Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with malware from OLD laptop - desperate


  • This topic is locked This topic is locked
86 replies to this topic

#1 Computer_Idiot_

Computer_Idiot_

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 06 December 2014 - 07:55 AM

I used my old laptop to occasionally browse the mainstream adult tube sites as I thought they were trustworthy and secure. That laptop was protected by superantispyware, malwarebytes, AVG and ZoneAlarm (all free versions).

I am a bit paranoid anyway as others had used credit cards on that laptop and I didn't want to compromise them so used to run a superantispyware once or twice a day. It used to show removal of 40-80 adware which it was were not harmful but could be used to track activity.

The other day I was thrown to  random site and thought "I don't like this." I ran a Malwarebytes and it showed 2 PUPs. I quarantined them. After this, I rest factory settings (Windows 8.1) believing it would overwrite any problem.
Upon reboot I reinstalled the free versions of Malwarebytes, ZoneAlarm, AVG and superantispyware. Malwarebytes showed 160-something issues.

I also kept getting a message that Malwarebytes had blocked a risky connection to bim.yaarop.com.

I quarantined, ran AVG, isolated and superantispyware and removed any issues. I also reset my router several times.

I then decided to buy another laptop (in the belief it would be virus/malware free) which has a free trial of McAfee Live 2015 and a free year's sub to McAfee Internet Security 2015.

I still downloaded Malwarebytes and ran it. It showed 315 issues!! I also recognised some of them as being the same as afflicting my OLD laptop, like TV Wizard A PUP.

I phoned the McAfee helpline and they passed me to iYogi. I paid for technical support whereby a technician, in real time, attempts to cleanup your computer. 2 attempts from iYogi (and an attempt to seel me more security software I simply cannot afford after the new laptop and iYgi subscription) and I am still getting advert popups, popovers and keep being thrown to a consumer survey site.
McAfee also keeps blocking a connection attempt by "http://bim.yaarop.com/pop.1.1.0121?inject_domain=n...

I cannot shift these issues.

 

One thing which worries me is over the last few days I had a disagreement on Twitter woth someone who described themselves as an 'Internet Pirate'. Has this person got my IP address and unleashed a load of rubbish on me? If so, has he been able to access either my old or current laptops, the credit card details, internet history and personal emails from the old one?

I am literally sick with worry. I have had a parent die over the past few weeks and feel that this is tipping me over.
  
  



BC AdBot (Login to Remove)

 


#2 satchfan

satchfan

  • Malware Response Team
  • 2,937 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:01:33 AM

Posted 06 December 2014 - 09:01 AM

Hello Computer_Idiot_ and welcome to the Bleeping Computer forum.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

  • please follow all instructions in the order posted
  • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
  • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
  • if you don't understand something, please don't hesitate to ask for clarification before proceeding
  • the fixes are specific to your problem and should only be used for this issue on this machine.
  • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested


We’ll check your computer for malware and see where that takes us. If there still appears to be a problem I’ll give you a link to another forum where they know more about Internet-related issues.

===================================================

Note: Please run these in the order given in the instructions.

===================================================

Download and run AdwCleaner

Download AdwCleaner from here and save it to your desktop.


  • run AdwCleaner
  • when it has finished, select Clean
  • if it asks to reboot, allow the reboot
  • on reboot a log will be produced; please attach the content of the log to your next reply.

===================================================

Run RogueKiller

IMPORTANT: Please remove any usb or external drives from the computer before you run this scan!

Close all running programs.


Download RogueKiller to your desktop

  • close all running programs
  • for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
  • when the pre-scan is finished, click on Scan
  • click on Report and copy/paste the content in your next post
  • NOTE: DO NOT attempt to remove anything that the scan detects –everything that is reported is not necessarily bad

If the program is blocked, continue to try it several times. If it still doesn’t work, (it could happen), rename it to winlogon.exe.

Please post the contents of the RKreport.txt in your next reply.

===================================================

Run Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.
 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • press Scan button
  • it will produce a log called FRST.txt in the same directory the tool is run from
  • please copy and paste log back here.
  • the first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Logs to include with next post:

AdwCleaner log
RKreport.txt
FRST.txt
Addition.txt


Thanks

Satchfan

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#3 Computer_Idiot_

Computer_Idiot_
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 07 December 2014 - 08:00 AM

Hi Satchfan - I have your advise to the iYogi technicians - they are better equipped than me to do this, but thank you SO, SO much for taking the time to advise. If they fail, I ill have a go at doing what you suggest, myself...

 

By the way, I am a huge Satriani fan, if that is what your username corresponds to. He's the best.



#4 satchfan

satchfan

  • Malware Response Team
  • 2,937 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:01:33 AM

Posted 07 December 2014 - 09:06 AM

2 attempts from iYogi (and an attempt to seel me more security software I simply cannot afford after the new laptop and iYgi subscription) and I am still getting advert popups, popovers and keep being thrown to a consumer survey site

This would suggest that they don't know what they are looking for.
 

I have your advise to the iYogi technicians - they are better equipped than me to do this

Anyone is capable of following the instructions to run the scans - my fear is that if iYogi didn't know how to fix it, then they won't know what is good and bad in logs, (which could be VERY dangerous and could reduce your computer to a doorstop. Some things, (especially what is flagged in RogueKiller), are not bad even tough they are flagged.

Although you have paid for their support, they are not trained in the use of these malware tools, (otherwise they would have previously known to use them for diagnosis, knowing the symptoms your pc is showing).

The choice is yours.

I'll leave this topic open for 24 hours after which I'll assume that you no longer require our help and close the topic.

BTW, I will not continue to give instructions for you to pass on to iYogi. My instructions are not complicated and if you don't understand something, you could always ask.

Regards

Satchfan

PS Yes, I'm a "Satch" fan. Great, great guitarist.


Edited by satchfan, 07 December 2014 - 09:09 AM.

My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#5 Computer_Idiot_

Computer_Idiot_
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 07 December 2014 - 02:19 PM

I understand. I shall have a go and post what I think are the logs for each of the steps above (yes, I really AM this thick).

 

I did worry that posting such info here would leave me vulnerable to another attack. That was a stupid notion, you wouldn't ask me to do this if that was the case. I shall have a go.

 

Thanks for your help, really is appreciated. Let's hope I am Surfin' With The Aliens sfatefly and securely, soon! :-)



#6 satchfan

satchfan

  • Malware Response Team
  • 2,937 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:01:33 AM

Posted 07 December 2014 - 04:38 PM

OK, I'll wait to hear from you. :guitar:


Edited by satchfan, 07 December 2014 - 04:39 PM.

My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#7 Computer_Idiot_

Computer_Idiot_
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 07 December 2014 - 06:32 PM

Thanks!  :guitar: Here goes...

 

# AdwCleaner v4.104 - Report created 07/12/2014 at 23:26:00
# Updated 05/12/2014 by Xplode
# Database : 2014-12-07.1 [Live]
# Operating System : Windows 8.1 Connected  (64 bits)
# Username : [REDACTED BY ME - EMBRASSING!!!]
# Running from : C:\Users\Another\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v39.0.2171.71
 
 
*************************
 
AdwCleaner[R0].txt - [1425 octets] - [07/12/2014 23:21:39]
AdwCleaner[S0].txt - [1218 octets] - [07/12/2014 23:26:00]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1278 octets] ##########


#8 Computer_Idiot_

Computer_Idiot_
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 07 December 2014 - 06:55 PM

# AdwCleaner v4.104 - Report created 07/12/2014 at 23:26:00
# Updated 05/12/2014 by Xplode
# Database : 2014-12-07.1 [Live]
# Operating System : Windows 8.1 Connected  (64 bits)
# Username : Another - ANOTHERLAPTOP
# Running from : C:\Users\Another\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v39.0.2171.71
 
 
*************************
 
AdwCleaner[R0].txt - [1425 octets] - [07/12/2014 23:21:39]
AdwCleaner[S0].txt - [1218 octets] - [07/12/2014 23:26:00]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1278 octets] ##########


#9 Computer_Idiot_

Computer_Idiot_
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 07 December 2014 - 07:11 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 02
Ran by Another (administrator) on ANOTHERLAPTOP on 08-12-2014 00:00:32
Running from C:\Users\Another\Downloads
Loaded Profile: Another (Available profiles: Another)
Platform: Windows 8.1 Connected (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Program Files (x86)\iYogi\iPNA\iPNA.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\iYogi Support Dock\iYogiSupportDock.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
() C:\Users\Another\Downloads\RogueKiller (1).exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe
(Farbar) C:\Users\Another\Downloads\FRST64 (1).exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-04] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-05] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [iYogi Support Dock] => C:\Program Files (x86)\iYogi Support Dock\iYogiSupportDock.exe [3272568 2013-09-06] ()
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3407545677-2617054877-1428467917-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3407545677-2617054877-1428467917-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3407545677-2617054877-1428467917-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3407545677-2617054877-1428467917-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://toshiba.eu/symbaloo_c
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TEJB
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://toshiba.eu/symbaloo_c
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.iyogi.net
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3407545677-2617054877-1428467917-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3407545677-2617054877-1428467917-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3407545677-2617054877-1428467917-1001 -> {E0776C3B-A44B-41F4-8F23-89F9D1D6BEF5} URL = 
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - iYogiPMToolbar - {CF729B85-4F13-45E7-A1EF-75A32EDBD532} - C:\Program Files (x86)\iYogi\iYogiPasswordManager\iYogiPMToolbar.dll ()
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [iYogi@iYogi.com] - C:\Program Files (x86)\iYogi\iYogiPasswordManager\iYogiPassMgr.xpi
FF Extension: iYogi Password Manager - C:\Program Files (x86)\iYogi\iYogiPasswordManager\iYogiPassMgr.xpi [2013-06-26]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-12-05]
FF HKU\S-1-5-21-3407545677-2617054877-1428467917-1001\...\Firefox\Extensions: [{057B20D0-77D0-4B79-FED0-E90955D9C7CC}] - C:\Program Files (x86)\ver4SpeedCheck\184.xpi
 
