11-21 10:53 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2014-11-21 10:53 - 2014-11-21 10:53 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\appserverai.dll
2014-11-21 10:53 - 2014-11-21 10:53 - 00132608 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2014-11-21 10:53 - 2014-11-21 10:53 - 00126976 _____ (Microsoft Corporation) C:\windows\system32\RDWebAI.dll
2014-11-21 10:53 - 2014-11-21 10:53 - 00122880 _____ (Microsoft Corporation) C:\windows\system32\VmHostAI.dll
2014-11-21 10:51 - 2014-11-21 10:51 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-21 10:51 - 2014-11-21 10:51 - 00318976 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-21 10:51 - 2014-11-21 10:51 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2014-11-21 10:51 - 2014-11-21 10:51 - 00072192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 04068864 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-21 10:50 - 2014-11-21 10:50 - 03248640 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00713728 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00713728 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\rfxvmt.dll
2014-11-21 10:50 - 2014-11-21 10:50 - 00027880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 14267904 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 11878912 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 09374208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-11-21 10:49 - 2014-11-21 10:49 - 09374208 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-11-21 10:49 - 2014-11-21 10:49 - 03552768 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 02767360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 02107904 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 01593344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 01444864 _____ (Microsoft Corporation) C:\windows\system32\MSAudDecMFT.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 01113600 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSAudDecMFT.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00869544 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00805376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00804352 _____ (Microsoft Corporation) C:\windows\system32\RecoveryDrive.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00745984 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00670208 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00659456 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00595456 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00503080 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00489576 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00468992 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00463768 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00456704 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00446792 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00435200 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00426024 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\GenuineCenter.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00403968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00324368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\fhcfg.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00306952 _____ (Microsoft Corporation) C:\windows\system32\kd_02_10ec.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00303848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00302592 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00298456 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00281088 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00280576 _____ (Microsoft Corporation) C:\windows\system32\fhcat.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00253544 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00252928 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00231936 _____ (Microsoft Corporation) C:\windows\system32\fhengine.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00228352 _____ (Microsoft Corporation) C:\windows\system32\XpsRasterService.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00214528 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\iuilp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\dmvdsitf.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\dwmredir.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00171008 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmvdsitf.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsRasterService.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\fhmanagew.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00137728 _____ (Microsoft Corporation) C:\windows\system32\fhshl.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00123880 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\rascfg.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\fhsvc.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00108544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rascfg.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2014-11-21 10:49 - 2014-11-21 10:49 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\mssitlb.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidbth.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssitlb.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00086280 _____ (Microsoft Corporation) C:\windows\system32\kdnet.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\fhsrchapi.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00077960 _____ (Microsoft Corporation) C:\windows\system32\kdvm.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\rasdiag.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fhevents.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00069864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\fhsrchph.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\fhlisten.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\fhautoplay.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00060928 _____ (Microsoft Corporation) C:\windows\system32\ndptsp.tsp
2014-11-21 10:49 - 2014-11-21 10:49 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasdiag.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\fhcleanup.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ndptsp.tsp
2014-11-21 10:49 - 2014-11-21 10:49 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\fmifs.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\kmddsp.tsp
2014-11-21 10:49 - 2014-11-21 10:49 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\fmifs.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\rasmxs.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidi2c.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00038912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kmddsp.tsp
2014-11-21 10:49 - 2014-11-21 10:49 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\fhtask.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasmxs.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\rasser.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndistapi.sys
