Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help Removing Virus multi explorer.exe instances


  • This topic is locked This topic is locked
No replies to this topic

#1 froglevelmc

froglevelmc

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:13 AM

Posted 22 December 2014 - 11:02 AM

I have multiple instances of explorer running eating up memory and trying to access websites in the background.  I have run TDSS Killer, awdcleaner, roguekiller, combofix, Sophos virus removal tool. Kaspersky antivirus, spybot S&D, bit defender root kit removal, IOBIT malware fighter..... All of which cleaned something but this explorer thing is still there... can't figure it out.

 

Thank in advance,

 

Chris

 

Farbar scan below.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014 01
Ran by Phil Borneman (administrator) on PHIL-PC on 22-12-2014 10:56:55
Running from C:\Users\Phil Borneman\Desktop
Loaded Profile: Phil Borneman (Available profiles: Phil Borneman)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\System32\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoHook.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-12-09] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2165120 2012-03-22] (SRS Labs, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-19] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-09-23] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2012-02-13] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1562032 2012-02-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2012-02-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [253312 2011-11-21] (TOSHIBA)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218864 2011-06-22] (Toshiba)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoInternetOpenWith] 1
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-667345152-2384861562-3348176582-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.google.com
HKU\S-1-5-21-667345152-2384861562-3348176582-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/en-us
HKU\S-1-5-21-667345152-2384861562-3348176582-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
SearchScopes: HKU\.DEFAULT -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-667345152-2384861562-3348176582-1004 -> DefaultScope {B71164C6-4191-4FC4-9A18-0962203A984D} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO
SearchScopes: HKU\S-1-5-21-667345152-2384861562-3348176582-1004 -> {B71164C6-4191-4FC4-9A18-0962203A984D} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} ->  No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-13]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-13]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-13]