Chrome: 
=======
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-05]
CHR Extension: (Google Drive) - C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-05]
CHR Extension: (YouTube) - C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-05]
CHR Extension: (Adblock Plus) - C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-06]
CHR Extension: (Google Search) - C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-05]
CHR Extension: (iYogi Password Manager) - C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpeifmajolhnfocdndkhkpbdiaohpnmg [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-05]
CHR Extension: (Gmail) - C:\Users\Another\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-05]
CHR HKLM-x32\...\Chrome\Extension: [fpeifmajolhnfocdndkhkpbdiaohpnmg] - C:\Program Files (x86)\iYogi\iYogiPasswordManager\ChromeExtension\ChromeToolBar.crx [2013-06-26]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-18] (Windows ® Win 7 DDK provider)
S4 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-25] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
R2 iPNA; C:\Program Files (x86)\iYogi\iPNA\iPNA.exe [26112 2012-06-28] () [File not signed]
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-10-06] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2014-10-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-09-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [184168 2014-05-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S4 SDiManage; C:\Program Files (x86)\SDC\SDiManage\IYogiMonitoringSvc.exe [25048 2012-09-05] ()
S4 SupportDockService.exe; C:\Program Files (x86)\iYogi Support Dock\Services\CommAgent\SupportDockService.exe [78336 2013-09-06] (iYogi Technical Services) [File not signed]
S4 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-12-24] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S3 McAWFwk; c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [67808 2014-05-20] (Mozy, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-10] (Windows ® Win 7 DDK provider)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-12-07] ()
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 webinstrNewH; C:\Windows\system32\Drivers\webinstrNewH.sys [106456 2014-12-05] (Corsica)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-08 00:00 - 2014-12-08 00:02 - 00016998 _____ () C:\Users\Another\Downloads\FRST.txt
2014-12-08 00:00 - 2014-12-08 00:00 - 00000000 ____D () C:\FRST
2014-12-07 23:59 - 2014-12-07 23:59 - 02119680 _____ (Farbar) C:\Users\Another\Downloads\FRST64 (1).exe
2014-12-07 23:58 - 2014-12-07 23:58 - 01111040 _____ (Farbar) C:\Users\Another\Downloads\FRST.exe
2014-12-07 23:56 - 2014-12-07 23:56 - 02119680 _____ (Farbar) C:\Users\Another\Downloads\FRST64.exe
2014-12-07 23:36 - 2014-12-07 23:37 - 15196248 _____ () C:\Users\Another\Downloads\RogueKiller (1).exe
2014-12-07 23:34 - 2014-12-07 23:34 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-12-07 23:34 - 2014-12-07 23:34 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-12-07 23:33 - 2014-12-07 23:33 - 15196248 _____ () C:\Users\Another\Downloads\RogueKiller.exe
2014-12-07 23:21 - 2014-12-07 23:26 - 00000000 ____D () C:\AdwCleaner
2014-12-07 23:21 - 2014-12-07 23:21 - 02153472 _____ () C:\Users\Another\Downloads\AdwCleaner.exe
2014-12-07 16:46 - 2014-12-07 16:46 - 00000000 __SHD () C:\Users\Another\AppData\Local\EmieBrowserModeList
2014-12-06 21:30 - 2014-11-20 20:51 - 00714208 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-06 21:30 - 2014-11-20 20:51 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-06 20:53 - 2014-12-06 21:36 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-12-06 20:53 - 2014-12-06 20:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-06 19:31 - 2014-04-14 03:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-12-06 19:25 - 2014-08-15 00:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-12-06 19:25 - 2014-07-30 01:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-12-06 19:25 - 2014-07-29 05:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-12-06 19:25 - 2014-03-20 04:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-12-06 19:25 - 2014-03-20 03:41 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-12-06 19:25 - 2014-03-20 00:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-12-06 19:25 - 2014-03-20 00:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2014-12-06 19:25 - 2014-03-19 23:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-12-06 19:25 - 2014-03-19 23:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-12-06 19:25 - 2014-03-19 23:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2014-12-06 19:25 - 2014-03-13 12:35 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2014-12-06 19:25 - 2014-03-11 15:18 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-12-06 19:25 - 2014-03-11 14:28 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-12-06 19:25 - 2014-03-08 20:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-12-06 19:25 - 2014-03-08 15:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2014-12-06 19:25 - 2014-03-08 11:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-12-06 19:25 - 2014-03-08 08:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-12-06 19:25 - 2014-03-08 07:53 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-12-06 19:25 - 2014-03-08 07:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2014-12-06 19:25 - 2014-03-08 07:12 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-12-06 19:25 - 2014-03-08 07:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-12-06 19:25 - 2014-03-08 06:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2014-12-06 19:25 - 2014-03-08 06:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-12-06 19:25 - 2014-03-08 06:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-12-06 19:25 - 2014-03-08 06:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-12-06 19:25 - 2014-03-08 05:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-12-06 19:25 - 2014-03-08 05:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-12-06 19:25 - 2014-03-06 12:51 - 00488280 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-12-06 19:25 - 2014-03-06 11:19 - 00390488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-12-06 19:25 - 2014-03-06 09:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-12-06 19:25 - 2014-03-06 06:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-12-06 19:25 - 2014-03-06 06:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-12-06 19:25 - 2014-03-06 06:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2014-12-06 19:25 - 2014-03-04 12:14 - 00360512 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-12-06 19:25 - 2014-03-04 11:10 - 00355832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-12-06 19:25 - 2014-03-04 07:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2014-12-06 19:25 - 2014-03-04 06:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-12-06 19:25 - 2014-03-04 06:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-12-06 19:24 - 2014-03-20 03:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2014-12-06 19:24 - 2014-03-19 05:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2014-12-06 19:24 - 2014-03-19 05:31 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-12-06 19:24 - 2014-03-19 05:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2014-12-06 19:24 - 2014-03-19 05:08 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-12-06 19:24 - 2014-03-08 09:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2014-12-06 19:24 - 2014-03-08 08:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
2014-12-06 19:24 - 2014-03-08 08:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2014-12-06 19:24 - 2014-03-06 14:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-12-06 19:24 - 2014-03-06 14:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-12-06 19:24 - 2014-03-06 11:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2014-12-06 19:24 - 2014-03-06 10:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-12-06 19:24 - 2014-03-06 09:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-12-06 19:24 - 2014-03-06 09:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-12-06 19:24 - 2014-03-06 09:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-12-06 19:24 - 2014-03-06 09:22 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-12-06 19:24 - 2014-03-06 09:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-12-06 19:24 - 2014-03-06 09:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-12-06 19:24 - 2014-03-06 09:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2014-12-06 19:24 - 2014-03-06 08:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2014-12-06 19:24 - 2014-03-06 08:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-12-06 19:24 - 2014-03-06 08:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2014-12-06 19:24 - 2014-03-06 08:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2014-12-06 19:24 - 2014-03-06 07:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-12-06 19:24 - 2014-03-06 07:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2014-12-06 19:24 - 2014-03-06 07:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-12-06 19:24 - 2014-03-06 06:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2014-12-06 19:24 - 2014-03-06 06:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-12-06 19:24 - 2014-03-06 06:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2014-12-06 19:24 - 2014-03-06 06:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2014-12-06 19:24 - 2014-03-06 06:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-12-06 19:24 - 2014-03-06 06:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2014-12-06 19:24 - 2014-03-06 05:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2014-12-06 19:24 - 2014-03-06 05:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-12-06 19:24 - 2014-03-06 05:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-12-06 19:24 - 2014-03-04 07:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-12-06 19:24 - 2014-03-04 07:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-12-06 19:24 - 2014-03-04 07:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-12-06 19:24 - 2014-03-04 06:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2014-12-06 19:24 - 2014-03-04 06:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-12-06 19:24 - 2014-03-04 06:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2014-12-06 19:24 - 2014-03-04 06:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2014-12-06 19:24 - 2014-03-04 06:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2014-12-06 19:24 - 2014-03-04 06:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-12-06 19:24 - 2014-03-04 06:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2014-12-06 19:24 - 2014-03-04 05:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-12-06 19:24 - 2014-03-04 05:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2014-12-06 19:24 - 2013-12-23 23:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-12-06 19:24 - 2013-12-23 23:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2014-12-06 19:22 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-12-06 19:22 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-12-06 19:22 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-12-06 19:22 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-12-06 19:22 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-12-06 19:22 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2014-12-06 19:22 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2014-12-06 19:12 - 2014-12-06 19:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-06 19:12 - 2014-10-31 23:26 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-06 18:59 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-12-06 18:59 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-12-06 18:59 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-06 18:59 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-12-06 18:59 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-06 18:58 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-12-06 18:58 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-12-06 18:58 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-12-06 18:58 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-12-06 18:58 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-12-06 18:58 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-12-06 18:58 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-12-06 18:58 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-12-06 18:58 - 2014-06-16 22:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-12-06 18:58 - 2014-06-16 22:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-12-06 18:58 - 2014-03-13 07:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-12-06 18:58 - 2014-03-13 06:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-12-06 18:39 - 2014-07-15 18:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-12-06 18:39 - 2014-07-15 08:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-12-06 18:39 - 2014-07-15 08:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-12-06 18:39 - 2014-07-15 08:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-12-06 18:38 - 2014-08-02 00:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-12-06 18:38 - 2014-06-13 01:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-12-06 18:38 - 2014-06-13 01:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-12-06 18:38 - 2014-06-13 00:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-12-06 18:38 - 2014-06-06 11:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-12-06 18:38 - 2014-03-06 12:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-12-06 18:38 - 2014-03-06 12:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-12-06 18:38 - 2014-03-06 12:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-12-06 18:38 - 2014-03-06 11:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-12-06 18:38 - 2014-03-06 06:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-12-06 18:37 - 2014-08-07 02:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-12-06 18:37 - 2014-08-02 03:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-12-06 18:37 - 2014-06-20 01:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-12-06 18:37 - 2014-06-19 23:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-12-06 18:37 - 2014-05-30 03:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-12-06 18:36 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-12-06 18:36 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-12-06 18:36 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-12-06 18:36 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-12-06 18:36 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-12-06 