2014-11-21 10:49 - 2014-11-21 10:49 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasser.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\fhsvcctl.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00009216 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2014-11-21 10:49 - 2014-11-21 10:49 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2014-11-21 10:49 - 2014-11-21 10:49 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2014-11-21 10:49 - 2014-11-21 10:49 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2014-11-21 10:48 - 2014-11-21 10:48 - 00778240 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-21 10:48 - 2014-11-21 10:48 - 00567808 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-21 10:47 - 2014-11-21 10:47 - 01312768 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-11-21 10:47 - 2014-11-21 10:47 - 00694272 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 02837504 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 02233152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-11-21 10:46 - 2014-11-21 10:46 - 02043392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 01453400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-11-21 10:46 - 2014-11-21 10:46 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 01043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00827904 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00678600 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00616448 _____ (Microsoft Corporation) C:\windows\system32\FXSAPI.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\FXSCOMEX.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-11-21 10:46 - 2014-11-21 10:46 - 00570216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-11-21 10:46 - 2014-11-21 10:46 - 00536776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00499712 _____ (Microsoft Corporation) C:\windows\SysWOW64\FXSCOMEX.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00432640 _____ (Microsoft Corporation) C:\windows\system32\FXSTIFF.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00328512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2014-11-21 10:46 - 2014-11-21 10:46 - 00318464 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00309248 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\FXST30.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00238080 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00227840 _____ (Microsoft Corporation) C:\windows\SysWOW64\FXSAPI.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00227328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00188928 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00187904 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00178688 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00171840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-21 10:46 - 2014-11-21 10:46 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-21 10:46 - 2014-11-21 10:46 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\workerdd.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 13644288 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 10788864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 01332736 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 01131520 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00812544 _____ (Microsoft Corporation) C:\windows\system32\Magnify.exe
2014-11-21 10:45 - 2014-11-21 10:45 - 00758784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Magnify.exe
2014-11-21 10:45 - 2014-11-21 10:45 - 00708096 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00560640 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00501760 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00470528 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00449536 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00427520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2014-11-21 10:45 - 2014-11-21 10:45 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\intl.cpl
2014-11-21 10:45 - 2014-11-21 10:45 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00389632 _____ (Microsoft Corporation) C:\windows\SysWOW64\intl.cpl
2014-11-21 10:45 - 2014-11-21 10:45 - 00389120 _____ (Microsoft Corporation) C:\windows\system32\BCP47Langs.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00330240 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\BCP47Langs.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00303616 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00284416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2014-11-21 10:45 - 2014-11-21 10:45 - 00247296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\netplwiz.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\netplwiz.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\biwinrt.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00120736 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2014-11-21 10:45 - 2014-11-21 10:45 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\netprofm.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\psmsrv.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\biwinrt.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2014-11-21 10:45 - 2014-11-21 10:45 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\taskhostex.exe
2014-11-21 10:45 - 2014-11-21 10:45 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2014-11-21 10:45 - 2014-11-21 10:45 - 00018432 _____ (Microsoft Corporation) C:\windows\SysWOW64\npmproxy.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\muifontsetup.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00015872 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlmproxy.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\muifontsetup.dll
2014-11-21 10:45 - 2014-11-21 10:45 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlmsprep.dll
2014-11-21 10:45 - 2013-05-03 21:51 - 00014848 _____ (Microsoft) C:\windows\system32\rars.rs
2014-11-21 10:45 - 2013-05-03 21:10 - 00014848 _____ (Microsoft) C:\windows\SysWOW64\rars.rs
2014-11-21 10:44 - 2014-11-21 10:44 - 01255936 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2014-11-21 10:44 - 2014-11-21 10:44 - 01013248 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2014-11-21 10:44 - 2014-11-21 10:44 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2014-11-21 10:44 - 2014-11-21 10:44 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 02361344 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 01802240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 01149952 _____ (Microsoft Corporation) C:\windows\system32\winmde.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 01101824 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 01048576 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 00951808 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-11-21 10:43 - 2014-11-21 10:43 - 00112984 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-11-21 10:43 - 2014-11-21 10:43 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-11-21 10:43 - 2014-11-21 10:43 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 05982208 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 05095424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 01125376 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-11-21 10:42 - 2014-11-21 10:42 - 01049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-11-21 10:42 - 2014-11-21 10:42 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmde.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\drvstore.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00601088 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvstore.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00332520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-11-21 10:42 - 2014-11-21 10:42 - 00300544 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\usbmon.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00194792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2014-11-21 10:42 - 2014-11-21 10:42 - 00180224 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00171008 _____ (Microsoft Corporation) C:\windows\system32\TimeBrokerServer.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl
2014-11-21 10:42 - 2014-11-21 10:42 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\discan.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00148712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2014-11-21 10:42 - 2014-11-21 10:42 - 00145408 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl
2014-11-21 10:42 - 2014-11-21 10:42 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncInfo.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00125160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2014-11-21 10:42 - 2014-11-21 10:42 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\NdisImPlatform.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncInfo.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00077544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storahci.sys
2014-11-21 10:42 - 2014-11-21 10:42 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\WSDPrintProxy.DLL
2014-11-21 10:42 - 2014-11-21 10:42 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\DevDispItemProvider.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevDispItemProvider.dll
2014-11-21 10:42 - 2014-11-21 10:42 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\monitor.sys
2014-11-21 10:42 - 2014-11-21 10:42 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys
2014-11-21 10:41 - 2014-11-21 10:41 - 04917760 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2014-11-21 10:41 - 2014-11-21 10:41 - 02371728 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 01164288 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\WSSync.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSSync.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00110592 _____ () C:\windows\system32\OEMLicense.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00083968 _____ () C:\windows\SysWOW64\OEMLicense.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2014-11-21 10:41 - 2014-11-21 10:41 - 00058200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 01933544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 01557504 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-11-21 10:40 - 2014-11-21 10:40 - 01440256 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-11-21 10:40 - 2014-11-21 10:40 - 00993512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\duser.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00611840 _____ (Microsoft Corporation) C:\windows\system32\wpd_ci.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00567808 _____ (Microsoft Corporation) C:\windows\SysWOW64\duser.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00543232 _____ (Microsoft Corporation) C:\windows\system32\wlroamextension.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\WWanAPI.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00411880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-11-21 10:40 - 2014-11-21 10:40 - 00410624 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlroamextension.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00385024 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00370688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWanAPI.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00362496 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00356352 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00300032 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.Connectivity.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\hotspotauth.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00197632 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.Connectivity.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\apprepapi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\taskkill.exe
2014-11-21 10:40 - 2014-11-21 10:40 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\tasklist.exe
2014-11-21 10:40 - 2014-11-21 10:40 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\apprepsync.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\wersvc.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepapi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\tasklist.exe
2014-11-21 10:40 - 2014-11-21 10:40 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskkill.exe
2014-11-21 10:40 - 2014-11-21 10:40 - 00075776 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepsync.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00061672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crashdmp.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 00055296 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00037632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthAvrcpTg.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00029952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthhfHid.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BtaMPM.sys
2014-11-21 10:40 - 2014-11-21 10:40 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00003072 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2014-11-21 10:40 - 2014-11-21 10:40 - 00003072 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2014-11-21 10:39 - 2014-11-21 10:39 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2014-11-21 10:38 - 2014-11-21 10:38 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2014-11-21 10:38 - 2014-11-21 10:38 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2014-11-21 10:37 - 2014-11-21 10:37 - 00017888 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100_clr0400.dll
2014-11-21 10:37 - 2014-11-21 10:37 - 00017888 _____ (Microsoft Corporation) C:\windows\system32\msvcr100_clr0400.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 10115072 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 08858624 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 02094592 _____ (Microsoft Corporation) C:\windows\system32\mmc.exe
2014-11-21 10:35 - 2014-11-21 10:35 - 01964544 _____ (Microsoft Corporation) C:\windows\system32\wlidsvc.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 01886208 _____ (Microsoft Corporation) C:\windows\system32\setupapi.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 01752064 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupapi.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 01611776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mmc.exe
2014-11-21 10:35 - 2014-11-21 10:35 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00894464 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00890880 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2014-11-21 10:35 - 2014-11-21 10:35 - 00436736 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2014-11-21 10:35 - 2014-11-21 10:35 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2014-11-21 10:35 - 2014-11-21 10:35 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00256000 _____ (Microsoft Corporation) C:\windows\system32\WSDMon.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\ncbservice.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\httpprxm.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00095232 _____ (Microsoft Corporation) C:\windows\system32\wiaacmgr.exe
2014-11-21 10:35 - 2014-11-21 10:35 - 00091880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys
2014-11-21 10:35 - 2014-11-21 10:35 - 00083968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiaacmgr.exe
2014-11-21 10:35 - 2014-11-21 10:35 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\adhsvc.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00028904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpiowin32.sys