Chrome:
=======
CHR HomePage: Default -> hxxp://start.toshiba.com/?cid=C001B2Y
CHR StartupUrls: Default -> "hxxp://start.toshiba.com/?cid=C001B2Y"
CHR Profile: C:\Users\Phil Borneman\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Phil Borneman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-19]
CHR Extension: (Google Docs) - C:\Users\Phil Borneman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-19]
CHR Extension: (Google Drive) - C:\Users\Phil Borneman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Phil Borneman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-20]
CHR Extension: (YouTube) - C:\Users\Phil Borneman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-19]
CHR Extension: (Google Search) - C:\Users\Phil Borneman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-19]
CHR Extension: (Kaspersky Protection) - C:\Users\Phil Borneman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-19]
CHR Extension: (Google Sheets) - C:\Users\Phil Borneman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-19]
CHR Extension: (Google Wallet) - C:\Users\Phil Borneman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-19]
CHR Extension: (Gmail) - C:\Users\Phil Borneman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-19]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-05-28] (WildTangent)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe [123320 2014-02-04] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe [126392 2011-11-30] (Symantec Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-12-09] (Realtek Semiconductor)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [151848 2013-10-15] (Sophos Limited)
R2 TosCoSrv; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [580608 2012-02-02] (TOSHIBA Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2014-12-09] (Advanced Micro Devices Inc.)
S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10826240 2012-02-13] (Advanced Micro Devices, Inc.) [File not signed]
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [328704 2012-02-13] (Advanced Micro Devices, Inc.) [File not signed]
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-12-13] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [818888 2014-12-13] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-12-13] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-09] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1148048 2012-08-14] (Realtek Semiconductor Corporation                           )
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-12-12] ()
S3 cpuz137; \??\C:\Users\Phil\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-22 10:56 - 2014-12-22 10:57 - 00025359 _____ () C:\Users\Phil Borneman\Desktop\FRST.txt
2014-12-22 10:56 - 2014-12-22 10:56 - 02122240 _____ (Farbar) C:\Users\Phil Borneman\Desktop\FRST64.exe
2014-12-22 10:22 - 2014-12-22 10:56 - 00000000 ____D () C:\FRST
2014-12-20 18:41 - 2014-12-20 18:41 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Local\CrashDumps
2014-12-20 18:34 - 2014-12-20 18:36 - 00004094 _____ () C:\Users\Phil Borneman\Desktop\Rkill.txt
2014-12-20 18:13 - 2014-12-20 18:13 - 00001184 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-12-20 18:13 - 2014-12-20 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2014-12-20 15:40 - 2014-12-20 15:41 - 00001908 _____ () C:\windows\diagwrn.xml
2014-12-20 15:40 - 2014-12-20 15:41 - 00001908 _____ () C:\windows\diagerr.xml
2014-12-20 15:32 - 2014-12-20 15:32 - 00002128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-12-20 15:32 - 2014-12-20 15:32 - 00001945 _____ () C:\windows\epplauncher.mif
2014-12-20 15:32 - 2014-12-20 15:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-12-20 15:31 - 2014-12-20 15:32 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-12-20 15:03 - 2014-12-20 19:03 - 00000779 _____ () C:\windows\setupact.log
2014-12-20 15:03 - 2014-12-20 15:40 - 00000000 _____ () C:\windows\setuperr.log
2014-12-20 14:11 - 2014-12-20 15:46 - 00081990 _____ () C:\windows\PFRO.log
2014-12-20 14:10 - 2014-12-20 14:10 - 00032768 _____ () C:\windows\system32\persistent_q.db-shm
2014-12-20 14:10 - 2014-12-20 14:10 - 00003176 _____ () C:\windows\system32\persistent_q.db-wal
2014-12-20 14:10 - 2014-12-20 14:10 - 00001024 _____ () C:\windows\system32\persistent_q.db
2014-12-20 12:33 - 2014-12-20 12:33 - 00002788 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-12-20 12:33 - 2014-12-20 12:33 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-20 12:28 - 2014-12-20 12:28 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-12-20 12:27 - 2014-12-20 12:27 - 00001402 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-12-20 12:27 - 2014-12-20 12:27 - 00001390 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-12-20 12:27 - 2014-12-20 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-12-20 12:26 - 2014-12-20 14:04 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-20 12:26 - 2014-12-20 12:32 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-20 12:26 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2014-12-20 12:17 - 2014-12-20 12:17 - 00000000 ____D () C:\Users\Phil Borneman\Pavark
2014-12-20 01:15 - 2014-12-20 01:15 - 00006172 _____ () C:\windows\SysWOW64\PerfStringBackup.TMP
2014-12-19 16:39 - 2014-12-19 16:39 - 00000207 _____ () C:\windows\tweaking.com-regbackup-PHIL-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-12-19 16:39 - 2014-12-19 16:39 - 00000000 ____D () C:\RegBackup
2014-12-19 16:37 - 2014-12-19 16:37 - 00001047 _____ () C:\Users\Phil Borneman\Desktop\JRT.txt
2014-12-19 16:36 - 2014-12-19 16:36 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-12-19 16:36 - 2014-12-19 16:36 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-12-19 16:26 - 2014-12-19 16:26 - 00000000 ____D () C:\windows\ERUNT
2014-12-19 15:59 - 2014-12-19 15:59 - 00000000 __SHD () C:\Users\Phil Borneman\AppData\Local\EmieUserList
2014-12-19 15:59 - 2014-12-19 15:59 - 00000000 __SHD () C:\Users\Phil Borneman\AppData\Local\EmieSiteList
2014-12-19 15:59 - 2014-12-19 15:59 - 00000000 __SHD () C:\Users\Phil Borneman\AppData\Local\EmieBrowserModeList
2014-12-19 15:47 - 2014-12-19 15:47 - 00000000 ____D () C:\windows\system32\MRT
2014-12-19 15:46 - 2014-11-27 16:40 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-12-19 15:23 - 2014-12-20 18:11 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Roaming\IObit
2014-12-19 15:22 - 2014-12-19 15:22 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Roaming\ProductData
2014-12-19 14:24 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-19 14:24 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-12-19 14:22 - 2014-12-19 14:22 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Roaming\ATI
2014-12-19 14:22 - 2014-12-19 14:22 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Local\ATI
2014-12-19 14:19 - 2014-12-19 14:19 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Roaming\Toshiba
2014-12-19 14:17 - 2014-12-20 11:37 - 00109296 _____ () C:\Users\Phil Borneman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-19 14:17 - 2014-12-19 14:17 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Roaming\Nero
2014-12-19 14:17 - 2014-12-19 14:17 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Local\TOSHIBA
2014-12-19 14:17 - 2014-12-19 14:17 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Local\SRS Labs
2014-12-19 14:15 - 2014-12-19 14:15 - 00001424 _____ () C:\Users\Phil Borneman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-19 14:15 - 2014-12-19 14:15 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Roaming\Adobe
2014-12-19 14:15 - 2014-12-19 14:15 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Local\Google
2014-12-19 14:14 - 2014-12-19 14:14 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Local\VirtualStore
2014-12-19 14:13 - 2014-12-20 12:17 - 00000000 ____D () C:\Users\Phil Borneman
2014-12-19 14:13 - 2014-12-19 14:13 - 00000020 ___SH () C:\Users\Phil Borneman\ntuser.ini
2014-12-19 14:13 - 2013-09-10 13:19 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Local\Microsoft Help
2014-12-19 14:13 - 2012-04-18 04:07 - 00000000 ____D () C:\Users\Phil Borneman\AppData\Roaming\Macromedia
2014-12-19 14:13 - 2009-07-13 23:54 - 00000000 ___RD () C:\Users\Phil Borneman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-19 14:13 - 2009-07-13 23:49 - 00000000 ___RD () C:\Users\Phil Borneman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-15 13:06 - 2013-09-29 13:08 - 00000000 ____D () C:\Users\Public\Desktop\Nero-10.0.13100  (Serials + Themepacks)
2014-12-15 12:44 - 2013-09-29 15:50 - 00000000 ____D () C:\Users\Public\Desktop\amos,n andy
2014-12-14 15:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-12-14 15:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-12-14 15:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-12-14 15:13 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-12-14 15:13 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-12-14 15:13 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-12-14 15:13 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-12-14 15:13 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-12-14 15:13 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-12-14 15:13 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-12-14 15:13 - 2014-07-08 17:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-12-14 15:13 - 2014-07-08 17:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-12-13 17:01 - 2014-12-13 17:01 - 00002341 _____ () C:\Users\Admin\Desktop\Safe Money.lnk
2014-12-13 17:00 - 2014-12-13 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-12-13 17:00 - 2014-12-13 16:58 - 00002143 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-12-13 16:56 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\windows\system32\klfphc.dll
2014-12-13 16:55 - 2014-12-22 10:11 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-13 16:55 - 2014-12-13 16:55 - 00000000 ____D () C:\windows\ELAMBKUP
2014-12-13 16:55 - 2014-12-13 16:55 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-12-13 16:53 - 2014-08-12 18:33 - 00246456 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klhk.sys
2014-12-13 16:46 - 2014-12-13 16:50 - 202839360 _____ (Kaspersky Lab) C:\Users\Admin\Desktop\kis15.0.1.415EN_6710.exe
2014-12-13 16:42 - 2014-12-13 16:42 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieBrowserModeList
2014-12-13 08:28 - 2014-12-13 08:28 - 00000000 ____D () C:\windows\system32\appraiser
2014-12-13 04:35 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-12-13 04:35 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-12-13 04:35 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-12-13 04:35 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-12-13 04:35 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-12-13 04:35 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-12-13 04:35 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2014-12-13 04:35 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2014-12-13 04:35 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2014-12-13 04:35 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2014-12-13 03:55 - 2014-06-26 21:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-12-13 03:55 - 2014-06-26 20:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-12-13 03:29 - 2014-12-13 03:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ProductData