18:36 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-12-06 18:36 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-12-06 18:36 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-12-06 18:36 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-12-06 18:36 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-12-06 18:36 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-12-06 18:36 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-12-06 18:36 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-12-06 18:35 - 2014-04-11 03:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-12-06 18:35 - 2014-04-11 02:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-12-06 18:32 - 2014-10-18 09:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-06 18:32 - 2014-10-18 08:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-12-06 18:32 - 2014-10-18 08:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-12-06 18:32 - 2014-10-18 07:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-12-06 18:32 - 2014-10-18 06:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-12-06 18:32 - 2014-10-18 06:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-06 18:32 - 2014-10-18 06:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-06 18:32 - 2014-10-18 06:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-06 18:32 - 2014-10-18 06:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-12-06 18:32 - 2014-10-18 06:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-12-06 18:32 - 2014-10-18 06:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-12-06 18:32 - 2014-10-18 06:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-06 18:32 - 2014-10-18 06:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-12-06 18:32 - 2014-10-18 06:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-12-06 18:32 - 2014-10-18 06:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-12-06 18:32 - 2014-10-18 06:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-12-06 18:32 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-12-06 18:32 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-12-06 18:32 - 2014-08-23 07:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-12-06 18:32 - 2014-08-23 07:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-12-06 18:32 - 2014-08-23 06:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-12-06 18:32 - 2014-08-23 05:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-12-06 18:32 - 2014-08-23 04:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-12-06 18:32 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-12-06 18:32 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-12-06 18:32 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-06 18:32 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-12-06 18:32 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-12-06 18:32 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-06 18:32 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-12-06 18:32 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-12-06 18:32 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-06 18:32 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-12-06 18:32 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-12-06 18:32 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-12-06 18:32 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-06 18:32 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-12-06 18:32 - 2014-07-24 15:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-12-06 18:32 - 2014-07-24 11:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-12-06 18:31 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-06 18:31 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-12-06 18:31 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-12-06 18:31 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-12-06 18:31 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-12-06 18:31 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-12-06 18:31 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-12-06 18:31 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-12-06 18:31 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-12-06 18:31 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-12-06 18:31 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-12-06 18:31 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-12-06 18:31 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-12-06 18:31 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-12-06 18:31 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-12-06 18:31 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-12-06 18:31 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-12-06 18:31 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-12-06 18:31 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-12-06 18:31 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-12-06 18:31 - 2014-07-24 11:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-12-06 18:31 - 2014-07-24 10:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-12-06 18:31 - 2014-07-24 09:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-12-06 18:31 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-12-06 18:31 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-12-06 18:31 - 2014-05-19 06:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-12-06 18:31 - 2014-05-19 06:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-12-06 18:31 - 2014-05-19 05:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-12-06 18:31 - 2014-03-06 09:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-12-06 18:30 - 2014-10-31 05:28 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-06 18:30 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-06 18:30 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-06 18:30 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-06 18:30 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-06 18:30 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-06 18:30 - 2014-10-31 05:06 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-06 18:30 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-06 18:30 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-06 18:30 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-06 18:30 - 2014-10-31 05:05 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-06 18:30 - 2014-10-31 05:05 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-06 18:30 - 2014-10-31 05:04 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-06 18:30 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-06 18:30 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-06 18:30 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-06 18:30 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-06 18:30 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2014-12-06 18:30 - 2014-10-31 04:51 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-06 18:30 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-06 18:30 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-06 18:30 - 2014-10-31 04:50 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-06 18:30 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-06 18:30 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-06 18:30 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-06 18:30 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-06 18:30 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-06 18:30 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-06 18:30 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-06 18:30 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-06 18:30 - 2014-10-31 04:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-06 18:30 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-06 18:30 - 2014-10-31 04:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-06 18:30 - 2014-10-31 04:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-06 18:30 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-06 18:30 - 2014-10-31 04:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-06 18:30 - 2014-10-31 04:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-06 18:30 - 2014-10-31 04:06 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-06 18:30 - 2014-10-31 04:05 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-06 18:30 - 2014-10-31 04:05 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-06 18:30 - 2014-10-31 04:03 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-06 18:30 - 2014-10-31 03:59 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-06 18:30 - 2014-10-31 03:45 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-06 18:30 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-12-06 18:30 - 2014-10-31 03:42 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-06 18:30 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-06 18:30 - 2014-10-31 03:32 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-06 18:30 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-12-06 18:30 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-06 18:30 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-12-06 18:30 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-12-06 18:30 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-06 18:30 - 2014-10-31 03:24 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-06 18:30 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-06 18:30 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-06 18:30 - 2014-10-31 03:23 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-06 18:30 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-06 18:30 - 2014-10-31 03:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-06 18:30 - 2014-10-31 03:20 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-06 18:30 - 2014-10-31 03:18 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-06 18:30 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-06 18:30 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-06 18:30 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-06 18:30 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-06 18:30 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2014-12-06 18:30 - 2014-10-31 03:12 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-06 18:30 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-06 18:30 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-06 18:30 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-12-06 18:30 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-06 18:30 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-06 18:30 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-12-06 18:30 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-06 18:30 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-12-06 18:30 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-06 18:30 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-06 18:30 - 2014-10-31 02:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-06 18:30 - 2014-10-31 02:51 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-06 18:30 - 2014-10-31 02:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-06 18:30 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-12-06 18:30 - 2014-10-31 02:46 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-06 18:30 - 2014-10-31 02:46 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-06 18:30 - 2014-10-31 02:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-06 18:30 - 2014-10-31 02:40 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-06 18:30 - 2014-10-31 02:40 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-06 18:30 - 2014-10-31 02:39 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-06 18:30 - 2014-10-31 02:30 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-06 18:30 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-12-06 18:30 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-12-06 18:30 - 2014-10-31 02:17 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-06 18:30 - 2014-10-31 02:13 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-06 18:30 - 2014-10-31 02:11 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-06 18:30 - 2014-10-07 06:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-12-06 18:30 - 2014-10-07 06:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-12-06 18:30 - 2014-10-07 06:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-12-06 18:30 - 2014-10-07 06:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-12-06 18:30 - 2014-10-07 06:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-12-06 18:30 - 2014-10-07 03:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-12-06 18:30 - 2014-10-07 03:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-12-06 18:30 - 2014-10-07 03:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-12-06 18:30 - 2014-10-07 01:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-12-06 18:30 - 2014-10-07 01:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-12-06 18:30 - 2014-05-03 05:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-12-06 18:30 - 2014-05-03 05:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-12-06 18:30 - 2014-05-03 05:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-12-06 18:30 - 2014-05-03 05:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-12-06 18:30 - 2014-05-03 04:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-12-06 18:30 - 2014-05-03 04:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-12-06 18:30 - 2014-05-03 04:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-12-06 18:30 - 2014-05-02 23:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-12-06 18:30 - 2014-04-30 06:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-12-06 18:30 - 2014-04-30 06:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-12-06 18:30 - 2014-04-30 06:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-12-06 18:30 - 2014-04-30 06:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-12-06 18:30 - 2014-04-30 05:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-12-06 18:30 - 2014-04-30 04:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-12-06 18:30 - 2014-04-30 04:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-12-06 18:30 - 2014-04-30 04:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-12-06 18:30 - 2014-04-30 04:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-12-06 18:30 - 2014-04-30 04:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-12-06 18:30 - 2014-04-30 04:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-12-06 18:30 - 2014-04-30 03:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-12-06 18:30 - 2014-04-30 03:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-12-06 18:30 - 2014-04-30 03:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-12-06 18:30 - 2014-04-30 03:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-12-06 18:30 - 2014-04-30 03:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-12-06 18:30 - 2014-04-30 03:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-12-06 18:30 - 2014-04-28 22:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-12-06 18:30 - 2014-04-26 22:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-12-06 18:30 - 2014-04-26 20:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-12-06 18:30 - 2014-04-26 16:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-12-06 18:30 - 2014-04-14 09:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-12-06 18:30 - 2014-04-14 08:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-12-06 18:30 - 2014-04-14 05:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-12-06 18:30 - 2014-04-09 06:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-12-06 18:30 - 2014-04-09 05:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-12-06 18:30 - 2014-03-08 20:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-12-06 18:30 - 2014-03-08 06:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-12-06 18:30 - 2014-03-08 06:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-12-06 18:30 - 2014-03-08 06:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-12-06 18:30 - 2014-03-08 05:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-12-06 18:30 - 2014-02-06 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-06 18:30 - 2014-02-06 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-06 18:30 - 2014-02-06 10:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-06 18:29 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-12-06 18:29 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-12-06 18:29 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-06 18:29 - 2014-06-05 14:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-12-06 18:29 - 2014-06-05 13:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-12-06 18:29 - 2014-06-02 02:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-12-06 18:29 - 2014-05-31 10:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-12-06 18:29 - 2014-05-31 10:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-12-06 18:29 - 2014-05-31 10:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-12-06 18:29 - 2014-05-31 10:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-12-06 18:29 - 2014-05-31 06:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-12-06 18:29 - 2014-05-31 06:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-12-06 18:29 - 2014-05-31 06:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-12-06 18:29 - 2014-05-31 06:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-12-06 18:29 - 2014-05-31 04:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-12-06 18:29 - 2014-05-31 04:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-12-06 18:29 - 2014-05-31 04:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-12-06 18:29 - 2014-05-27 09:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-12-06 18:29 - 2014-05-27 09:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-12-06 18:29 - 2014-05-17 04:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-12-06 18:29 - 2014-05-17 04:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-12-06 18:29 - 2014-04-30 04:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-12-06 18:29 - 2014-04-30 04:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-12-06 18:29 - 2014-04-30 03:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-12-06 18:29 - 2014-04-18 14:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-12-06 18:29 - 2014-04-14 09:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-12-06 18:29 - 2014-04-14 08:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-12-06 18:29 - 2014-04-11 04:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-12-06 18:29 - 2014-04-11 04:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-12-06 18:29 - 2014-04-11 03:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-12-06 18:29 - 2014-04-09 11:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-12-06 18:29 - 2014-04-09 06:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-12-06 18:29 - 2014-04-09 05:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-12-06 18:29 - 2014-04-09 03:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-12-06 18:29 - 2014-04-08 22:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-12-06 18:29 - 2014-04-08 22:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-12-06 18:29 - 2014-04-08 18:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-12-06 18:29 - 2014-04-08 18:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-12-06 18:29 - 2014-04-08 02:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-12-06 18:29 - 2014-04-06 16:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-12-06 18:29 - 2014-04-06 16:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-12-06 18:29 - 2014-04-06 16:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-12-06 18:29 - 2014-04-06 16:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-12-06 18:29 - 2014-04-06 16:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-12-06 18:29 - 2014-04-06 16:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-12-06 18:29 - 2014-04-06 16:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-12-06 18:29 - 2014-04-06 16:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-12-06 18:29 - 2014-04-06 16:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-06 18:29 - 2014-04-06 16:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-12-06 18:29 - 2014-04-06 15:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-12-06 18:29 - 2014-04-06 15:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-12-06 18:29 - 2014-04-06 15:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-12-06 18:29 - 2014-04-06 15:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-12-06 18:29 - 2014-04-06 15:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-12-06 18:29 - 2014-04-06 15:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-06 18:29 - 2014-04-06 15:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-12-06 18:29 - 2014-04-06 12:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-12-06 18:29 - 2014-04-06 10:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-12-06 18:29 - 2014-04-06 10:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-12-06 18:29 - 2014-04-06 10:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-12-06 18:29 - 2014-04-06 09:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-12-06 18:29 - 2014-04-03 08:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-12-06 18:29 - 2014-04-03 04:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-12-06 18:29 - 2014-04-03 02:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-12-06 18:29 - 2014-04-03 02:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-12-06 18:29 - 2014-04-01 06:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-12-06 18:29 - 2014-03-30 22:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-12-06 18:29 - 2014-03-28 15:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-12-06 18:29 - 2014-03-27 06:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-12-06 18:29 - 2014-03-27 05:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-12-06 18:29 - 2014-03-27 04:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-12-06 18:29 - 2014-03-27 03:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-12-06 18:29 - 2014-03-27 03:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-12-06 18:29 - 2014-03-27 03:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-12-06 18:29 - 2014-03-20 03:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-12-06 18:29 - 2014-03-19 08:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-12-06 18:29 - 2014-03-19 05:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-12-06 18:29 - 2014-03-19 05:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-12-06 18:29 - 2014-03-19 05:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-12-06 18:29 - 2014-03-19 05:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-12-06 18:29 - 2014-03-19 04:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-12-06 18:29 - 2014-03-18 08:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-12-06 18:29 - 2014-03-18 05:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-12-06 18:29 - 2014-03-18 04:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-12-06 18:29 - 2014-03-17 05:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-12-06 18:29 - 2014-03-17 04:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-12-06 18:29 - 2014-03-17 03:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-12-06 18:29 - 2014-03-17 02:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-12-06 18:29 - 2014-03-14 06:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-12-06 18:29 - 2014-03-14 06:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-12-06 18:29 - 2014-03-06 12:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-12-06 18:28 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-06 18:28 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-12-06 18:28 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-12-06 18:28 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-12-06 18:28 - 2014-11-04 23:38 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-06 18:28 - 2014-11-04 00:10 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-06 18:28 - 2014-10-31 04:53 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-06 18:28 - 2014-10-31 04:49 - 00537088 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-06 18:28 - 2014-10-31 04:24 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-06 18:28 - 2014-07-10 04:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\lockscreencn.dll
2014-12-06 18:28 - 2014-04-18 09:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-12-06 18:28 - 2014-04-06 16:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-12-06 18:28 - 2014-04-06 16:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-06 18:28 - 2014-04-06 12:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-12-06 18:28 - 2014-04-06 12:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-12-06 18:28 - 2014-04-06 12:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-12-06 18:28 - 2014-04-06 12:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-12-06 18:28 - 2014-04-06 11:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-12-06 18:28 - 2014-04-03 08:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-12-06 18:28 - 2014-04-03 04:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-12-06 18:28 - 2014-04-03 02:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-12-06 18:28 - 2014-04-03 02:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-12-06 18:28 - 2014-03-31 00:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-12-06 18:28 - 2014-03-30 23:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-12-06 18:28 - 2014-03-30 22:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-12-06 18:28 - 2014-03-30 22:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-12-06 18:28 - 2014-03-27 04:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-12-06 18:28 - 2014-03-27 04:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-12-06 18:28 - 2014-03-19 08:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-12-06 18:28 - 2014-03-19 07:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-12-06 18:28 - 2014-03-19 07:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-12-06 18:28 - 2014-03-19 05:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-12-06 18:28 - 2014-03-19 04:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-12-06 18:28 - 2014-03-06 09:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2014-12-06 18:28 - 2014-03-06 08:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-12-06 18:28 - 2014-01-27 18:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-12-06 18:22 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-12-06 18:22 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-12-06 18:22 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-12-06 18:22 - 2014-09-07 22:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-12-06 18:22 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-12-06 18:22 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-12-06 18:22 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-12-06 18:22 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-12-06 18:22 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-12-06 18:22 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-12-06 18:22 - 2014-09-04 00:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-12-06 18:22 - 2014-09-03 23:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-06 18:22 - 2014-09-03 23:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-06 18:22 - 2014-08-31 00:17 - 00148800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-12-06 18:22 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-12-06 18:22 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-12-06 18:22 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-12-06 18:22 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-12-06 18:22 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-12-06 18:22 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-12-06 18:22 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-12-06 18:22 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-12-06 18:22 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-06 18:22 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-06 18:22 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-12-06 18:22 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-12-06 18:22 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-12-06 18:22 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-12-06 18:22 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-12-06 18:22 - 2014-07-24 11:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-12-06 18:22 - 2014-07-24 09:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-12-06 18:22 - 2014-07-24 09:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-12-06 18:22 - 2014-07-24 08:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-12-06 18:22 - 2014-07-24 08:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-12-06 18:22 - 2014-07-24 07:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-12-06 18:22 - 2014-07-24 07:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-12-06 18:22 - 2014-05-13 07:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-12-06 18:22 - 2014-03-06 06:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-06 18:20 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-12-06 18:20 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-12-06 18:17 - 2014-06-06 13:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-12-06 18:17 - 2014-06-06 12:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-12-06 18:17 - 2014-05-31 10:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-12-06 18:17 - 2014-05-31 02:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-12-06 18:17 - 2014-05-31 02:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-12-06 18:17 - 2014-05-01 13:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-12-06 18:17 - 2014-05-01 05:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-12-06 18:17 - 2014-04-11 08:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-12-06 18:17 - 2014-04-11 05:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-12-06 18:16 - 2014-07-12 04:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-12-06 14:41 - 2014-12-06 13:34 - 00629688 _____ () C:\Users\Another\Desktop\Fix Secured Sites.exe