2014-11-21 10:35 - 2014-11-21 10:35 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\adhapi.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\httpprxp.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\keepaliveprovider.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02893824 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02416640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02400256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02307072 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 02037760 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00754176 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00393216 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00295424 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 02062848 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 01711616 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00982016 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00559104 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00270024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-11-21 10:33 - 2014-11-21 10:33 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00100184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-11-21 10:33 - 2014-11-21 10:33 - 00099840 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-11-21 10:33 - 2014-11-21 10:33 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-11-21 10:33 - 2014-11-21 10:33 - 00035320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-11-21 10:33 - 2014-11-21 10:33 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-11-21 10:32 - 2014-11-21 10:32 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-11-21 10:32 - 2014-11-21 10:32 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-11-21 10:31 - 2014-11-21 10:31 - 01300992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-11-21 10:31 - 2014-11-21 10:31 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 02851840 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 02382336 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 01011200 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00945152 _____ (Microsoft Corporation) C:\windows\system32\resetengmig.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2014-11-21 10:30 - 2014-11-21 10:30 - 00652288 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00541696 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00443392 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00375808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00375808 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00132096 _____ (Microsoft Corporation) C:\windows\system32\sysreset.exe
2014-11-21 10:30 - 2014-11-21 10:30 - 00094208 _____ (Microsoft Corporation) C:\windows\system32\synceng.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00072192 _____ (Microsoft Corporation) C:\windows\SysWOW64\synceng.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\dpnathlp.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnathlp.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00054488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2014-11-21 10:30 - 2014-11-21 10:30 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\dpnsvr.exe
2014-11-21 10:30 - 2014-11-21 10:30 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnsvr.exe
2014-11-21 10:30 - 2014-11-21 10:30 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\dpnhupnp.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\dpnhpast.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnhupnp.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnhpast.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dpnlobby.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00003584 _____ (Microsoft Corporation) C:\windows\system32\dpnaddr.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00003072 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnlobby.dll
2014-11-21 10:30 - 2014-11-21 10:30 - 00002560 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnaddr.dll
2014-11-21 10:29 - 2014-11-21 10:29 - 00861184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2014-11-21 10:28 - 2014-11-21 10:28 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2014-11-21 10:28 - 2014-11-21 10:28 - 00273408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2014-11-21 10:28 - 2014-11-21 10:28 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\ReAgentc.exe
2014-11-21 10:28 - 2014-11-21 10:28 - 00024064 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgentc.exe
2014-11-21 10:28 - 2014-11-21 10:28 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-11-21 10:28 - 2014-11-21 10:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-11-21 10:27 - 2014-11-21 10:27 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-21 10:27 - 2014-11-21 10:27 - 01418752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-21 10:27 - 2014-11-21 10:27 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2014-11-21 10:27 - 2014-11-21 10:27 - 00368640 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2014-11-21 10:27 - 2014-11-21 10:27 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-21 10:27 - 2014-11-21 10:27 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-21 10:26 - 2014-11-21 10:26 - 00623448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-11-21 10:26 - 2014-11-21 10:26 - 00498008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-11-21 10:26 - 2014-11-21 10:26 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-11-21 10:26 - 2014-11-21 10:26 - 00079192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-11-21 10:26 - 2014-11-21 10:26 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-11-21 10:26 - 2014-11-21 10:26 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-11-21 10:26 - 2014-11-21 10:26 - 00021848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-11-21 10:25 - 2014-11-21 10:25 - 01838080 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2014-11-21 10:25 - 2014-11-21 10:25 - 01421312 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2014-11-21 10:25 - 2014-11-21 10:25 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-11-21 10:25 - 2014-11-21 10:25 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-11-21 10:20 - 2014-11-21 10:20 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-11-21 10:20 - 2014-11-21 10:20 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-11-21 10:20 - 2014-11-21 10:20 - 00783872 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-21 10:20 - 2014-11-21 10:20 - 00522728 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-21 10:20 - 2014-11-21 10:20 - 00267264 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-21 10:20 - 2014-11-21 10:20 - 00169472 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2014-11-21 10:15 - 2014-11-21 09:50 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2014-11-21 10:12 - 2014-11-21 10:12 - 00002024 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk
2014-11-21 10:06 - 2014-11-21 10:11 - 987942848 _____ (Microsoft Corporation) C:\Users\Adam\Downloads\MicrosoftInstaller.exe
2014-11-21 10:06 - 2013-10-10 04:53 - 00096600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2014-11-21 10:06 - 2013-10-10 02:21 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2014-11-21 10:06 - 2013-10-10 02:20 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2014-11-21 10:06 - 2013-06-10 12:16 - 00888832 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2014-11-21 10:06 - 2013-06-10 12:15 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2014-11-21 10:06 - 2013-06-10 12:10 - 00702464 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2014-11-21 10:06 - 2013-06-10 12:10 - 00245248 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2014-11-21 10:04 - 2014-11-26 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-21 10:03 - 2014-11-26 16:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-21 10:03 - 2014-11-26 16:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-21 10:00 - 2014-11-21 10:00 - 00000117 _____ () C:\windows\system32\netcfg-111484.txt