2014-12-13 03:17 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-12-13 03:17 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2014-12-13 03:17 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-12-13 03:17 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-12-13 03:17 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2014-12-13 03:17 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2014-12-13 03:16 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-12-13 03:16 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-12-13 02:43 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-12-13 02:43 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-12-13 02:43 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-12-13 02:43 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-12-13 02:43 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-12-13 02:42 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2014-12-13 02:42 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2014-12-13 02:42 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-12-13 02:42 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-12-13 02:42 - 2014-06-03 05:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-12-13 02:42 - 2014-06-03 05:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-12-13 02:42 - 2014-06-03 05:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-12-13 02:42 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-12-13 02:42 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-12-13 02:37 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2014-12-13 02:37 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2014-12-13 02:37 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-12-13 02:37 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-12-13 02:37 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-12-13 02:37 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-12-13 02:37 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-12-13 02:37 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2014-12-13 02:37 - 2014-08-01 06:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-12-13 02:37 - 2014-08-01 06:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-12-13 02:34 - 2014-06-23 22:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-12-13 02:34 - 2014-06-23 21:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-12-13 02:34 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-12-13 02:34 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-12-13 02:34 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-12-13 02:34 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-12-13 02:34 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-12-13 02:34 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-12-13 02:32 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-12-13 02:32 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-12-13 02:30 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-13 02:30 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-13 02:30 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-13 02:30 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-12-13 02:30 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-12-13 02:30 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-13 02:30 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-13 02:30 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-13 02:30 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-12-13 02:30 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-13 02:30 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-13 02:30 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-13 02:30 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-12-13 02:30 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-12-13 02:30 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-13 02:30 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-12-13 02:30 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-12-13 02:30 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-13 02:30 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-13 02:30 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-12-13 02:30 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-13 02:30 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-13 02:30 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-13 02:30 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-12-13 02:30 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-12-13 02:30 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-12-13 02:30 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-13 02:30 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-12-13 02:30 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-13 02:30 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-12-13 02:30 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-12-13 02:30 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-12-13 02:30 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-12-13 02:30 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-13 02:30 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-13 02:30 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-12-13 02:30 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-13 02:30 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-12-13 02:30 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-13 02:30 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-13 02:30 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-12-13 02:30 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-13 02:30 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-13 02:30 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-13 02:30 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-13 02:30 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-13 02:30 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-13 02:30 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-12-13 02:30 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-13 02:30 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-13 02:30 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-13 02:30 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-13 02:30 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-13 02:30 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-12-13 02:30 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-13 02:30 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-13 02:30 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2014-12-13 02:30 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-12-13 02:30 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-12-13 02:30 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-12-13 02:30 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-12-13 02:30 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-12-13 02:30 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-12-13 02:30 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-12-13 02:26 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-12-13 02:26 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-12-13 02:26 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-12-13 02:26 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-12-13 02:26 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-12-13 02:26 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-12-13 02:26 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-12-13 02:26 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-12-13 02:26 - 2014-09-24 21:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-12-13 02:26 - 2014-09-24 20:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-12-13 02:26 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-12-13 02:26 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-12-13 02:24 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-12-13 02:24 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-12-13 02:24 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2014-12-13 02:24 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2014-12-13 02:24 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2014-12-13 02:24 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-12-13 02:24 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-12-13 02:24 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-12-13 02:24 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-12-13 02:24 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2014-12-13 02:24 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-12-13 02:24 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-13 02:24 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2014-12-13 02:24 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2014-12-13 02:24 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-12-13 02:24 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-12-13 02:24 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2014-12-13 02:24 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-12-13 02:24 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-12-13 02:24 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-12-13 02:24 - 2014-06-15 21:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-12-13 02:23 - 2014-06-24 21:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-12-13 02:23 - 2014-06-24 20:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-12-13 02:21 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-12-13 02:21 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-12-13 02:19 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-12-13 02:19 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-12-13 02:19 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-12-13 02:19 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-12-13 02:19 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-12-13 02:19 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-12-13 02:19 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-12-13 02:19 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-12-13 02:19 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-12-13 02:19 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-12-13 02:19 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-12-13 02:19 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-12-13 02:16 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-12-13 02:16 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-12-13 02:14 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-12-13 02:14 - 2014-07-16 21:07 - 03722240 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-12-13 02:14 - 2014-07-16 21:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-12-13 02:14 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-12-13 02:14 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-12-13 02:14 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-12-13 02:14 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-12-13 02:14 - 2014-07-16 20:39 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-12-13 02:14 - 2014-07-16 20:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-12-13 02:14 - 2014-07-16 20:39 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-12-13 02:14 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-12-13 02:14 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-12-13 02:10 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-12-13 02:10 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-12-13 02:09 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-12-13 02:09 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-12-13 02:07 - 2014-07-13 21:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-12-13 02:07 - 2014-07-13 20:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-12-12 22:50 - 2014-12-12 22:52 - 00000000 ____D () C:\ProgramData\Sophos
2014-12-12 22:49 - 2014-12-12 22:49 - 00003205 _____ () C:\Users\Admin\Desktop\Sophos Virus Removal Tool.lnk
2014-12-12 22:49 - 2014-12-12 22:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-12-12 22:47 - 2014-12-12 22:47 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-12-12 22:27 - 2014-12-12 21:50 - 05600944 ____R (Swearware) C:\Users\Public\Documents\combofix.exe
2014-12-12 22:27 - 2013-11-22 17:34 - 78618840 _____ (Sophos Limited) C:\Users\Public\Documents\Sophos Virus Removal Tool.exe
2014-12-12 21:58 - 2011-06-26 01:45 - 00256000 _____ () C:\windows\PEV.exe
2014-12-12 21:58 - 2010-11-07 12:20 - 00208896 _____ () C:\windows\MBR.exe
2014-12-12 21:58 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-12-12 21:58 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-12-12 21:58 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-12-12 21:58 - 2000-08-30 19:00 - 00098816 _____ () C:\windows\sed.exe
2014-12-12 21:58 - 2000-08-30 19:00 - 00080412 _____ () C:\windows\grep.exe
2014-12-12 21:58 - 2000-08-30 19:00 - 00068096 _____ () C:\windows\zip.exe
2014-12-12 21:57 - 2014-12-12 21:58 - 00000000 ___SD () C:\32788R22FWJFW
2014-12-12 21:57 - 2014-12-12 21:58 - 00000000 ____D () C:\Qoobox
2014-12-12 21:57 - 2014-12-12 21:57 - 00000000 ____D () C:\windows\erdnt
2014-12-12 21:55 - 2014-12-12 21:55 - 00000278 _____ () C:\windows\Tasks\Uninstaller_SkipUac_Admin.job
2014-12-12 21:29 - 2014-12-12 21:55 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-12-12 21:29 - 2014-12-12 21:29 - 00000563 _____ () C:\windows\Tasks\RegCure Pro_sch_DD867A9C-826F-11E4-9C22-4C72B92D6028.job
2014-12-12 21:29 - 2014-12-12 21:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ParetoLogic
2014-12-12 19:37 - 2014-12-12 19:37 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Nero
2014-12-12 19:37 - 2014-12-12 19:37 - 00000000 ____D () C:\Users\Admin\AppData\Local\AppEx Networks