2014-12-06 14:05 - 2014-12-06 14:07 - 00002165 _____ () C:\rapport.txt
2014-12-06 14:05 - 2014-12-06 14:07 - 00001260 _____ () C:\Windows\SysWOW64\tmp.reg
2014-12-06 14:05 - 2014-12-06 14:07 - 00000000 _____ () C:\Windows\SysWOW64\tmp.txt
2014-12-06 14:05 - 2009-06-02 11:17 - 00075776 _____ () C:\Windows\SysWOW64\WS2Fix.exe
2014-12-06 14:05 - 2008-12-12 01:57 - 00078336 _____ (S!Ri.URZ) C:\Windows\SysWOW64\Agent.OMZ.Fix.exe
2014-12-06 14:05 - 2008-11-29 18:58 - 00082944 _____ (S!Ri.URZ) C:\Windows\SysWOW64\IEDFix.C.exe
2014-12-06 14:05 - 2008-10-01 15:51 - 00087552 _____ (S!Ri.URZ) C:\Windows\SysWOW64\VACFix.exe
2014-12-06 14:05 - 2008-09-20 12:45 - 00080384 _____ (S!Ri.URZ) C:\Windows\SysWOW64\o4Patch.exe
2014-12-06 14:05 - 2008-08-18 12:19 - 00082432 _____ (S!Ri.URZ) C:\Windows\SysWOW64\404Fix.exe
2014-12-06 14:05 - 2008-05-18 21:40 - 00082944 _____ (S!Ri.URZ) C:\Windows\SysWOW64\IEDFix.exe
2014-12-06 14:05 - 2007-09-06 00:22 - 00289144 _____ (S!Ri) C:\Windows\SysWOW64\VCCLSID.exe
2014-12-06 14:05 - 2006-12-01 06:20 - 00079360 _____ (SteelWerX) C:\Windows\SysWOW64\swxcacls.exe
2014-12-06 14:05 - 2006-08-29 19:43 - 00135168 _____ (SteelWerX) C:\Windows\SysWOW64\swreg.exe
2014-12-06 14:05 - 2006-04-27 17:49 - 00288417 _____ (S!Ri) C:\Windows\SysWOW64\SrchSTS.exe
2014-12-06 14:05 - 2006-01-09 10:36 - 00040960 _____ () C:\Windows\SysWOW64\swsc.exe
2014-12-06 14:05 - 2004-07-31 18:50 - 00051200 _____ () C:\Windows\SysWOW64\dumphive.exe
2014-12-06 14:05 - 2003-06-05 21:13 - 00053248 _____ (http://www.beyondlogic.org) C:\Windows\SysWOW64\Process.exe
2014-12-06 13:58 - 2014-12-06 13:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\Another\Downloads\HijackThis (2).exe
2014-12-06 13:53 - 2014-12-06 13:53 - 00341368 _____ () C:\Users\Another\Downloads\Unconfirmed 223005.crdownload
2014-12-06 13:52 - 2014-12-06 13:52 - 00388608 _____ (Trend Micro Inc.) C:\Users\Another\Downloads\HijackThis (1).exe
2014-12-06 13:49 - 2014-12-06 13:59 - 00008192 _____ () C:\Users\Another\Downloads\hijackthis.log
2014-12-06 13:49 - 2014-12-06 13:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Another\Downloads\HijackThis.exe
2014-12-06 13:31 - 2014-12-06 13:32 - 00000000 ____D () C:\iYogi
2014-12-06 13:12 - 2014-12-06 13:12 - 00001136 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-06 13:12 - 2014-12-06 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-12-06 13:12 - 2014-12-06 13:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-12-06 13:12 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-06 13:05 - 2014-12-06 13:05 - 02153472 _____ () C:\Users\Another\Downloads\adwcleaner_4.104 (1).exe
2014-12-06 01:37 - 2014-12-06 15:16 - 00000215 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-12-06 01:36 - 2014-12-06 01:36 - 00003103 _____ () C:\Users\Another\Desktop\iYogiPasswordManager.lnk
2014-12-06 01:36 - 2014-12-06 01:36 - 00003063 _____ () C:\Users\Another\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iYogiPasswordManager.lnk
2014-12-06 01:36 - 2014-12-06 01:36 - 00000000 ____D () C:\ProgramData\XDMessaging
2014-12-06 01:35 - 2014-12-06 01:35 - 00002611 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPNA.lnk
2014-12-06 00:31 - 2014-12-06 00:31 - 00000000 ____D () C:\Windows\pss
2014-12-06 00:11 - 2014-12-06 00:11 - 00000681 _____ () C:\Windows\setupact.log
2014-12-06 00:11 - 2014-12-06 00:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-12-06 00:11 - 2014-12-06 00:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-05 23:50 - 2014-12-05 23:50 - 00000000 ____D () C:\Users\Another\AppData\Roaming\IObit
2014-12-05 20:16 - 2014-12-05 20:16 - 00000000 ____D () C:\ProgramData\Sun
2014-12-05 20:16 - 2014-12-05 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-05 20:16 - 2014-12-05 20:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-05 20:15 - 2014-12-05 20:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-05 20:15 - 2014-12-05 20:15 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-05 20:14 - 2014-12-05 20:14 - 00001947 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-12-05 20:14 - 2014-12-05 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-12-05 20:14 - 2014-12-05 20:14 - 00000000 ____D () C:\Program Files (x86)\McAfeeMOBK
2014-12-05 20:13 - 2014-12-05 20:14 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Online Backup
2014-12-05 20:13 - 2014-12-05 20:13 - 00000000 ____D () C:\Program Files (x86)\McAfee Online Backup
2014-12-05 20:13 - 2014-05-20 08:21 - 00067808 _____ (Mozy, Inc.) C:\Windows\system32\Drivers\MOBK.sys
2014-12-05 20:13 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-12-05 20:12 - 2014-12-05 20:12 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2014-12-05 20:10 - 2014-12-06 13:25 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-12-05 20:10 - 2014-12-05 20:10 - 00000000 ____D () C:\Program Files\McAfee.com
2014-12-05 19:59 - 2014-12-06 18:01 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-05 19:59 - 2014-12-05 20:13 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-12-05 19:59 - 2014-10-01 12:18 - 00189920 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2014-12-05 19:51 - 2014-12-07 23:21 - 00000275 _____ () C:\AdwCleanerDebug.txt
2014-12-05 19:51 - 2014-12-05 19:51 - 02153472 _____ () C:\Users\Another\Downloads\adwcleaner_4.104.exe
2014-12-05 19:23 - 2014-12-05 19:23 - 00000000 ____D () C:\Users\Another\AppData\Roaming\Malwarebytes
2014-12-05 19:13 - 2013-04-21 18:28 - 00003672 _____ () C:\Users\Another\Desktop\Support Dock.txt
2014-12-05 19:07 - 2014-12-05 19:59 - 00000000 ____D () C:\ProgramData\TechGenie
2014-12-05 19:07 - 2014-12-05 19:07 - 00002609 _____ () C:\Users\Public\Desktop\TechGenie.lnk
2014-12-05 19:07 - 2014-12-05 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iYogi
2014-12-05 19:07 - 2014-12-05 19:07 - 00000000 ____D () C:\Program Files\iYogi
2014-12-05 19:06 - 2014-12-05 19:06 - 00000000 ____D () C:\Users\Another\Documents\TechGenie
2014-12-05 19:06 - 2014-12-05 19:06 - 00000000 ____D () C:\Program Files\WinPcap
2014-12-05 19:05 - 2014-12-06 01:36 - 00000000 ____D () C:\Program Files (x86)\iYogi
2014-12-05 19:05 - 2014-12-05 19:07 - 00000000 ____D () C:\Program Files (x86)\Nmap
2014-12-05 19:05 - 2014-12-05 19:05 - 00000000 ____D () C:\Program Files (x86)\SDC
2014-12-05 18:55 - 2014-12-05 18:55 - 05294008 _____ (McAfee, Inc.) C:\Users\Another\Downloads\Setup_serial_dDbFv63ZMIfYTb6BMI2JKQ2_key.exe
2014-12-05 18:28 - 2014-12-05 18:38 - 00000493 _____ () C:\Users\Another\Desktop\IYOGI TECHNICAL SUPPORT.txt
2014-12-05 17:22 - 2014-12-05 17:22 - 00000000 ____D () C:\Users\Another\AppData\Roaming\QuickScan
2014-12-05 17:21 - 2014-12-05 17:26 - 00000000 ____D () C:\ProgramData\SmartPCScan
2014-12-05 17:20 - 2014-12-05 17:20 - 11581280 _____ (iYogi) C:\Users\Another\Downloads\PCDiagnostics.exe
2014-12-05 17:18 - 2014-12-05 19:09 - 00000000 ____D () C:\ProgramData\iYogi
2014-12-05 17:14 - 2014-12-07 21:02 - 00000000 ____D () C:\Program Files (x86)\iYogi Support Dock
2014-12-05 17:14 - 2014-12-06 01:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iYogi Support Dock
2014-12-05 17:14 - 2014-12-05 17:14 - 00002058 _____ () C:\Users\Public\Desktop\iYogi Support Dock.lnk
2014-12-05 17:09 - 2014-12-05 17:09 - 05734160 _____ (iYogi) C:\Users\Another\Downloads\SDSetup.exe
2014-12-05 17:03 - 2014-12-05 17:03 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2014-12-05 13:58 - 2014-12-05 19:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-05 13:58 - 2014-12-05 13:58 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Another\Downloads\mbam-setup-2.0.4.1028 (1).exe
2014-12-05 13:57 - 2014-12-07 23:42 - 00001372 _____ () C:\Windows\Tasks\LANWP.job
2014-12-05 13:57 - 2014-12-05 13:57 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Another\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-05 13:57 - 2014-12-05 13:57 - 00004392 _____ () C:\Windows\System32\Tasks\LANWP
2014-12-05 13:56 - 2014-12-07 23:28 - 00001370 _____ () C:\Windows\Tasks\MZXY.job
2014-12-05 13:56 - 2014-12-05 14:24 - 00000000 ____D () C:\Program Files (x86)\91a92137-b02b-4210-8563-132a36263af9
2014-12-05 13:56 - 2014-12-05 13:56 - 00004390 _____ () C:\Windows\System32\Tasks\MZXY
2014-12-05 13:54 - 2014-12-05 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-05 13:52 - 2014-12-05 16:55 - 00000000 ____D () C:\ProgramData\dasJXocxYG
2014-12-05 13:52 - 2014-12-05 13:52 - 00002371 _____ () C:\Windows\patsearch.bin
2014-12-05 13:52 - 2014-12-05 13:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNewH_01009.Wdf
2014-12-05 13:52 - 2014-12-05 13:51 - 00106456 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNewH.sys
2014-12-05 13:44 - 2014-12-07 23:50 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3407545677-2617054877-1428467917-1001
2014-12-05 13:42 - 2014-12-08 00:01 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{661AA2C2-6CCE-4B7D-B5E4-A6002A3BF5EF}
2014-12-05 13:42 - 2014-12-05 13:54 - 00000000 ____D () C:\Users\Another\AppData\Local\Google
2014-12-05 13:42 - 2014-12-05 13:42 - 00000000 __SHD () C:\Users\Another\AppData\Local\EmieUserList
2014-12-05 13:42 - 2014-12-05 13:42 - 00000000 __SHD () C:\Users\Another\AppData\Local\EmieSiteList
2014-12-05 13:42 - 2014-12-05 13:42 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-12-05 13:42 - 2014-12-05 13:42 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-12-05 13:41 - 2014-12-07 23:28 - 00000000 ___DO () C:\Users\Another\OneDrive
2014-12-05 13:39 - 2014-12-05 16:57 - 00000000 ____D () C:\Users\Another\AppData\Local\TOSHIBA
2014-12-05 13:39 - 2014-12-05 13:39 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-12-05 13:39 - 2014-12-05 13:39 - 00000000 ____D () C:\Users\Another\AppData\Roaming\Macromedia
2014-12-05 13:38 - 2014-12-06 21:36 - 00000000 ____D () C:\Users\Another\AppData\Local\Packages
2014-12-05 13:38 - 2014-12-06 13:49 - 00000000 ____D () C:\Users\Another\AppData\Local\VirtualStore
2014-12-05 13:38 - 2014-12-05 19:54 - 00001014 _____ () C:\Users\Another\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-05 13:38 - 2014-12-05 13:38 - 00000000 ____D () C:\Users\Another\AppData\Roaming\Adobe
2014-12-05 13:37 - 2014-12-05 13:41 - 00000000 ____D () C:\Users\Another
2014-12-05 13:37 - 2014-12-05 13:37 - 00000020 ___SH () C:\Users\Another\ntuser.ini
2014-12-05 13:37 - 2014-03-18 15:54 - 00000000 ___RD () C:\Users\Another\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-05 13:37 - 2014-03-18 15:54 - 00000000 ___RD () C:\Users\Another\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-05 13:37 - 2014-03-18 15:34 - 00000369 _____ () C:\Users\Another\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-12-05 13:37 - 2014-03-18 15:34 - 00000369 _____ () C:\Users\Another\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-12-05 13:37 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Another\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-05 13:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Another\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-12 13:45 - 2014-11-12 13:45 - 00000023 _____ () C:\Windows\system32\Drivers\DCX.LOG
2014-11-12 13:40 - 2014-11-12 13:40 - 00002061 _____ () C:\Users\Public\Desktop\Manual.lnk
2014-11-12 13:40 - 2014-11-12 13:40 - 00000000 ____D () C:\Windows\OemDrv
2014-11-12 13:30 - 2014-11-12 13:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-11-12 13:30 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-11-12 13:30 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-11-12 13:30 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-11-12 13:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-11-12 13:30 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-11-12 13:30 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-11-12 13:30 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-11-12 13:28 - 2014-11-12 13:36 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-11-12 13:27 - 2014-11-12 13:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-12 13:27 - 2014-11-12 13:36 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-12 13:27 - 2014-11-12 13:27 - 00002693 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
2014-11-12 13:27 - 2014-11-12 13:27 - 00002677 _____ () C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
2014-11-12 13:27 - 2014-11-12 13:27 - 00000456 _____ () C:\Users\Public\Desktop\TOSHIBA Services.lnk
2014-11-12 13:27 - 2014-11-12 13:27 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-11-12 13:24 - 2014-11-12 13:24 - 00000000 ____D () C:\Program Files (x86)\Toshiba TEMPRO
2014-11-12 13:24 - 2014-11-12 13:24 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-11-12 13:16 - 2014-12-06 13:22 - 00000000 ____D () C:\Program Files\mcafee
2014-11-12 13:12 - 2014-11-12 13:24 - 00000000 ____D () C:\Windows\System32\Tasks\TOSHIBA
2014-11-12 13:12 - 2013-06-07 15:21 - 00017208 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\TVALZFL.sys
2014-11-12 13:11 - 2014-12-08 00:01 - 01921738 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 13:11 - 2014-11-12 13:11 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-12 13:04 - 2014-11-12 13:04 - 00020312 _____ (Compal Electronics, INC.) C:\Windows\system32\Drivers\CeKbFilter.sys
2014-11-12 13:04 - 2014-11-12 13:04 - 00002990 _____ () C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements
2014-11-12 13:04 - 2014-11-12 13:04 - 00001344 _____ () C:\Windows\Synaptics.log
2014-11-12 13:04 - 2014-11-12 13:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-11-12 13:04 - 2014-11-12 13:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-11-12 13:04 - 2014-11-12 13:04 - 00000000 ____D () C:\ProgramData\Compal
2014-11-12 13:04 - 2014-11-12 13:04 - 00000000 ____D () C:\Program Files\Synaptics
2014-11-12 13:03 - 2014-11-12 13:03 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-11-12 13:03 - 2014-11-12 13:03 - 00000000 ____D () C:\ProgramData\SRS Labs
2014-11-12 13:03 - 2014-11-12 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS, Inc