2014-11-21 09:58 - 2014-11-21 09:58 - 00000117 _____ () C:\windows\system32\netcfg-73086250.txt
2014-11-21 09:48 - 2014-12-13 13:51 - 01474832 _____ () C:\windows\system32\Drivers\sfi.dat
2014-11-21 09:48 - 2014-12-12 14:35 - 00001985 _____ () C:\Users\Public\Desktop\COMODO Internet Security.lnk
2014-11-21 09:48 - 2014-11-21 09:48 - 00000117 _____ () C:\windows\system32\netcfg-72482812.txt
2014-11-21 09:48 - 2014-11-21 09:48 - 00000117 _____ () C:\windows\system32\netcfg-72479828.txt
2014-11-21 09:48 - 2014-11-21 09:48 - 00000000 ____D () C:\windows\System32\Tasks\COMODO
2014-11-21 09:47 - 2014-11-21 09:48 - 00000167 _____ () C:\windows\system32\netcfg-72474484.txt
2014-11-21 09:47 - 2014-11-21 09:47 - 00000000 ____D () C:\ProgramData\Shared Space
2014-11-21 09:46 - 2014-12-02 12:56 - 00001055 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2014-11-21 09:46 - 2014-11-21 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-11-21 09:46 - 2014-11-21 09:47 - 00000000 ____D () C:\Program Files\COMODO
2014-11-21 09:46 - 2014-11-21 09:46 - 00000000 ____D () C:\Users\Adam\AppData\Local\Comodo
2014-11-21 09:46 - 2014-11-21 09:46 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-11-21 09:45 - 2014-11-21 09:48 - 00000000 ____D () C:\ProgramData\Comodo
2014-11-21 09:44 - 2014-11-21 09:45 - 224188624 _____ (COMODO) C:\Users\Adam\Downloads\cispremium_installer_5962_fe.exe
2014-11-21 09:41 - 2014-11-21 09:42 - 00000117 _____ () C:\windows\system32\netcfg-72118656.txt
2014-11-21 09:41 - 2014-11-21 09:41 - 00000117 _____ () C:\windows\system32\netcfg-72118609.txt
2014-11-21 09:41 - 2014-11-21 09:41 - 00000117 _____ () C:\windows\system32\netcfg-72112140.txt
2014-11-21 09:41 - 2014-11-21 09:41 - 00000117 _____ () C:\windows\system32\netcfg-72085296.txt
2014-11-21 09:41 - 2013-02-05 15:29 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-11-21 09:41 - 2013-02-05 15:28 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-11-20 16:30 - 2013-10-10 02:32 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2014-11-20 16:30 - 2013-10-10 02:30 - 00162304 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrobj.dll
2014-11-20 16:30 - 2013-10-10 02:30 - 00156160 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2014-11-20 16:30 - 2013-10-10 02:24 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2014-11-20 16:30 - 2013-10-10 02:23 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2014-11-20 16:30 - 2013-10-10 02:22 - 00222720 _____ (Microsoft Corporation) C:\windows\system32\scrobj.dll
2014-11-20 16:30 - 2013-10-10 02:22 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2014-11-20 16:30 - 2013-09-27 20:35 - 00288768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2014-11-20 16:30 - 2013-05-14 19:25 - 00888320 _____ (Microsoft Corporation) C:\windows\system32\autochk.exe
2014-11-20 16:30 - 2013-05-14 19:25 - 00542208 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2014-11-20 16:30 - 2013-05-14 19:24 - 00793088 _____ (Microsoft Corporation) C:\windows\SysWOW64\autochk.exe
2014-11-20 16:30 - 2013-05-14 19:24 - 00482816 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2014-11-20 16:30 - 2012-10-10 22:45 - 00370176 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2014-11-20 16:30 - 2012-10-10 22:19 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2014-11-20 16:30 - 2012-10-10 22:18 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2014-11-20 16:29 - 2014-10-23 05:47 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-20 16:29 - 2014-10-23 04:04 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-20 16:29 - 2014-07-31 16:40 - 01287680 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-11-20 16:29 - 2014-06-06 07:06 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-11-20 16:29 - 2014-06-06 03:17 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-11-20 16:29 - 2013-10-18 22:45 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2014-11-20 16:29 - 2013-10-18 21:04 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2014-11-20 16:29 - 2012-10-23 20:25 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2014-11-20 16:29 - 2012-10-23 20:24 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2014-11-20 16:29 - 2012-10-23 20:24 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2014-11-20 16:29 - 2012-10-23 20:05 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2014-11-20 16:28 - 2014-12-02 17:04 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys
2014-11-20 16:28 - 2014-09-02 19:48 - 00510464 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-11-20 16:28 - 2014-09-02 19:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-11-20 16:28 - 2013-07-05 15:02 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2014-11-20 16:28 - 2013-07-05 15:01 - 00210560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2014-11-20 16:28 - 2013-07-01 18:41 - 00447320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-11-20 16:28 - 2013-07-01 18:41 - 00337752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2014-11-20 16:28 - 2013-07-01 18:41 - 00213336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2014-11-20 16:28 - 2013-07-01 15:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2014-11-20 16:28 - 2013-06-28 20:08 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2014-11-20 16:28 - 2013-06-28 20:07 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-11-20 16:28 - 2013-02-01 22:41 - 01437184 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2014-11-20 16:28 - 2013-02-01 22:31 - 01690624 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2014-11-20 16:19 - 2013-08-15 22:21 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-11-20 16:19 - 2013-08-15 22:21 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-11-20 16:19 - 2013-08-15 15:43 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-11-20 16:19 - 2012-11-05 21:00 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wushareduxresources.dll
2014-11-20 15:56 - 2014-11-20 15:56 - 00000117 _____ () C:\windows\system32\netcfg-8186171.txt
2014-11-20 15:56 - 2014-11-20 15:56 - 00000117 _____ () C:\windows\system32\netcfg-8183062.txt
2014-11-20 15:56 - 2014-11-20 15:56 - 00000117 _____ () C:\windows\system32\netcfg-8182984.txt
2014-11-20 15:54 - 2014-11-20 15:54 - 00000117 _____ () C:\windows\system32\netcfg-8096062.txt
2014-11-20 15:53 - 2014-11-20 15:53 - 00000117 _____ () C:\windows\system32\netcfg-8034796.txt
2014-11-20 15:53 - 2014-11-20 15:53 - 00000117 _____ () C:\windows\system32\netcfg-8032312.txt
2014-11-20 15:53 - 2014-11-20 15:53 - 00000117 _____ () C:\windows\system32\netcfg-8022687.txt
2014-11-20 15:53 - 2014-11-20 15:53 - 00000117 _____ () C:\windows\system32\netcfg-8019656.txt
2014-11-20 15:53 - 2014-11-20 15:53 - 00000117 _____ () C:\windows\system32\netcfg-7990390.txt
2014-11-20 15:53 - 2014-11-20 15:53 - 00000117 _____ () C:\windows\system32\netcfg-7989828.txt
2014-11-20 15:52 - 2014-11-20 15:52 - 00000117 _____ () C:\windows\system32\netcfg-7927781.txt
2014-11-20 15:00 - 2014-11-20 15:00 - 00000117 _____ () C:\windows\system32\netcfg-4836343.txt
2014-11-20 15:00 - 2014-11-20 15:00 - 00000117 _____ () C:\windows\system32\netcfg-4818359.txt
2014-11-20 15:00 - 2014-11-20 15:00 - 00000117 _____ () C:\windows\system32\netcfg-4818328.txt
2014-11-20 15:00 - 2014-11-20 15:00 - 00000117 _____ () C:\windows\system32\netcfg-4818281.txt
2014-11-20 15:00 - 2014-11-20 15:00 - 00000117 _____ () C:\windows\system32\netcfg-4817703.txt
2014-11-20 14:45 - 2014-11-20 14:45 - 00000117 _____ () C:\windows\system32\netcfg-3946562.txt
2014-11-20 14:45 - 2014-11-20 14:45 - 00000117 _____ () C:\windows\system32\netcfg-3946546.txt