2014-12-12 19:20 - 2014-12-12 19:20 - 00000000 ____D () C:\ProgramData\ATI
2014-12-12 19:14 - 2014-12-12 19:15 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2014-12-12 19:14 - 2014-12-12 19:14 - 00055445 _____ () C:\windows\SysWOW64\CCCInstall_201412121914187036.log
2014-12-12 19:14 - 2014-12-12 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2014-12-12 19:14 - 2014-12-12 19:14 - 00000000 ____D () C:\ProgramData\AMD
2014-12-12 19:14 - 2014-12-12 19:14 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-12-12 19:14 - 2013-04-18 07:04 - 00219360 _____ (AppEx Networks Corporation) C:\windows\system32\Drivers\appexDrv.sys
2014-12-12 19:13 - 2014-12-12 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-12-12 18:32 - 2014-12-12 18:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ATI
2014-12-12 18:32 - 2014-12-12 18:32 - 00000000 ____D () C:\Users\Admin\AppData\Local\ATI
2014-12-12 18:29 - 2014-12-12 18:32 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-12 18:27 - 2014-12-12 19:13 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-12-12 18:12 - 2014-12-12 18:12 - 00000023 _____ () C:\model.bat
2014-12-12 18:12 - 2014-12-12 18:12 - 00000000 ____D () C:\UBIOS
2014-12-12 18:11 - 2014-12-12 18:11 - 00000000 ____D () C:\skbqv610
2014-12-12 18:03 - 2012-07-19 09:47 - 01411216 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl8188ee.sys
2014-12-12 18:03 - 2012-02-14 19:37 - 00594432 _____ (Realtek Semiconductor Corp. ) C:\windows\system32\Rtlihvs.dll
2014-12-12 17:59 - 2014-12-12 17:59 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WinBatch
2014-12-12 07:12 - 2014-12-12 07:12 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-12-12 07:10 - 2014-12-12 19:48 - 00000382 _____ () C:\TMachInfo.log
2014-12-12 07:10 - 2014-12-12 07:10 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-12-12 07:10 - 2014-12-12 07:10 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-12-12 06:53 - 2014-12-12 07:09 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\IObit
2014-12-12 06:45 - 2014-12-12 06:45 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Toshiba
2014-12-12 06:45 - 2014-12-12 06:45 - 00000000 ____D () C:\Users\Admin\AppData\Local\SRS Labs
2014-12-12 06:43 - 2014-12-13 14:18 - 00109296 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-12 06:43 - 2014-12-12 06:44 - 00000000 ____D () C:\Users\Admin\AppData\Local\TOSHIBA
2014-12-12 06:42 - 2014-12-12 06:42 - 00001424 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-12 06:42 - 2014-12-12 06:42 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-12-12 06:42 - 2014-12-12 06:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2014-12-12 06:40 - 2014-12-12 06:40 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-12-12 06:40 - 2014-12-12 06:40 - 00000000 ____D () C:\Users\Admin\AppData\Local\Symantec
2014-12-12 06:39 - 2014-12-12 06:42 - 00000000 ____D () C:\Users\Admin
2014-12-12 06:39 - 2014-12-12 06:39 - 00000020 ___SH () C:\Users\Admin\ntuser.ini
2014-12-12 06:39 - 2013-09-10 13:19 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help
2014-12-12 06:39 - 2012-04-18 04:07 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia
2014-12-12 06:39 - 2009-07-13 23:54 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-12 06:39 - 2009-07-13 23:49 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-10 01:23 - 2014-12-10 01:23 - 11222744 _____ (SurfRight B.V.) C:\Users\Phil\Downloads\hitmanpro_x64.exe
2014-12-09 19:47 - 2014-12-09 19:47 - 00000000 ____D () C:\windows\Sun
2014-12-09 19:45 - 2014-12-09 19:38 - 00895912 _____ (Oracle Corporation) C:\windows\SysWOW64\npdeployJava1.dll
2014-12-09 19:45 - 2014-12-09 19:38 - 00816552 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2014-12-09 19:45 - 2014-12-09 19:38 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-12-09 19:45 - 2014-12-09 19:38 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-12-09 19:45 - 2014-12-09 19:38 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-12-09 19:41 - 2014-12-09 19:38 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-09 19:40 - 2014-12-09 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-09 19:36 - 2014-12-09 19:36 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-09 19:33 - 2014-12-09 19:33 - 00638888 _____ (Oracle Corporation) C:\Users\Phil\Downloads\chromeinstall-8u25.exe
2014-12-09 19:03 - 2014-12-12 06:28 - 00007609 _____ () C:\Users\Phil\AppData\Local\Resmon.ResmonCfg
2014-12-09 16:24 - 2014-12-09 16:24 - 77447168 _____ () C:\windows\system32\config\SOFTWARE.iobit
2014-12-09 16:24 - 2014-12-09 16:24 - 00294912 _____ () C:\windows\system32\config\DEFAULT.iobit
2014-12-09 16:24 - 2014-12-09 16:24 - 00057344 _____ () C:\windows\system32\config\SAM.iobit
2014-12-09 16:24 - 2014-12-09 16:24 - 00028672 _____ () C:\windows\system32\config\SECURITY.iobit
2014-12-09 13:31 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_7.dll
2014-12-09 13:31 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_7.dll
2014-12-09 13:31 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_7.dll
2014-12-09 13:31 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_7.dll
2014-12-09 13:31 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_5.dll
2014-12-09 13:31 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_5.dll
2014-12-09 13:31 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
2014-12-09 13:31 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll
2014-12-09 13:31 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_43.dll
2014-12-09 13:31 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_43.dll
2014-12-09 13:31 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_43.dll
2014-12-09 13:31 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_43.dll
2014-12-09 13:31 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll
2014-12-09 13:31 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_43.dll
2014-12-09 13:31 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
2014-12-09 13:31 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll
2014-12-09 13:31 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_6.dll
2014-12-09 13:31 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_6.dll
2014-12-09 13:31 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_6.dll
2014-12-09 13:31 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_6.dll
2014-12-09 13:31 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_4.dll
2014-12-09 13:31 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_4.dll
2014-12-09 13:31 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_7.dll
2014-12-09 13:31 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_7.dll
2014-12-09 13:31 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_5.dll
2014-12-09 13:31 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_5.dll
2014-12-09 13:31 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_5.dll
2014-12-09 13:31 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_3.dll
2014-12-09 13:31 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_42.dll
2014-12-09 13:31 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_42.dll
2014-12-09 13:31 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_42.dll
2014-12-09 13:31 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_42.dll
2014-12-09 13:31 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_42.dll
2014-12-09 13:31 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll
2014-12-09 13:31 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_42.dll
2014-12-09 13:31 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_42.dll
2014-12-09 13:31 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_4.dll
2014-12-09 13:31 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_4.dll
2014-12-09 13:31 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_4.dll
2014-12-09 13:31 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_4.dll
2014-12-09 13:31 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_6.dll
2014-12-09 13:31 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_6.dll
2014-12-09 13:31 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll
2014-12-09 13:31 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_41.dll
2014-12-09 13:31 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_41.dll
2014-12-09 13:31 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_41.dll
2014-12-09 13:31 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_3.dll
2014-12-09 13:31 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_3.dll
2014-12-09 13:31 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_3.dll
2014-12-09 13:31 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_3.dll
2014-12-09 13:31 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_2.dll
2014-12-09 13:31 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_2.dll
2014-12-09 13:31 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_5.dll
2014-12-09 13:31 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_5.dll
2014-12-09 13:31 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_40.dll
2014-12-09 13:31 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_40.dll
2014-12-09 13:31 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_40.dll
2014-12-09 13:31 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_40.dll
2014-12-09 13:31 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_40.dll
2014-12-09 13:31 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_40.dll
2014-12-09 13:31 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_2.dll
2014-12-09 13:31 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_2.dll
2014-12-09 13:31 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_1.dll
2014-12-09 13:31 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll
2014-12-09 13:31 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_2.dll
2014-12-09 13:31 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll
2014-12-09 13:31 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll
2014-12-09 13:31 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_39.dll
2014-12-09 13:31 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll
2014-12-09 13:31 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_39.dll
2014-12-09 13:31 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll
2014-12-09 13:31 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_39.dll
2014-12-09 13:31 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2014-12-09 13:31 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2014-12-09 13:31 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2014-12-09 13:31 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2014-12-09 13:31 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2014-12-09 13:31 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2014-12-09 13:31 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2014-12-09 13:31 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2014-12-09 13:31 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2014-12-09 13:31 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2014-12-09 13:31 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2014-12-09 13:31 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2014-12-09 13:31 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2014-12-09 13:31 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2014-12-09 13:31 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2014-12-09 13:31 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2014-12-09 13:31 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2014-12-09 13:31 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2014-12-09 13:31 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2014-12-09 13:31 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2014-12-09 13:31 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2014-12-09 13:31 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2014-12-09 13:31 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2014-12-09 13:31 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2014-12-09 13:31 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2014-12-09 13:31 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2014-12-09 13:31 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
2014-12-09 13:31 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll
2014-12-09 13:31 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
2014-12-09 13:31 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll
2014-12-09 13:31 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
2014-12-09 13:31 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll
2014-12-09 13:31 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
2014-12-09 13:31 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll
2014-12-09 13:31 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
2014-12-09 13:31 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll
2014-12-09 13:31 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll
2014-12-09 13:31 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_9.dll
2014-12-09 13:31 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
2014-12-09 13:31 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_35.dll
2014-12-09 13:31 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll
2014-12-09 13:31 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_35.dll
2014-12-09 13:31 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll
2014-12-09 13:31 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_35.dll
2014-12-09 13:31 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll
2014-12-09 13:31 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_8.dll
2014-12-09 13:31 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll
2014-12-09 13:31 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_34.dll
2014-12-09 13:31 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll
2014-12-09 13:31 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_34.dll
2014-12-09 13:31 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll
2014-12-09 13:31 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_34.dll
2014-12-09 13:31 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll
2014-12-09 13:31 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_7.dll
2014-12-09 13:31 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll
2014-12-09 13:31 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll
2014-12-09 13:31 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll
2014-12-09 13:31 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_33.dll
2014-12-09 13:31 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll
2014-12-09 13:31 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll
2014-12-09 13:31 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll
2014-12-09 13:31 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_33.dll
2014-12-09 13:31 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll
2014-12-09 13:31 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_6.dll
2014-12-09 13:30 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll
2014-12-09 13:30 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_1.dll
2014-12-09 13:30 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_5.dll
2014-12-09 13:30 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll
2014-12-09 13:30 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10.dll
2014-12-09 13:30 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10.dll
2014-12-09 13:30 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
2014-12-09 13:30 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll
2014-12-09 13:30 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_4.dll
2014-12-09 13:30 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll
2014-12-09 13:30 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll
2014-12-09 13:30 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll
2014-12-09 13:30 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_3.dll
2014-12-09 13:30 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_2.dll
2014-12-09 13:30 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_2.dll
2014-12-09 13:30 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll
2014-12-09 13:30 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_30.dll
2014-12-09 13:30 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_30.dll
2014-12-09 13:30 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_1.dll
2014-12-09 13:30 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_1.dll
2014-12-09 13:30 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\windows\system32\xinput1_1.dll
2014-12-09 13:30 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_1.dll
2014-12-09 13:30 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll
2014-12-09 13:30 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_29.dll
2014-12-09 13:30 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll
2014-12-09 13:30 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_0.dll
2014-12-09 13:30 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_0.dll
2014-12-09 13:30 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_0.dll
2014-12-09 13:30 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll
2014-12-09 13:30 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_28.dll
2014-12-09 13:30 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2014-12-09 13:30 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2014-12-09 13:30 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll
2014-12-09 13:30 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_26.dll
2014-12-09 13:30 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll
2014-12-09 13:30 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_25.dll
2014-12-09 13:30 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll
2014-12-09 13:30 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_24.dll
2014-12-09 13:26 - 2014-12-09 19:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-09 13:25 - 2014-12-09 13:25 - 00011944 _____ (Advanced Micro Devices Inc.) C:\windows\system32\Drivers\amdide64.sys
2014-12-09 13:22 - 2014-12-09 13:22 - 01959128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2014-12-09 13:21 - 2014-12-09 13:22 - 02834648 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2014-12-09 13:21 - 2014-12-09 13:21 - 03962840 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2014-12-09 13:21 - 2014-12-09 13:21 - 02800344 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RltkAPO64.dll
2014-12-09 13:21 - 2014-12-09 13:21 - 02770976 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2014-12-09 13:21 - 2014-12-09 13:21 - 01286872 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2014-12-09 13:21 - 2014-12-09 13:21 - 01099203 _____ () C:\windows\system32\Drivers\RTAIODAT.DAT
2014-12-09 13:21 - 2014-12-09 13:21 - 01022168 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2014-12-09 13:21 - 2014-12-09 13:21 - 00948952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2014-12-09 13:21 - 2014-12-09 13:21 - 00628952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2014-12-09 13:21 - 2014-12-09 13:21 - 00209096 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2014-12-09 13:21 - 2014-12-09 13:21 - 00113576 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-12-09 13:21 - 2014-12-09 13:21 - 00108640 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
2014-12-09 13:19 - 2014-12-09 13:19 - 00110080 _____ (Advanced Micro Devices) C:\windows\system32\DelayAPO.dll
2014-12-09 13:19 - 2014-12-09 13:19 - 00094720 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\AtihdW76.sys
2014-12-09 13:17 - 2012-08-14 11:20 - 01148048 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys
2014-12-09 13:14 - 2014-12-09 13:14 - 00941784 _____ (Realtek ) C:\windows\system32\Drivers\Rt64win7.sys
2014-12-09 13:14 - 2014-12-09 13:14 - 00107552 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RTNUninst64.dll
2014-12-09 13:14 - 2014-12-09 13:14 - 00073800 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-12-09 13:12 - 2014-12-09 13:12 - 09890008 _____ (Realtek Semiconductor Corp.) C:\windows\SysWOW64\RsCRIcon.dll
2014-12-09 13:12 - 2014-12-09 13:12 - 00272600 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RtsUStor.sys
2014-12-09 13:11 - 2014-12-09 13:11 - 00106816 _____ (Advanced Micro Devices, INC.) C:\windows\system32\Drivers\amdhub30.sys
2014-12-09 12:42 - 2014-12-09 13:09 - 00227648 _____ (Advanced Micro Devices, INC.) C:\windows\system32\Drivers\amdxhc.sys
2014-12-09 12:34 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-12-09 12:34 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-12-09 12:34 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-12-09 12:34 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-12-09 12:33 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-12-09 12:33 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-12-09 12:33 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-12-09 12:33 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-12-09 12:33 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-12-09 12:33 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-12-09 12:32 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-12-09 12:32 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-12-09 12:32 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-12-09 12:32 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-12-09 12:29 - 2014-12-09 12:29 - 00002884 _____ () C:\windows\System32\Tasks\Uninstaller_SkipUac_Phil
2014-12-09 12:29 - 2014-12-09 12:29 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\ProductData
2014-12-09 12:28 - 2014-12-09 12:28 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2014-12-09 12:26 - 2014-12-09 12:26 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-12-09 12:26 - 2014-12-09 12:26 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Apple Computer
2014-12-09 12:23 - 2014-12-19 15:22 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-09 12:20 - 2014-12-20 18:13 - 00000000 ____D () C:\ProgramData\IObit
2014-12-09 12:20 - 2014-12-10 01:07 - 00002852 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (Phil)
2014-12-09 12:20 - 2014-12-09 12:28 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\IObit
2014-12-09 12:20 - 2014-12-09 12:20 - 00003212 _____ () C:\windows\System32\Tasks\Driver Booster Scan
2014-12-09 12:20 - 2014-12-09 12:20 - 00003156 _____ () C:\windows\System32\Tasks\Driver Booster Update
2014-12-09 12:19 - 2014-12-20 18:10 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-12-09 12:19 - 2014-12-09 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-12-08 14:35 - 2014-12-09 20:18 - 00000045 _____ () C:\windows\SysWOW64\_WKERNEL.SYL
2014-12-08 14:34 - 2014-12-08 14:40 - 00000000 ____D () C:\Program Files (x86)\WinUtilities
2014-12-08 14:34 - 2014-12-08 14:34 - 00001039 _____ () C:\Users\Public\Desktop\WinUtilities.lnk
2014-12-08 14:34 - 2014-12-08 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinUtilities
2014-12-08 14:34 - 2010-07-25 22:23 - 01706800 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdiplus.dll
2014-12-08 14:34 - 2010-07-25 22:23 - 00544768 _____ (Stardock Corporation) C:\windows\SysWOW64\wbocx.ocx
2014-12-08 14:34 - 2010-07-25 22:23 - 00258352 _____ (Microsoft Corporation) C:\windows\SysWOW64\unicows.dll
2014-12-08 14:34 - 2010-07-25 22:23 - 00056496 _____ (Stardock.Net, Inc) C:\windows\SysWOW64\wbhelp2.dll
2014-12-08 14:34 - 2010-07-25 22:23 - 00033968 _____ (Neil Banfield) C:\windows\SysWOW64\anim.dll
2014-12-08 14:34 - 2010-07-25 22:23 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\W95INF32.DLL
2014-12-08 14:34 - 2010-07-25 22:23 - 00002272 _____ (Microsoft Corporation) C:\windows\SysWOW64\W95INF16.DLL
2014-12-08 10:26 - 2014-12-11 22:42 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-12-07 17:26 - 2014-12-22 10:20 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-07 16:56 - 2014-12-09 20:17 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-07 16:56 - 2014-12-07 16:56 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-07 16:56 - 2014-12-07 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-07 16:55 - 2014-12-07 16:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-07 16:55 - 2014-12-07 16:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-07 16:55 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-12-07 16:55 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-12-07 16:55 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-12-07 16:53 - 2014-12-12 06:54 - 00034808 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-12-07 16:52 - 2014-12-07 16:52 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-12-07 16:28 - 2014-12-07 16:28 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Phil\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-07 16:27 - 2014-12-07 16:27 - 15196248 _____ () C:\Users\Phil\Downloads\RogueKiller.exe
2014-12-07 16:23 - 2014-12-12 06:59 - 00000000 ____D () C:\AdwCleaner
2014-12-07 16:23 - 2014-12-07 16:23 - 02153472 _____ () C:\Users\Phil\Downloads\AdwCleaner.exe
2014-12-07 16:23 - 2014-12-07 16:23 - 00000000 _____ () C:\Users\Phil\Downloads\AdwCleaner.exe.5umgnbr.partial