2014-11-12 13:03 - 2014-11-12 13:03 - 00000000 ____D () C:\Program Files (x86)\DTS, Inc
2014-11-12 13:03 - 2014-01-03 14:08 - 00291544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys
2014-11-12 13:03 - 2013-04-25 16:12 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2014-11-12 13:02 - 2014-11-12 13:02 - 00000000 ____D () C:\Program Files\Common Files\QCA_Bluetooth
2014-11-12 13:02 - 2014-11-12 13:02 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-11-12 13:01 - 2014-12-05 14:24 - 00000000 ____D () C:\Program Files (x86)\Atheros
2014-11-12 13:01 - 2014-11-12 13:01 - 00000000 ____D () C:\Windows\Options
2014-11-12 13:01 - 2014-11-12 13:01 - 00000000 ____D () C:\ProgramData\Qualcomm Atheros
2014-11-12 13:01 - 2014-02-14 03:35 - 03888640 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athwbx.sys
2014-11-12 12:58 - 2014-11-12 13:40 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2014-11-12 12:58 - 2014-11-12 13:04 - 00037284 _____ () C:\Windows\DPINST.LOG
2014-11-12 12:56 - 2014-01-27 13:13 - 00839896 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2014-11-12 12:56 - 2014-01-27 13:13 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-11-12 12:53 - 2014-11-12 12:53 - 00003130 _____ () C:\Windows\System32\Tasks\RTKCPL
2014-11-12 12:53 - 2014-11-12 12:53 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-12 12:53 - 2014-11-12 12:53 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-11-12 12:53 - 2014-11-12 12:53 - 00000000 ____D () C:\Program Files\Realtek
2014-11-12 12:53 - 2014-03-11 19:50 - 00853784 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-11-12 12:53 - 2014-03-11 19:00 - 03891800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-11-12 12:53 - 2014-03-11 15:37 - 57362432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-11-12 12:53 - 2014-03-11 08:06 - 01738032 _____ () C:\Windows\system32\SStudio.dll
2014-11-12 12:53 - 2014-03-10 15:09 - 00947928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-11-12 12:53 - 2014-03-07 08:57 - 02794200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-11-12 12:53 - 2014-03-06 14:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-11-12 12:53 - 2014-03-05 03:11 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-11-12 12:53 - 2014-03-05 03:11 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-11-12 12:53 - 2014-03-05 03:11 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-11-12 12:53 - 2014-03-05 03:11 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-11-12 12:53 - 2014-03-04 18:27 - 02831576 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-11-12 12:53 - 2014-03-04 15:19 - 00627928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-11-12 12:53 - 2014-03-03 18:21 - 01019608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-11-12 12:53 - 2014-02-27 18:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-11-12 12:53 - 2014-02-26 06:48 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-11-12 12:53 - 2014-02-26 06:47 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-11-12 12:53 - 2014-02-16 18:30 - 12816472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-11-12 12:53 - 2014-02-16 18:30 - 03927640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-11-12 12:53 - 2014-02-16 18:30 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-11-12 12:53 - 2014-02-06 09:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-11-12 12:53 - 2014-01-31 15:28 - 00938608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-11-12 12:53 - 2014-01-31 15:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-11-12 12:53 - 2014-01-28 09:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-11-12 12:53 - 2013-10-11 09:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-11-12 12:53 - 2013-08-14 13:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-11-12 12:53 - 2013-06-25 10:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-11-12 12:53 - 2013-06-25 10:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-11-12 12:53 - 2013-06-25 10:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-11-12 12:53 - 2013-04-03 12:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-11-12 12:53 - 2012-08-31 17:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-11-12 12:53 - 2012-08-31 17:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-11-12 12:53 - 2012-08-31 17:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-11-12 12:53 - 2012-08-31 17:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-11-12 12:53 - 2012-08-31 17:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-11-12 12:53 - 2012-01-30 09:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-11-12 12:53 - 2012-01-10 08:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-11-12 12:53 - 2011-12-20 13:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-11-12 12:53 - 2011-11-22 14:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-11-12 12:53 - 2011-09-02 12:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-11-12 12:53 - 2011-09-02 12:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-11-12 12:53 - 2011-09-02 12:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-11-12 12:53 - 2011-03-17 10:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-11-12 12:53 - 2011-03-07 15:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-11-12 12:53 - 2010-11-08 05:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-11-12 12:53 - 2010-11-08 05:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-11-12 12:53 - 2010-11-08 05:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-11-12 12:53 - 2010-11-08 05:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-11-12 12:53 - 2010-11-08 05:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-11-12 12:53 - 2010-11-08 05:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-11-12 12:53 - 2010-11-03 16:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-11-12 12:53 - 2010-07-22 14:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-11-12 12:53 - 2009-11-24 07:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-11-12 12:53 - 2009-11-24 07:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-11-12 12:53 - 2009-11-24 07:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-11-12 12:53 - 2009-11-24 07:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-11-12 12:52 - 2014-11-12 13:03 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-12 12:52 - 2014-11-12 12:53 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-11-12 12:52 - 2014-02-26 13:16 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-11-12 12:52 - 2014-02-18 16:12 - 01042520 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-11-12 12:52 - 2014-02-18 16:12 - 00882776 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-11-12 12:52 - 2014-02-18 15:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-11-12 12:52 - 2014-02-18 12:48 - 02396760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-11-12 12:52 - 2014-02-18 12:48 - 01424984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-11-12 12:52 - 2014-02-18 12:48 - 01423960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-11-12 12:52 - 2014-02-16 18:30 - 28314200 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-11-12 12:52 - 2014-02-16 18:30 - 14742104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-11-12 12:52 - 2014-02-16 18:30 - 02040920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-11-12 12:52 - 2014-02-16 18:30 - 01933400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-11-12 12:52 - 2013-10-16 01:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-11-12 12:52 - 2013-10-11 10:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-11-12 12:52 - 2013-10-06 22:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-11-12 12:52 - 2013-10-06 22:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-11-12 12:52 - 2013-10-06 22:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-11-12 12:52 - 2013-09-10 02:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-11-12 12:52 - 2013-09-10 02:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-11-12 12:52 - 2013-09-10 02:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-11-12 12:52 - 2013-09-10 02:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-11-12 12:52 - 2013-08-20 15:37 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll
2014-11-12 12:52 - 2013-08-14 13:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-11-12 12:52 - 2013-06-21 09:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-11-12 12:52 - 2012-03-08 09:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-11-12 12:52 - 2011-08-23 15:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-11-12 12:52 - 2011-05-31 07:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-11-12 12:52 - 2011-05-31 07:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-11-12 12:52 - 2011-05-31 07:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-11-12 12:52 - 2011-05-31 07:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-11-12 12:52 - 2011-05-31 07:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-11-12 12:52 - 2011-05-31 07:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-11-12 12:52 - 2011-05-31 07:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-11-12 12:52 - 2011-05-31 07:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-11-12 12:52 - 2011-05-31 07:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-11-12 12:52 - 2011-05-31 07:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-11-12 12:52 - 2011-05-31 07:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-11-12 12:52 - 2011-05-31 07:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-11-12 12:52 - 2010-09-27 07:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-11-12 12:51 - 2014-11-12 12:51 - 00014952 _____ () C:\Windows\system32\results.xml
2014-11-12 12:50 - 2013-12-05 11:01 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2014-11-12 12:50 - 2013-12-05 11:01 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2014-11-12 12:48 - 2014-11-12 12:48 - 00000000 ____D () C:\ProgramData\Intel
2014-11-12 12:48 - 2014-11-12 12:48 - 00000000 ____D () C:\Program Files\Intel
2014-11-12 12:48 - 2014-11-12 12:48 - 00000000 ____D () C:\Intel
2014-11-12 12:46 - 2014-11-12 12:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-11-12 12:46 - 2013-08-01 11:33 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-11-12 12:39 - 2014-11-12 13:43 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3407545677-2617054877-1428467917-500
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-08 00:02 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-07 23:58 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-07 23:57 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-07 23:40 - 2014-05-22 21:41 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 23:28 - 2014-05-22 21:41 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 23:27 - 2014-03-18 08:13 - 00103676 _____ () C:\Windows\PFRO.log
2014-12-07 23:27 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 23:27 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-06 21:33 - 2014-05-06 07:45 - 00738132 _____ () C:\Windows\system32\perfh01D.dat
2014-12-06 21:33 - 2014-05-06 07:45 - 00156256 _____ () C:\Windows\system32\perfc01D.dat
2014-12-06 21:33 - 2014-05-06 07:24 - 00454216 _____ () C:\Windows\system32\perfh014.dat
2014-12-06 21:33 - 2014-05-06 07:24 - 00081138 _____ () C:\Windows\system32\perfc014.dat
2014-12-06 21:33 - 2014-05-06 07:03 - 00439822 _____ () C:\Windows\system32\perfh00B.dat
2014-12-06 21:33 - 2014-05-06 07:03 - 00085674 _____ () C:\Windows\system32\perfc00B.dat
2014-12-06 21:33 - 2014-05-06 06:43 - 00469124 _____ () C:\Windows\system32\perfh006.dat
2014-12-06 21:33 - 2014-05-06 06:43 - 00083646 _____ () C:\Windows\system32\perfc006.dat
2014-12-06 21:33 - 2014-03-18 15:25 - 03290732 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-06 21:28 - 2013-08-22 14:44 - 00337896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-06 20:54 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ToastData
2014-12-06 20:54 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-06 20:54 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-06 20:54 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-06 20:54 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-06 20:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\setup
2014-12-06 20:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-06 20:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-06 20:53 - 2014-03-18 15:03 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-06 20:53 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-12-06 20:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\WinStore
2014-12-06 20:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-12-06 20:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-12-06 20:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-06 20:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-12-06 20:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\FileManager
2014-12-06 20:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Camera
2014-12-06 20:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-06 20:53 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-12-06 19:12 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-06 13:31 - 2013-08-22 13:25 - 00000160 _____ () C:\Windows\win.ini
2014-12-05 20:12 - 2013-08-22 15:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-12-05 18:55 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\restore
2014-12-05 13:53 - 2014-05-22 21:41 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-05 13:44 - 2014-05-22 21:42 - 00000000 ____D () C:\ProgramData\TOSHIBA
2014-12-05 13:42 - 2014-05-22 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-12-05 13:38 - 2014-03-18 15:00 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-12-05 13:35 - 2014-05-22 21:41 - 00003910 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-05 13:35 - 2014-05-22 21:41 - 00003674 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-05 13:33 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
2014-11-12 14:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Recovery
2014-11-12 13:45 - 2014-05-23 22:27 - 00000000 ____D () C:\Windows\Panther
2014-11-12 13:45 - 2013-08-22 15:37 - 00003843 _____ () C:\Windows\DtcInstall.log
2014-11-12 13:45 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-11-12 13:40 - 2014-05-22 21:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-12 13:40 - 2013-08-22 15:36 - 00000454 _____ () C:\Windows\system32\OEMDefaultAssociations.xml
2014-11-12 13:39 - 2014-05-22 21:50 - 00000000 ____D () C:\Program Files\TOSHIBA
2014-11-12 13:24 - 2014-05-22 21:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-11-12 12:38 - 2013-08-22 15:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
 