2014-11-20 14:45 - 2014-11-20 14:45 - 00000117 _____ () C:\windows\system32\netcfg-3946500.txt
2014-11-20 14:45 - 2014-11-20 14:45 - 00000117 _____ () C:\windows\system32\netcfg-3945890.txt
2014-11-20 14:44 - 2014-11-20 14:44 - 00000117 _____ () C:\windows\system32\netcfg-3864796.txt
2014-11-20 14:44 - 2014-11-20 14:44 - 00000117 _____ () C:\windows\system32\netcfg-3864234.txt
2014-11-20 14:43 - 2014-11-20 14:43 - 00000117 _____ () C:\windows\system32\netcfg-3830984.txt
2014-11-20 14:43 - 2014-11-20 14:43 - 00000117 _____ () C:\windows\system32\netcfg-3830437.txt
2014-11-20 14:42 - 2014-11-20 14:42 - 00001166 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-20 14:42 - 2014-11-20 14:42 - 00001154 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-20 14:42 - 2014-11-20 14:42 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Mozilla
2014-11-20 14:42 - 2014-11-20 14:42 - 00000000 ____D () C:\Users\Adam\AppData\Local\Mozilla
2014-11-20 14:42 - 2014-11-20 14:42 - 00000000 ____D () C:\ProgramData\Mozilla
2014-11-20 14:42 - 2014-11-20 14:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-20 14:42 - 2014-11-20 14:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-20 14:27 - 2014-11-20 14:27 - 00000117 _____ () C:\windows\system32\netcfg-2837218.txt
2014-11-20 14:27 - 2014-11-20 14:27 - 00000117 _____ () C:\windows\system32\netcfg-2837187.txt
2014-11-20 14:27 - 2014-11-20 14:27 - 00000117 _____ () C:\windows\system32\netcfg-2837109.txt
2014-11-20 14:27 - 2014-11-20 14:27 - 00000117 _____ () C:\windows\system32\netcfg-2836546.txt
2014-11-20 14:25 - 2014-11-20 14:25 - 00000117 _____ () C:\windows\system32\netcfg-2724343.txt
2014-11-20 14:25 - 2014-11-20 14:25 - 00000117 _____ () C:\windows\system32\netcfg-2723796.txt
2014-11-20 14:18 - 2014-11-20 14:18 - 00000117 _____ () C:\windows\system32\netcfg-2289328.txt
2014-11-20 14:17 - 2014-11-20 14:17 - 00000117 _____ () C:\windows\system32\netcfg-2281343.txt
2014-11-20 14:17 - 2014-11-20 14:17 - 00000117 _____ () C:\windows\system32\netcfg-2265375.txt
2014-11-20 14:17 - 2014-11-20 14:17 - 00000117 _____ () C:\windows\system32\netcfg-2265343.txt
2014-11-20 14:17 - 2014-11-20 14:17 - 00000117 _____ () C:\windows\system32\netcfg-2265234.txt
2014-11-20 14:17 - 2014-11-20 14:17 - 00000117 _____ () C:\windows\system32\netcfg-2264703.txt
2014-11-20 14:15 - 2014-11-20 14:15 - 00000117 _____ () C:\windows\system32\netcfg-2136640.txt
2014-11-20 14:15 - 2014-11-20 14:15 - 00000117 _____ () C:\windows\system32\netcfg-2136609.txt
2014-11-20 13:10 - 2014-11-20 13:05 - 00000012 _____ () C:\windows\CSUP.TXT
2014-11-20 13:00 - 2014-11-20 13:00 - 00000117 _____ () C:\windows\system32\netcfg-1235500.txt
2014-11-20 13:00 - 2014-11-20 13:00 - 00000117 _____ () C:\windows\system32\netcfg-1235484.txt
2014-11-20 13:00 - 2014-11-20 13:00 - 00000117 _____ () C:\windows\system32\netcfg-1235437.txt
2014-11-20 13:00 - 2014-11-20 13:00 - 00000117 _____ () C:\windows\system32\netcfg-1234843.txt
2014-11-20 12:59 - 2014-11-20 12:59 - 00000117 _____ () C:\windows\system32\netcfg-1166109.txt
2014-11-20 12:59 - 2014-11-20 12:59 - 00000117 _____ () C:\windows\system32\netcfg-1161484.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1137781.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1135750.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1121625.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1121031.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1103453.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1100406.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1100343.txt
2014-11-20 12:58 - 2014-11-20 12:58 - 00000117 _____ () C:\windows\system32\netcfg-1099765.txt
2014-11-20 12:57 - 2014-11-20 12:57 - 00000117 _____ () C:\windows\system32\netcfg-1067156.txt
2014-11-20 12:57 - 2014-11-20 12:57 - 00000117 _____ () C:\windows\system32\netcfg-1067093.txt
2014-11-20 12:57 - 2014-11-20 12:57 - 00000117 _____ () C:\windows\system32\netcfg-1067000.txt
2014-11-20 12:57 - 2014-11-20 12:57 - 00000117 _____ () C:\windows\system32\netcfg-1066296.txt
2014-11-20 12:56 - 2014-11-20 12:56 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Macromedia
2014-11-20 12:50 - 2014-11-20 12:50 - 00000117 _____ () C:\windows\system32\netcfg-639984.txt
2014-11-20 12:50 - 2014-11-20 12:50 - 00000117 _____ () C:\windows\system32\netcfg-639703.txt
2014-11-20 12:50 - 2014-11-20 12:50 - 00000117 _____ () C:\windows\system32\netcfg-636656.txt
2014-11-20 12:50 - 2014-11-20 12:50 - 00000117 _____ () C:\windows\system32\netcfg-636625.txt
2014-11-20 12:50 - 2014-11-20 12:50 - 00000117 _____ () C:\windows\system32\netcfg-621921.txt
2014-11-20 12:48 - 2014-11-28 12:50 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-423090887-583849361-153837240-1001
2014-11-20 12:48 - 2014-11-20 12:48 - 00000117 _____ () C:\windows\system32\netcfg-497953.txt
2014-11-20 12:48 - 2014-11-20 12:48 - 00000117 _____ () C:\windows\system32\netcfg-497406.txt
2014-11-20 12:44 - 2014-11-20 12:44 - 00000117 _____ () C:\windows\system32\netcfg-281062.txt
2014-11-20 12:43 - 2014-11-21 15:26 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Adobe
2014-11-20 12:43 - 2014-11-20 12:43 - 00001437 _____ () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-20 12:43 - 2014-11-20 12:43 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-11-20 12:42 - 2014-12-08 10:16 - 00000000 ____D () C:\Users\Adam\AppData\Local\VirtualStore
2014-11-20 12:42 - 2014-12-07 12:29 - 00000000 ____D () C:\Users\Adam
2014-11-20 12:42 - 2014-11-20 12:43 - 00000000 ____D () C:\Users\Adam\AppData\Local\Packages
2014-11-20 12:42 - 2014-11-20 12:42 - 00000020 ___SH () C:\Users\Adam\ntuser.ini
2014-11-20 12:42 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 12:42 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-20 12:42 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-20 12:42 - 2012-07-26 01:13 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-20 12:24 - 2014-11-20 12:43 - 00034254 ____H () C:\windows\MODULES.LOG
2014-11-20 12:22 - 2014-12-12 15:02 - 01836644 _____ () C:\windows\WindowsUpdate.log
2014-11-20 12:22 - 2014-11-20 12:22 - 01619275 _____ () C:\windows\MFGSTAT.zip
2014-11-20 12:22 - 2014-11-20 12:22 - 00002097 _____ () C:\Users\Public\Desktop\OneKey Recovery.lnk
2014-11-20 12:22 - 2014-11-20 12:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneKey Recovery
2014-11-20 12:22 - 2014-11-20 12:22 - 00000000 ____D () C:\ProgramData\Temp
2014-11-20 12:22 - 2014-11-20 12:22 - 00000000 ____D () C:\ProgramData\OneKey Recovery
2014-11-20 12:22 - 2014-11-20 12:22 - 00000000 ____D () C:\Program Files\Lenovo
2014-11-20 12:22 - 2014-11-20 12:22 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2014-11-20 12:22 - 2012-06-13 18:10 - 00102376 _____ ("CyberLink) C:\windows\system32\Drivers\wsvd.sys
2014-11-20 12:19 - 2014-11-20 12:21 - 00000011 _____ () C:\windows\system32\lendrvchk.scp
2014-11-20 12:19 - 2014-11-20 12:19 - 00000021 _____ () C:\windows\SysWOW64\Drivers\17AA_Lenovo_Lenovo_G580_20150.MRK
2014-11-20 12:18 - 2014-11-20 12:18 - 00002064 _____ () C:\windows\DPINST.LOG
2014-11-20 12:15 - 2014-11-20 12:15 - 00001140 _____ () C:\windows\system32\netcfg-72984.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00001136 _____ () C:\windows\system32\netcfg-69515.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00001135 _____ () C:\windows\system32\netcfg-67421.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000185 _____ () C:\windows\system32\netcfg-64937.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000164 _____ () C:\windows\system32\netcfg-51218.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000161 _____ () C:\windows\system32\netcfg-64625.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000160 _____ () C:\windows\system32\netcfg-64250.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000160 _____ () C:\windows\system32\netcfg-63859.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000160 _____ () C:\windows\system32\netcfg-50312.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000159 _____ () C:\windows\system32\netcfg-63296.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000157 _____ () C:\windows\system32\netcfg-63531.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000157 _____ () C:\windows\system32\netcfg-62640.txt