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-22 10:13 - 2014-11-17 08:08 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-22 10:06 - 2014-11-17 08:08 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-22 10:06 - 2013-09-05 16:20 - 01693117 _____ () C:\windows\WindowsUpdate.log
2014-12-22 09:57 - 2014-10-21 17:24 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-12-20 19:11 - 2014-11-12 14:41 - 00006560 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-20 19:11 - 2014-11-12 14:41 - 00006560 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-20 19:09 - 2014-11-12 14:48 - 00006172 _____ () C:\windows\system32\PerfStringBackup.TMP
2014-12-20 19:03 - 2014-11-12 14:37 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-20 12:58 - 2014-08-28 13:52 - 00000000 ____D () C:\windows\Minidump
2014-12-20 02:25 - 2009-07-13 23:45 - 00408136 _____ () C:\windows\system32\FNTCACHE.DAT
2014-12-20 02:04 - 2009-07-13 21:34 - 00000616 _____ () C:\windows\win.ini
2014-12-19 16:06 - 2009-07-14 00:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-12-15 03:06 - 2013-09-10 12:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-15 03:06 - 2013-09-10 12:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-15 03:02 - 2013-09-10 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-14 16:29 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2014-12-14 01:16 - 2014-06-30 17:17 - 00000000 ___HD () C:\Tools
2014-12-13 17:10 - 2014-08-20 18:04 - 00818888 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2014-12-13 17:10 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys
2014-12-13 17:10 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klwtp.sys
2014-12-13 08:28 - 2014-05-07 02:05 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-12-13 08:28 - 2010-11-21 02:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-13 08:28 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\AppCompat
2014-12-13 08:26 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-12-13 08:26 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\Dism
2014-12-13 08:26 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-12-13 07:34 - 2013-09-05 17:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-12 21:21 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\NDF
2014-12-12 19:43 - 2014-06-30 18:11 - 00000000 ____D () C:\windows\pss
2014-12-12 19:11 - 2013-09-05 16:21 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-12-12 18:04 - 2013-09-05 16:34 - 00000000 ____D () C:\Program Files (x86)\Realtek WLAN Driver
2014-12-12 06:12 - 2014-11-04 10:44 - 00002194 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-09 19:26 - 2012-04-18 04:08 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 19:26 - 2012-04-18 04:08 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 19:26 - 2012-04-18 04:08 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 16:54 - 2012-04-18 03:32 - 00000000 ____D () C:\windows\Panther
2014-12-09 13:28 - 2013-09-12 15:31 - 00000000 ____D () C:\Users\Phil\AppData\Local\Adobe
2014-12-09 13:28 - 2013-09-06 10:39 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Adobe
2014-12-09 13:23 - 2013-09-05 16:26 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2014-12-08 15:28 - 2013-09-05 17:24 - 00000000 ____D () C:\Users\Phil\AppData\Local\CrashDumps
2014-12-08 12:34 - 2013-09-05 16:16 - 00000000 ____D () C:\Users\Phil
2014-11-24 14:04 - 2010-11-20 22:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Phil\AppData\Local\Temp\Quarantine.exe
C:\Users\Phil Borneman\AppData\Local\Temp\CLKAMI.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-15 00:04