Some content of TEMP:
====================
C:\Users\Another\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Another\AppData\Local\Temp\Quarantine.exe
C:\Users\Another\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-05 19:54
 
==================== End Of Log ============================


#10 Computer_Idiot_

Computer_Idiot_
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 07 December 2014 - 07:16 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 02
Ran by Another at 2014-12-08 00:03:59
Running from C:\Users\Another\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.6100 - DTS, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
iPNA (HKLM-x32\...\{6158223B-8DB0-4CB7-B8B3-B78AF964B134}) (Version: 1.0.0 - iYogi)
iYogi Support Dock (HKLM-x32\...\iYogi Support Dock) (Version: 5.8.1 - iYogi)
iYogiPasswordManager (HKLM-x32\...\{65CECF99-19C7-4F86-BD61-C8ECACBCC916}) (Version: 1.0.0 - iYogi)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1367 - McAfee, Inc.)
McAfee Online Backup (Version: 2.26.1.386 - McAfee, Inc.) Hidden
McAfee Online Backup (x32 Version:  - McAfee, Inc.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Nmap 5.51 (HKLM-x32\...\Nmap) (Version:  - )
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
SDiManage (HKLM-x32\...\{0DBABDFB-DAB4-41E1-A842-CE568FFDA785}) (Version: 1.0.0 - SDC)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
SUPERAntiSpyware (HKLM-x32\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.3.0 - Synaptics Incorporated)
TechGenie (Version: 1.0.0 - iYogi) Hidden
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.04.6401 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Version: 1.1.16.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 3.01.02.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.1 - Toshiba Europe GmbH)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25 - WildTangent) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
05-12-2014 18:55:17 iYogi Support Client Restore Point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 13:25 - 2014-12-06 14:05 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {2A422F4D-CC4B-405F-B1C8-D2738F2D65A3} - System32\Tasks\MZXY => C:\Users\Another\AppData\Roaming\MZXY.exe <==== ATTENTION
Task: {2CBFB6F4-5806-4F3D-BC51-D04594422A0C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24] (Realtek Semiconductor)
Task: {3C31A994-7D70-496B-A035-5DCBC73E8F8C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-21] (Synaptics Incorporated)
Task: {431E1D31-4EF5-4491-A429-F07221D301A9} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)
Task: {4DC3E4D1-1B76-4A29-9A4A-840A6307CEFA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-22] (Google Inc.)
Task: {7367079F-244B-4BBB-9D2A-85A0D69E81ED} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-12-24] (Toshiba Europe GmbH)
Task: {C324061B-6060-4032-A1FF-D92BAB92DD24} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-31] (Microsoft Corporation)
Task: {DF5D9D1F-DB77-4EE9-812E-10F47CBFA85A} - System32\Tasks\LANWP => C:\Users\Another\AppData\Roaming\LANWP.exe <==== ATTENTION
Task: {E90EDF6C-5059-417C-AA69-3B04BC11405A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-22] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LANWP.job => C:\Users\Another\AppData\Roaming\LANWP.exe <==== ATTENTION
Task: C:\Windows\Tasks\MZXY.job => C:\Users\Another\AppData\Roaming\MZXY.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2012-06-28 17:46 - 2012-06-28 17:46 - 00026112 _____ () C:\Program Files (x86)\iYogi\iPNA\iPNA.exe
2012-07-18 18:38 - 2012-07-18 18:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-09-06 11:22 - 2013-09-06 11:22 - 03272568 _____ () C:\Program Files (x86)\iYogi Support Dock\iYogiSupportDock.exe
2014-12-07 23:36 - 2014-12-07 23:37 - 15196248 _____ () C:\Users\Another\Downloads\RogueKiller (1).exe
2012-06-28 17:46 - 2012-06-28 17:46 - 00035840 _____ () C:\Program Files (x86)\iYogi\iPNA\XDMessaging.dll
2012-06-28 17:46 - 2012-06-28 17:46 - 00008704 _____ () C:\Program Files (x86)\iYogi\iPNA\Helper.dll
2012-06-28 17:46 - 2012-06-28 17:46 - 00004608 _____ () C:\Program Files (x86)\iYogi\iPNA\Monitor.Logger.dll
2013-09-06 11:29 - 2013-09-06 11:29 - 00435200 _____ () C:\Program Files (x86)\iYogi Support Dock\ResDll.dll
2014-12-05 18:41 - 2014-11-25 06:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-12-05 18:41 - 2014-11-25 06:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-12-05 18:41 - 2014-11-25 06:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-12-05 18:41 - 2014-11-25 06:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2014-12-05 18:41 - 2014-11-25 06:39 - 14910280 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Another\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: dts_apo_service => 2
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: SDiManage => 2
MSCONFIG\Services: SupportDockService.exe => 2
MSCONFIG\Services: TemproMonitoringService => 3
MSCONFIG\Services: TMachInfo => 3
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3407545677-2617054877-1428467917-500 - Administrator - Disabled)
Another (S-1-5-21-3407545677-2617054877-1428467917-1001 - Administrator - Enabled) => C:\Users\Another
Guest (S-1-5-21-3407545677-2617054877-1428467917-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3407545677-2617054877-1428467917-1003 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/06/2014 02:39:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 39.0.2171.71 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 11a0
 
Start Time: 01d01160bde704df
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: b86c3df2-7d55-11e4-8274-acb57d64b988
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (12/06/2014 00:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17037, time stamp: 0x5312c30a
Faulting module name: Flash.ocx, version: 11.8.800.133, time stamp: 0x520584f6
Exception code: 0xc0000005
Fault offset: 0x001768f2
Faulting process ID: 0x3e98
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report ID: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (12/06/2014 00:08:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17037, time stamp: 0x5312c30a
Faulting module name: igd10iumd32.dll, version: 10.18.10.3408, time stamp: 0x52d82d18
Exception code: 0xc0000005
Fault offset: 0x000339c7
Faulting process ID: 0x168c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report ID: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (12/05/2014 07:57:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: 006077~1.EXE, version: 7.8.712.2, time stamp: 0x5321d133
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x32336d65
Faulting process ID: 0x4cc
Faulting application start time: 0x006077~1.EXE0
Faulting application path: 006077~1.EXE1
Faulting module path: 006077~1.EXE2
Report ID: 006077~1.EXE3
Faulting package full name: 006077~1.EXE4
Faulting package-relative application ID: 006077~1.EXE5
 
Error: (12/05/2014 07:08:58 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (12/05/2014 07:03:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iYogiSupportDock.exe, version: 5.8.1.87, time stamp: 0x5201d487
Faulting module name: iYogiSupportDock.exe, version: 5.8.1.87, time stamp: 0x5201d487
Exception code: 0xc0000005
Fault offset: 0x000c7fae
Faulting process ID: 0xb7c
Faulting application start time: 0xiYogiSupportDock.exe0
Faulting application path: iYogiSupportDock.exe1
Faulting module path: iYogiSupportDock.exe2
Report ID: iYogiSupportDock.exe3
Faulting package full name: iYogiSupportDock.exe4
Faulting package-relative application ID: iYogiSupportDock.exe5
 
Error: (12/05/2014 06:55:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {bb6c0910-b612-46ab-8f5d-acfb9b898470}
 
Error: (12/05/2014 01:58:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANOTHERLAPTOP)
Description: Activation of application winstore_cw5n1h2txyewy!Windows.Store failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/05/2014 01:56:14 PM) (Source: MsiInstaller) (EventID: 11309) (User: ANOTHERLAPTOP)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.
 
Error: (12/05/2014 01:38:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004E028
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=0ef706a5-beb3-4d84-8ce4-3eb867681947;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
 
System errors:
=============
Error: (12/07/2014 11:34:05 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys
 
Error: (12/07/2014 11:26:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
%%1062
 
Error: (12/07/2014 11:26:50 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a pre-shutdown control.
 
Error: (12/06/2014 05:55:21 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.2 with the system
having network hardware address F8-3D-FF-62-06-83. Network operations on this system may
be disrupted as a result.
 
Error: (12/06/2014 02:11:13 PM) (Source: DCOM) (EventID: 10005) (User: ANOTHERLAPTOP)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (12/06/2014 02:11:12 PM) (Source: DCOM) (EventID: 10005) (User: ANOTHERLAPTOP)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (12/06/2014 02:09:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (12/06/2014 02:09:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (12/06/2014 02:09:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (12/06/2014 02:09:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (12/06/2014 02:39:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe39.0.2171.7111a001d01160bde704df4294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exeb86c3df2-7d55-11e4-8274-acb57d64b988
 
Error: (12/06/2014 00:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.170375312c30aFlash.ocx11.8.800.133520584f6c0000005001768f23e9801d0114d4d0d0121C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\Macromed\Flash\Flash.ocxe5a4a697-7d42-11e4-826f-acb57d64b988
 
Error: (12/06/2014 00:08:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.170375312c30aigd10iumd32.dll10.18.10.340852d82d18c0000005000339c7168c01d0114b087b25c3C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\igd10iumd32.dll863942b2-7d40-11e4-826f-acb57d64b988
 
Error: (12/05/2014 07:57:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 006077~1.EXE7.8.712.25321d133unknown0.0.0.000000000c000000532336d654cc01d010c59ae4f3b0C:\Windows\TEMP\006077~1.EXEunknowne3d8dfaf-7cb8-11e4-826a-acb57d64b988
 
Error: (12/05/2014 07:08:58 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (12/05/2014 07:03:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iYogiSupportDock.exe5.8.1.875201d487iYogiSupportDock.exe5.8.1.875201d487c0000005000c7faeb7c01d010bdcf5583f6C:\Program Files (x86)\iYogi Support Dock\iYogiSupportDock.exeC:\Program Files (x86)\iYogi Support Dock\iYogiSupportDock.exe5dd33c13-7cb1-11e4-8269-acb57d64b988
 
Error: (12/05/2014 06:55:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {bb6c0910-b612-46ab-8f5d-acfb9b898470}
 
Error: (12/05/2014 01:58:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANOTHERLAPTOP)
Description: winstore_cw5n1h2txyewy!Windows.Store-2144927142
 
Error: (12/05/2014 01:56:14 PM) (Source: MsiInstaller) (EventID: 11309) (User: ANOTHERLAPTOP)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (12/05/2014 01:38:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004E028RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=0ef706a5-beb3-4d84-8ce4-3eb867681947;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU N2840 @ 2.16GHz
Percentage of memory in use: 63%
Total physical RAM: 3982.88 MB
Available physical RAM: 1437.78 MB
Total Pagefile: 9955.88 MB
Available Pagefile: 7412.74 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (TI31338200A) (Fixed) (Total:454.47 GB) (Free:420.42 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#11 satchfan

satchfan

  • Malware Response Team
  • 2,937 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:01:33 AM

Posted 08 December 2014 - 04:12 AM

Well done, but you forgot to include the Rogue Killer log. :wink:


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#12 Computer_Idiot_

Computer_Idiot_
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 08 December 2014 - 06:57 AM

Argh! I'm really sorry about that. You know, I DID run it - looks like I didn't hit 'paste' after highlighting the log, so I posted ADW twice. Now you see why I have my username.