2014-11-20 12:15 - 2014-11-20 12:15 - 00000150 _____ () C:\windows\system32\netcfg-62968.txt
2014-11-19 04:31 - 2014-11-19 04:31 - 01217192 _____ (Microsoft Corporation) C:\windows\SysWOW64\FM20.DLL
2014-11-13 11:53 - 2014-12-08 17:20 - 00807568 _____ (COMODO) C:\windows\system32\Drivers\cmdguard.sys
2014-11-13 11:53 - 2014-12-08 17:20 - 00126208 _____ (COMODO) C:\windows\system32\Drivers\inspect.sys
2014-11-13 11:53 - 2014-12-08 17:20 - 00035080 _____ (COMODO) C:\windows\system32\Drivers\cmdhlp.sys
2014-11-13 11:53 - 2014-12-08 17:20 - 00020184 _____ (COMODO) C:\windows\system32\Drivers\cmderd.sys
2014-11-13 11:52 - 2014-12-08 17:20 - 00437792 _____ (COMODO) C:\windows\system32\guard64.dll
2014-11-13 11:52 - 2014-12-08 17:20 - 00354520 _____ (COMODO) C:\windows\system32\cmdvrt64.dll
2014-11-13 11:52 - 2014-12-08 17:20 - 00352272 _____ (COMODO) C:\windows\SysWOW64\guard32.dll
2014-11-13 11:52 - 2014-12-08 17:20 - 00286424 _____ (COMODO) C:\windows\SysWOW64\cmdvrt32.dll
2014-11-13 11:52 - 2014-12-08 17:20 - 00045784 _____ (COMODO) C:\windows\system32\cmdkbd64.dll
2014-11-13 11:52 - 2014-12-08 17:20 - 00040736 _____ (COMODO) C:\windows\system32\cmdcsr.dll
2014-11-13 11:52 - 2014-12-08 17:20 - 00040664 _____ (COMODO) C:\windows\SysWOW64\cmdkbd32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 14:00 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\sru
2014-12-12 14:44 - 2012-07-26 00:28 - 01123376 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-12 14:38 - 2012-07-26 00:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-12 14:37 - 2012-08-01 08:51 - 00032128 _____ () C:\windows\PFRO.log
2014-12-12 13:43 - 2012-07-26 00:59 - 00000000 ____D () C:\windows\CbsTemp
2014-12-12 13:38 - 2012-06-22 05:02 - 00110744 _____ (Qualcomm Atheros Co., Ltd.) C:\windows\system32\Drivers\L1C63x64.sys
2014-12-12 13:37 - 2012-07-26 00:24 - 02207744 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2014-12-12 13:18 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\NDF
2014-12-11 13:40 - 2012-07-25 22:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-12-11 13:39 - 2012-07-26 01:12 - 00000000 ___RD () C:\windows\ToastData
2014-12-11 13:39 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\AppCompat
2014-12-07 13:41 - 2012-07-26 00:21 - 01169488 _____ () C:\windows\setupact.log
2014-12-07 12:11 - 2011-11-28 07:07 - 00122496 _____ (HS Incorporated) C:\windows\system32\Drivers\ghsdiagMDM.sys
2014-12-07 12:11 - 2011-11-10 03:23 - 01919968 _____ (Microsoft Corporation) C:\windows\system32\wdfcoinstaller01005.dll
2014-12-07 12:11 - 2011-03-30 01:21 - 00038424 _____ (Google Inc) C:\windows\system32\Drivers\ghsandroid.sys
2014-12-07 11:17 - 2012-08-01 09:50 - 00000000 ____D () C:\windows\Panther
2014-12-07 10:56 - 2012-07-25 19:26 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\winusb.sys
2014-12-07 10:56 - 2012-07-25 17:49 - 00217088 _____ (Microsoft Corporation) C:\windows\system32\WpdMtp.dll
2014-12-07 10:56 - 2012-07-25 17:49 - 00134656 _____ (Microsoft Corporation) C:\windows\system32\WpdMtpUS.dll
2014-12-05 16:01 - 2014-09-24 08:57 - 00000000 ___HD () C:\$Windows.~BT
2014-12-05 10:25 - 2012-07-26 01:13 - 00005035 _____ () C:\windows\DtcInstall.log
2014-12-04 11:35 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-04 09:59 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\Registration
2014-12-02 16:54 - 2012-09-12 05:43 - 02723216 _____ (Hewlett-Packard Co.) C:\windows\system32\HPScanTRDrv_OJ6600.dll
2014-12-02 16:54 - 2012-09-12 05:43 - 00623504 _____ (Hewlett-Packard) C:\windows\system32\HPWia2_OJ6600.dll
2014-12-02 16:54 - 2012-09-12 05:43 - 00332176 _____ (Hewlett-Packard Co.) C:\windows\system32\hpinksts5D12LM.dll
2014-12-02 16:54 - 2012-09-12 05:43 - 00270224 _____ (Hewlett-Packard Co.) C:\windows\system32\hpinkcoi5D12.dll
2014-12-02 13:22 - 2012-07-25 22:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-12-02 12:43 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-11-28 12:12 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\WinStore
2014-11-28 12:12 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\SecureBootUpdates
2014-11-28 12:05 - 2012-07-25 22:26 - 00000167 _____ () C:\windows\win.ini
2014-11-26 12:31 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-26 12:31 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-26 12:31 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-11-26 12:30 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-26 12:30 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-26 12:30 - 2012-07-26 01:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-26 12:30 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-26 12:30 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-26 12:30 - 2012-07-26 00:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-11-25 14:23 - 2013-08-22 05:40 - 00040664 _____ (The OpenVPN Project) C:\windows\system32\Drivers\tap0901.sys
2014-11-21 12:14 - 2012-07-25 22:37 - 00000000 ____D () C:\windows\servicing
2014-11-21 12:10 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-11-21 12:10 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-11-21 12:10 - 2012-07-25 22:38 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-11-21 12:10 - 2012-07-25 22:38 - 00000000 ____D () C:\windows\system32\Dism
2014-11-21 11:30 - 2012-07-26 00:52 - 00000000 ____D () C:\windows\ShellNew
2014-11-21 11:05 - 2012-07-25 22:38 - 00000000 ____D () C:\windows\system32\oobe
2014-11-21 10:53 - 2014-10-01 20:54 - 12196712 _____ (Intel Corporation) C:\windows\system32\igd10iumd64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 11815600 _____ (Intel Corporation) C:\windows\SysWOW64\igd10iumd32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 10956576 _____ (Intel Corporation) C:\windows\system32\igdumdim64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 10474536 _____ (Intel Corporation) C:\windows\SysWOW64\igdumdim32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 02023936 _____ (Intel Corporation) C:\windows\system32\igfxcmjit64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 01756160 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmjit32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 01137080 _____ (Intel Corporation) C:\windows\system32\iglhsip64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00734720 _____ (Intel Corporation) C:\windows\system32\MetroIntelGenericUIFramework.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00665088 _____ (Intel Corporation) C:\windows\system32\igfxDH.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00450576 _____ (Intel Corporation) C:\windows\system32\igdmd64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00361984 _____ (Intel Corporation) C:\windows\SysWOW64\igdmd32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00272384 _____ (Intel Corporation) C:\windows\system32\igfxDI.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00223744 _____ () C:\windows\system32\igdde64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00188456 _____ (Intel Corporation) C:\windows\system32\igfxcmrt64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00184320 _____ (Intel Corporation) C:\windows\system32\igfx11cmrt64.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00183808 _____ () C:\windows\SysWOW64\igdde32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00159056 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmrt32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00154624 _____ (Intel Corporation) C:\windows\SysWOW64\igfx11cmrt32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00058368 _____ ( ) C:\windows\system32\igfxDHLib.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00031408 _____ (Intel Corporation) C:\windows\system32\igfxexps.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00030720 _____ (Intel Corporation) C:\windows\SysWOW64\igfxexps32.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00010752 _____ ( ) C:\windows\system32\igfxDILib.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00010240 _____ ( ) C:\windows\system32\igfxEMLib.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00005120 _____ ( ) C:\windows\system32\igfxLHMLibv2_0.dll