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2014 01
Ran by Phil Borneman at 2014-12-22 10:57:38
Running from C:\Users\Phil Borneman\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{EEB4B649-8EAB-508E-1043-0FCA9091D6F6}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Connect to an OMG Technician 855-316-8324 (HKLM-x32\...\{A22B8513-EA8C-46A1-9735-F5BE971C368D}) (Version: 7.4.515 - LogMeIn, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
OMG Toolkit version 5.26 (HKLM-x32\...\{B3D8C0B8-4D33-4191-A3C1-65D8B2A11840}_is1) (Version: 5.26 - OMG Tech Help)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Premium Sound HD (HKLM\...\{3007FF9F-5B2C-41FF-8BFC-08BF25DB2681}) (Version: 1.12.1800 - SRS Labs, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.4 - Sophos Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.38.2 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.1 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{C31337DE-0CDC-45A9-9A32-F099AC78D557}) (Version: 3.0.9490 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{C9C56642-9AAB-4267-9454-36FF1CC59168}) (Version: 1.3.11.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.18.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{2FD5D2C5-A7A1-4065-89BA-90542BF7CCD3}) (Version: 2.00.0020 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.12 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.17.38 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.5 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.7 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.15.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.6.52020009 - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.3.03 - TOSHIBA Corporation)
Toshiba Security Dashboard (HKLM-x32\...\ToshibaSD) (Version: 1.0.0.48 - Symantec Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.0022.000104 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\{119826A8-4EF6-4BE5-A88B-D2D81FA7CEE2}) (Version: 2.00.0009 - TOSHIBA)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0023.640204 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.33 - TOSHIBA Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.9 - TOSHIBA)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinUtilities Free Edition 11.27 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043010}_is1) (Version: 11.27 - YL Computing, Inc)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-667345152-2384861562-3348176582-1004_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\lsmproxy.dll (Microsoft Corporation)