 

Thanks for your patience, I do appreciate it. Right. Here goes: Roguekiller

 

RogueKiller V10.0.9.0 [Dec  8 2014] by Adlice Software
 
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Another [Administrator]
Mode : Scan -- Date : 12/08/2014  11:55:39
 
¤¤¤ Processes : 0 ¤¤¤
 
¤¤¤ Registry : 15 ¤¤¤
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.iyogi.net  -> Found
[PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com  -> Found
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 0.0.0.0 [(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 0.0.0.0 [(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B3673175-8F48-46EE-A365-F16FF504668F} | DhcpNameServer : 192.168.1.1 0.0.0.0 [(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F205AB68-D85A-4EC6-9396-07565193F31A} | DhcpNameServer : 192.168.1.1 0.0.0.0 [(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{B3673175-8F48-46EE-A365-F16FF504668F} | DhcpNameServer : 192.168.1.1 0.0.0.0 [(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{F205AB68-D85A-4EC6-9396-07565193F31A} | DhcpNameServer : 192.168.1.1 0.0.0.0 [(Private Address) (XX)]  -> Found
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Found
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
 
¤¤¤ Tasks : 4 ¤¤¤
[Suspicious.Path] LANWP.job -- C:\Users\Another\AppData\Roaming\LANWP.exe (/infocmdline=Mksh609toFDOx6ZUSKoXZuwu48rbvUxMnsqq5fg9sorleO59NTED5BdPuDsgvm4M3GFr/lF7a8YcndNBWKgkDhyOH9eDCnGieDZj1fxdndoft3KQJLF2fanpN65TY76VXK03AhsI6MV+YQsntYXitNdhceUUsbxvJFkQQ6Fpi3yQY5Q4GxJdyhTQsFb16XwzfgmAqsjxOAKl1kYJdVNKgQAMhMV8HPJ0hg+FGwjG1nUnPH0PR7M0e4MYpNxl+Q+HXXZ7x3xFrlZnjuhpp9XhiQszrPei8C36CzOV+FaT1IFQthSsNXxrrSkjC54QVK++kvmEkGf1zk3nGct2UyoDq3j/LRhvkNONGUuJ8BZL3kgoRSk60teO9kV6NQpHd43ALkAOrIANsJKJEw+vb1P0GIqXwKosOFZJEa1tO6SVXbqQd9D9aZcDWT54cwi25/ZGKGw4Zz/8Osmuu0Ebt6ylCuVrIzXzz6FILqCY8bHRrgft8MPIyzJ3HMqNlnCsp+gR) -> Found
[Suspicious.Path] MZXY.job -- C:\Users\Another\AppData\Roaming\MZXY.exe (/infocmdline=O6tYNTpBg3o550JpZt8ogkPO4gUolaFm/QO0oqfZgznbAenGeXIo8DXtwGSKPk1XNoD+IJUmvLD6nOalMa/NLl7N4mMjEbn6kcAQKGoY9hyl6UAKpORVSB6CHL3SochunYlmR9hRXdZqvIp3oZVYYSSNg9KbuGJ6WbKBiNiMqp0ok5nfZ2qrDililm5Is1TAh9bCWEaNlBpqOeU/eVkUHldwpg/mb5fr1p0kr/CipapEYF5MuMPTWdVZhDzNV38lgpfkNHhfFMKP9GmqUEmKAQoI6ix7fmxKOURrVsyz52oRsCBgVwkohi7GQ9VbrVtarsa5xvnhUbcSiolIkFif3zH7GXvnOEmoMPUF3uXZlBHkk1MZg687TbYIGwQYdgvoVs0nNTAam8g7WU/CXGw/2KfdMFZ/uy6vnHUj3WhzFhYLqla8CA1TK/mMq5Y92Egz5TgBmGkjSefqB0822VUwl7841f+ncO0Dp5KsQtEWVnz2fp+dxKBtpKQ7TKrU7fvW) -> Found
[Suspicious.Path] \\LANWP -- C:\Users\Another\AppData\Roaming\LANWP.exe (/infocmdline=Mksh609toFDOx6ZUSKoXZuwu48rbvUxMnsqq5fg9sorleO59NTED5BdPuDsgvm4M3GFr/lF7a8YcndNBWKgkDhyOH9eDCnGieDZj1fxdndoft3KQJLF2fanpN65TY76VXK03AhsI6MV+YQsntYXitNdhceUUsbxvJFkQQ6Fpi3yQY5Q4GxJdyhTQsFb16XwzfgmAqsjxOAKl1kYJdVNKgQAMhMV8HPJ0hg+FGwjG1nUnPH0PR7M0e4MYpNxl+Q+HXXZ7x3xFrlZnjuhpp9XhiQszrPei8C36CzOV+FaT1IFQthSsNXxrrSkjC54QVK++kvmEkGf1zk3nGct2UyoDq3j/LRhvkNONGUuJ8BZL3kgoRSk60teO9kV6NQpHd43ALkAOrIANsJKJEw+vb1P0GIqXwKosOFZJEa1tO6SVXbqQd9D9aZcDWT54cwi25/ZGKGw4Zz/8Osmuu0Ebt6ylCuVrIzXzz6FILqCY8bHRrgft8MPIyzJ3HMqNlnCsp+gR) -> Found
[Suspicious.Path] \\MZXY -- C:\Users\Another\AppData\Roaming\MZXY.exe (/infocmdline=O6tYNTpBg3o550JpZt8ogkPO4gUolaFm/QO0oqfZgznbAenGeXIo8DXtwGSKPk1XNoD+IJUmvLD6nOalMa/NLl7N4mMjEbn6kcAQKGoY9hyl6UAKpORVSB6CHL3SochunYlmR9hRXdZqvIp3oZVYYSSNg9KbuGJ6WbKBiNiMqp0ok5nfZ2qrDililm5Is1TAh9bCWEaNlBpqOeU/eVkUHldwpg/mb5fr1p0kr/CipapEYF5MuMPTWdVZhDzNV38lgpfkNHhfFMKP9GmqUEmKAQoI6ix7fmxKOURrVsyz52oRsCBgVwkohi7GQ9VbrVtarsa5xvnhUbcSiolIkFif3zH7GXvnOEmoMPUF3uXZlBHkk1MZg687TbYIGwQYdgvoVs0nNTAam8g7WU/CXGw/2KfdMFZ/uy6vnHUj3WhzFhYLqla8CA1TK/mMq5Y92Egz5TgBmGkjSefqB0822VUwl7841f+ncO0Dp5KsQtEWVnz2fp+dxKBtpKQ7TKrU7fvW) -> Found
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0x20]) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: HGST HTS545050A7E380 +++++
--- User ---
[MBR] a84dd93b5b19931ceaddbccc47850486
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK
User = LL2 ... OK
 
 
============================================
RKreport_SCN_12072014_234923.log - RKreport_SCN_12082014_114800.log


#13 satchfan

satchfan

  • Malware Response Team
  • 2,937 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:01:33 AM

Posted 08 December 2014 - 07:44 AM

Thanks; no problem, you're doing OK. :thumbup2:

 

I'm busy for a while but will send instructions later.


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#14 Computer_Idiot_

Computer_Idiot_
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 08 December 2014 - 12:22 PM

Cheers, Satch. No probs, you'll still be sorting it quicker than the 'technicians' I've paid for... :-) And I am just glad - and very touched - that someone is doing this for free. You folks here are incredible.



#15 satchfan

satchfan

  • Malware Response Team
  • 2,937 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:01:33 AM

Posted 08 December 2014 - 12:43 PM

Hi, you are doing well.

It appears that you have been advised to, (or rather iYogi have), used tools that are VERY out-dated, (SmitFraudFix, HJT), and were used many years ago against other threats, (mild ones compared to those that are around now), but are useless against current malware. Also, HijackThis is never used any more as it can’t show anything reliable on any operating system newer than WindowsXP, (which is now officially “dead”).

The major problem here is that iYogi has/has had access to your computer and has created so much junk in their attempt to throw everything at your computer, (in the hope that something will work), and there are masses of strange files/folders which I’m pretty sure belong to them. Should you decide to not use them again, we can also deal with that later.

That said, let’s clear up what I can see, (the old SmitFraudFix files will be deleted when we tidy up so I’ll leave those), then we’ll run some more scans.


Open notepad. Please copy the contents of the code box below.


SearchScopes: HKU\S-1-5-21-3407545677-2617054877-1428467917-1001 -> {E0776C3B-A44B-41F4-8F23-89F9D1D6BEF5} URL =
FF HKU\S-1-5-21-3407545677-2617054877-1428467917-1001\...\Firefox\Extensions: [{057B20D0-77D0-4B79-FED0-E90955D9C7CC}] - C:\Program Files (x86)\ver4SpeedCheck\184.xpi
C:\Program Files (x86)\ver4SpeedCheck
EmptyTemp:

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system


  • save the files as fixlist.txt in the same folder as FRST – NOTE: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work
  • run FRST64 then click Fix just once and wait
  • it will create a log (Fixlog.txt); please post it to your reply.

================================================

Run Malwarebytes’ Anti-Malware

I’d like an up-to-date log.

I noticed that you had MBAM on your system: if you no longer have it, you can download it from here:

  • start Malwarebytes-Anti-Malware and update it, (“Update” tab}
  • once it is updated, click on “Scan” tab, select Threat Scan, then click Scan.
  • when the scan is complete, if no malicious items are found you can close the program
  • if malicious items are found be sure that everything is checked and click Quarantine
  • when removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • the log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • copy and paste the contents of that report in your next reply and exit MBAM.

NOTE: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

================================================

Run Security Check

Download Security Check by screen317 from here or here.

  • save it to your Desktop.
  • double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • a Notepad document should open automatically called checkup.txt; please post the contents of that document.

Logs to include with the next post:

Fixlog.txt
Mbam.txt
checkup.txt


Thanks

Satchfan

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users