2014-11-21 10:53 - 2014-10-01 20:54 - 00005120 _____ ( ) C:\windows\system32\igfxLHMLib.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 22905344 _____ (Intel Corporation) C:\windows\system32\igdfcl64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 17837568 _____ (Intel Corporation) C:\windows\SysWOW64\igdfcl32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 04598392 _____ (Intel Corporation) C:\windows\system32\igdusc64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 03828152 _____ (Intel Corporation) C:\windows\system32\Drivers\igdkmd64.sys
2014-11-21 10:52 - 2014-10-01 20:54 - 03663128 _____ (Intel Corporation) C:\windows\SysWOW64\igdusc32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 01677824 _____ (Intel Corporation) C:\windows\system32\igdrcl64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 01555456 _____ (Intel Corporation) C:\windows\SysWOW64\igdrcl32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 01132960 _____ (Intel Corporation) C:\windows\SysWOW64\iglhsip32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00372736 _____ (Intel Corporation) C:\windows\system32\igfxOSP.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00358912 _____ (Intel Corporation) C:\windows\system32\IntelOpenCL64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00330240 _____ (Intel Corporation) C:\windows\system32\igdbcl64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00294912 _____ (Intel Corporation) C:\windows\SysWOW64\IntelOpenCL32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00291328 _____ (Intel Corporation) C:\windows\SysWOW64\igdbcl32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00254976 _____ () C:\windows\system32\igfxCPL.cpl
2014-11-21 10:52 - 2014-10-01 20:54 - 00250368 _____ (Intel Corporation) C:\windows\system32\igfxLHM.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00218808 _____ (Intel Corporation) C:\windows\system32\iglhcp64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00214016 _____ (Intel Corporation) C:\windows\system32\igfxDTCM.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00183800 _____ (Intel Corporation) C:\windows\SysWOW64\iglhcp32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00183296 _____ (Intel Corporation) C:\windows\system32\igfxCoIn_v3958.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00160256 _____ () C:\windows\system32\igdail64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00143360 _____ () C:\windows\SysWOW64\igdail32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00070144 _____ () C:\windows\system32\igfxCUIServicePS.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00069632 _____ ( ) C:\windows\system32\igfxDHLibv2_0.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00064000 _____ (Khronos Group) C:\windows\system32\Intel_OpenCL_ICD64.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\Intel_OpenCL_ICD32.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00010240 _____ ( ) C:\windows\system32\igfxEMLibv2_0.dll
2014-11-21 10:52 - 2014-10-01 20:54 - 00010240 _____ ( ) C:\windows\system32\igfxDILibv2_0.dll
2014-11-21 10:51 - 2014-10-01 20:54 - 08401408 _____ (Intel Corporation) C:\windows\system32\ig7icd64.dll
2014-11-21 10:51 - 2014-10-01 20:54 - 06553600 _____ (Intel Corporation) C:\windows\SysWOW64\ig7icd32.dll
2014-11-21 10:51 - 2014-10-01 20:54 - 00504208 _____ (Intel Corporation) C:\windows\system32\igfxEM.exe
2014-11-21 10:51 - 2014-10-01 20:54 - 00448912 _____ (Intel Corporation) C:\windows\system32\igfxTray.exe
2014-11-21 10:51 - 2014-10-01 20:54 - 00319376 _____ (Intel Corporation) C:\windows\system32\igfxCUIService.exe
2014-11-21 10:51 - 2014-10-01 20:54 - 00281488 _____ (Intel Corporation) C:\windows\SysWOW64\IntelCpHeciSvc.exe
2014-11-21 10:51 - 2014-10-01 20:54 - 00246672 _____ (Intel Corporation) C:\windows\system32\igfxHK.exe
2014-11-21 10:51 - 2014-10-01 20:54 - 00193936 _____ (Intel Corporation) C:\windows\system32\igfxext.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 04354448 _____ (Intel Corporation) C:\windows\system32\Gfxv4_0.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 04350864 _____ (Intel Corporation) C:\windows\system32\Gfxv2_0.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 00932752 _____ (Intel Corporation) C:\windows\system32\GfxUIEx.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 00546704 _____ (Intel Corporation) C:\windows\system32\DPTopologyApp.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 00546192 _____ (Intel Corporation) C:\windows\system32\DPTopologyAppv2_0.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 00400272 _____ (Intel Corporation) C:\windows\system32\CustomModeApp.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 00399760 _____ (Intel Corporation) C:\windows\system32\CustomModeAppv2_0.exe
2014-11-21 10:51 - 2014-10-01 20:53 - 00155536 _____ (Intel Corporation) C:\windows\system32\difx64.exe
2014-11-21 10:44 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\LiveKernelReports
2014-11-20 16:19 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\restore
2014-11-20 13:10 - 2012-07-26 01:13 - 00262144 _____ () C:\windows\system32\config\BCD-Template
2014-11-20 13:10 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\Web
2014-11-20 13:10 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\Help
2014-11-20 13:10 - 2012-07-25 22:37 - 00000000 ___HD () C:\Users\Default
2014-11-20 12:42 - 2012-07-26 01:12 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2014-11-20 12:41 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\rescache
2014-11-20 12:19 - 2012-07-25 22:38 - 00000000 ____D () C:\windows\system32\Sysprep

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-12 13:25

==================== End Of Log ============================



#11 consultantbis

consultantbis
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 13 December 2014 - 04:28 PM

Okay, sorry I ran the aswMBR.exe and forgot to attach so I will post both scans.

Attached Files



#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,541 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:18 PM

Posted 14 December 2014 - 08:53 AM

Persistent (BIOS/Firmware?) Virus, spyware, malware.


Your Master Boot Record is clean.

This problem is not related to malware and fixing the BIOS is not my forte.

I suggest you start a new topic in the Internal Hardware forum

http://www.bleepingcomputer.com/forums/f/7/internal-hardware/

Someone can help you better than I can.

#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,541 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:18 PM

Posted 19 December 2014 - 09:21 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users