==================== Restore Points  =========================

14-12-2014 02:38:50 Windows Update
15-12-2014 03:00:16 Windows Update
19-12-2014 14:11:49 Windows Update
19-12-2014 15:05:25 Windows Update
19-12-2014 15:42:59 Windows Update
20-12-2014 13:44:16 Checkpoint by HitmanPro

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-12-20 13:18 - 00450796 ___RA C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F890451-0349-49EB-B658-77EC019AC661} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {11B4F109-31AE-4D6F-84A4-C8E345FB0155} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {23877180-386B-4623-9154-C622C8CFF252} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {3E9E7ED9-8A4F-48C4-8A6C-A31ADFE2007A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {4576FC4C-D4C9-426C-8591-33F8B3A71F22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {46DC1D4F-6A13-4F69-9174-44243F942947} - System32\Tasks\Driver Booster SkipUAC (Phil) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-11-27] (IObit)
Task: {4BE8DFC1-326B-4563-B83A-F14DF35D527F} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-10-08] (IObit)
Task: {61FF8405-B3E6-485F-B6E8-CFCC13391D38} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {812F0178-372F-47A9-B456-1AFA58BDD7CF} - System32\Tasks\Uninstaller_SkipUac_Phil => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {9D90F0C8-DD5C-466D-8329-E29070CE4072} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {A4B22DB9-21F3-401D-8F81-4AB63F1DA859} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {E7BAEA7A-9D74-4B87-A537-8404E1B479E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {E9FB4FB2-39FC-481A-BBD4-6134419E9EC9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {FA35FD62-347F-4DBB-87D0-3C02322A37B0} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-10-13] (IObit)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\RegCure Pro_sch_DD867A9C-826F-11E4-9C22-4C72B92D6028.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTION
Task: C:\windows\Tasks\Uninstaller_SkipUac_Admin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 16:38 - 2010-09-09 19:26 - 00162824 _____ () C:\Windows\System32\GFNEXSrv.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-08-22 17:19 - 2011-08-22 17:19 - 11204992 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2010-12-15 17:19 - 2010-12-15 17:19 - 00124320 _____ () C:\Program Files\Toshiba\TECO\MUIHelp.dll
2012-02-24 16:35 - 2012-02-24 16:35 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2014-12-20 12:26 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-12-20 12:26 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-12-20 12:26 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-12-20 18:10 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2014-12-20 18:10 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2014-12-20 18:10 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-12-20 18:10 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2014-12-20 18:10 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2014-12-20 18:13 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2014-12-20 18:10 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2014-12-09 12:26 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2014-12-09 12:26 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2014-12-09 12:26 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\17364012.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\17364012.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-667345152-2384861562-3348176582-500 - Administrator - Disabled)
Guest (S-1-5-21-667345152-2384861562-3348176582-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-667345152-2384861562-3348176582-1002 - Limited - Enabled)
Phil Borneman (S-1-5-21-667345152-2384861562-3348176582-1004 - Administrator - Enabled) => C:\Users\Phil Borneman

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/20/2014 07:09:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/20/2014 07:09:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/20/2014 07:09:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17496 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1b64

Start Time: 01d01cb2443ddfa5

Termination Time: 57

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/20/2014 07:06:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17496 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1444

Start Time: 01d01cb1c384d38e

Termination Time: 10

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/20/2014 06:41:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Faulting module name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Exception code: 0xc0000005
Fault offset: 0x000040cd
Faulting process id: 0x550
Faulting application start time: 0xRootkitRevealer.exe0
Faulting application path: RootkitRevealer.exe1
Faulting module path: RootkitRevealer.exe2
Report Id: RootkitRevealer.exe3

Error: (12/20/2014 06:28:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/20/2014 06:28:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/20/2014 03:52:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/20/2014 03:52:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/20/2014 03:17:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

System errors:
=============
Error: (12/21/2014 00:45:28 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.

Error: (12/21/2014 00:41:35 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.

Error: (12/20/2014 11:33:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.

Error: (12/20/2014 07:05:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/20/2014 07:04:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (12/20/2014 07:04:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (12/20/2014 07:04:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (12/20/2014 07:04:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (12/20/2014 06:41:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (12/20/2014 06:41:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (12/20/2014 07:09:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 0098020000002D010000

Error: (12/20/2014 07:09:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 009120200000000000000AF000000

Error: (12/20/2014 07:09:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.174961b6401d01cb2443ddfa557C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/20/2014 07:06:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17496144401d01cb1c384d38e10C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/20/2014 06:41:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RootkitRevealer.exe1.71.0.044e255aaRootkitRevealer.exe1.71.0.044e255aac0000005000040cd55001d01cae7e411645C:\Users\Phil Borneman\AppData\Local\Temp\Temp1_RootkitRevealer.zip\RootkitRevealer.exeC:\Users\Phil Borneman\AppData\Local\Temp\Temp1_RootkitRevealer.zip\RootkitRevealer.exec6319052-88a1-11e4-8f3b-4c72b92d6028

Error: (12/20/2014 06:28:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 0098020000002D010000

Error: (12/20/2014 06:28:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 009120200000000000000AF000000

Error: (12/20/2014 03:52:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 0098020000002D010000

Error: (12/20/2014 03:52:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 009120200000000000000AF000000

Error: (12/20/2014 03:17:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 0098020000002D010000

CodeIntegrity Errors:
===================================
  Date: 2014-12-20 22:30:47.403
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-20 22:30:47.403
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-20 21:06:03.865
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-20 21:06:03.865
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-14 16:10:45.183
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-14 16:10:45.152
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-14 16:08:50.351
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-14 16:08:50.320
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-14 14:54:10.643
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-14 14:54:09.333
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD A6-4400M APU with Radeon™ HD Graphics
Percentage of memory in use: 47%
Total physical RAM: 3558.37 MB
Available physical RAM: 1876 MB
Total Pagefile: 7114.91 MB
Available Pagefile: 4630.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (TI106426W0A) (Fixed) (Total:581.16 GB) (Free:464.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 68E5EEC5)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=581.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.5 GB) - (Type=17)

==================== End Of Log ============================



BC AdBot (Login to Remove)

 


m



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users