Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware suspected. Please Help


  • This topic is locked This topic is locked
12 replies to this topic

#1 nazatul

nazatul

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 23 January 2015 - 09:22 AM

Hi, i have run FRST64 and have this in registry

 

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

and in chrome 

 

CHR dev: Chrome dev build detected! <======= ATTENTION

 

Do i have infected PC? Please Help..i will provide with FRST and Addition log if requested

 

TQ



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,684 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:10:18 PM

Posted 23 January 2015 - 05:46 PM

Hi nazatul,

 

Please post the entire FRST log and the additon txt also, and we will go from there.


How Can I Reduce My Risk to Malware?


#3 nazatul

nazatul
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 23 January 2015 - 08:10 PM

Thanks for replying to this thread..here are the logs u requested. 

 

FRST log

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Intan (administrator) on INTAN-PC on 23-01-2015 21:43:41
Running from C:\Users\Intan\Desktop
Loaded Profiles: Intan (Available profiles: Intan)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(GCT Semiconductor, Inc.) C:\Program Files (x86)\Yes\Connect\GCTWiMaxServiceD.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(YTL Communications) C:\Program Files (x86)\Yes\Connect\Connect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7138816 2015-01-20] (Broadcom Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2868496 2012-02-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3990567071-1084108826-403945762-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-my/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3990567071-1084108826-403945762-1000 -> DefaultScope {78D5897F-4D8C-4626-8794-9F80AB6B9D8C} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3990567071-1084108826-403945762-1000 -> {78D5897F-4D8C-4626-8794-9F80AB6B9D8C} URL = https://www.google.com/search?q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 183.78.0.142 183.78.0.145
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Intan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Intan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-20]
CHR Extension: (Google Docs) - C:\Users\Intan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-20]
CHR Extension: (Google Drive) - C:\Users\Intan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Intan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-20]
CHR Extension: (YouTube) - C:\Users\Intan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-20]
CHR Extension: (Adblock Plus) - C:\Users\Intan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-23]
CHR Extension: (Google Search) - C:\Users\Intan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-20]
CHR Extension: (Google Sheets) - C:\Users\Intan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-20]
CHR Extension: (Google Wallet) - C:\Users\Intan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-20]
CHR Extension: (Gmail) - C:\Users\Intan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-20]
CHR Extension: (unIsaleess) - C:\ProgramData\dhggokfilpabnokncihjodlbjhnmikmd\ [2015-01-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 GCTWiMaxServiceD; C:\Program Files (x86)\Yes\Connect\GCTWiMaxServiceD.exe [573600 2014-10-01] (GCT Semiconductor, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5824512 2015-01-20] (Broadcom Corporation) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 GDMINIT; C:\Windows\System32\DRIVERS\gdminit.sys [32768 2014-06-24] (GCT Semiconductor)
R3 GdmUWm; C:\Windows\System32\DRIVERS\gdmuwm.sys [111104 2014-06-24] (GCT Semiconductor, Inc.)
R2 GdmWmPrt; C:\Windows\System32\DRIVERS\gdmwmprt.sys [32768 2014-06-24] (GCT Semiconductor, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-02-14] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-01-21] ()
S3 cpuz134; \??\C:\Users\Intan\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-23 21:43 - 2015-01-23 21:44 - 00010483 _____ () C:\Users\Intan\Desktop\FRST.txt
2015-01-23 21:43 - 2015-01-23 21:43 - 00000000 ____D () C:\FRST
2015-01-23 21:39 - 2015-01-23 21:39 - 02126848 _____ (Farbar) C:\Users\Intan\Desktop\FRST64.exe
2015-01-23 21:34 - 2015-01-23 21:36 - 00001857 _____ () C:\DelFix.txt
2015-01-23 21:34 - 2015-01-23 21:34 - 00000000 ____D () C:\Windows\ERUNT
2015-01-23 21:15 - 2015-01-23 21:15 - 00000378 _____ () C:\Windows\PFRO.log
2015-01-23 20:33 - 2015-01-23 20:33 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-23 20:33 - 2015-01-23 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-23 20:33 - 2015-01-23 20:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-23 20:33 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-23 20:33 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-23 20:30 - 2015-01-23 20:31 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Intan\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-23 19:43 - 2015-01-23 21:16 - 00000168 _____ () C:\Windows\setupact.log
2015-01-23 19:41 - 2015-01-23 19:41 - 00000000 ____D () C:\Windows\pss
2015-01-23 19:35 - 2015-01-23 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-01-23 19:33 - 2015-01-23 19:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-01-23 19:32 - 2015-01-23 19:32 - 00000000 ____D () C:\Windows\PCHEALTH
2015-01-23 19:32 - 2015-01-23 19:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2015-01-23 19:30 - 2015-01-23 19:30 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-23 19:30 - 2015-01-23 19:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2015-01-23 19:29 - 2015-01-23 19:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-23 19:29 - 2015-01-23 19:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-23 19:29 - 2015-01-23 19:29 - 00000000 ____D () C:\Users\Intan\AppData\Local\Microsoft Help
2015-01-23 19:28 - 2015-01-23 19:28 - 00000000 __RHD () C:\MSOCache
2015-01-23 12:53 - 2015-01-23 19:56 - 00067804 _____ () C:\Users\Intan\AppData\Roaming\ICARE.LOG
2015-01-23 12:17 - 2015-01-23 18:47 - 00000000 ____D () C:\ProgramData\{d62fd664-0b4b-0860-d62f-fd6640b45990}
2015-01-23 12:16 - 2015-01-23 12:16 - 00000000 ____D () C:\ProgramData\523b19af00002844
2015-01-23 12:14 - 2014-12-13 13:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-23 12:14 - 2014-12-13 11:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-23 12:10 - 2015-01-23 12:10 - 00000000 ____D () C:\ProgramData\dhggokfilpabnokncihjodlbjhnmikmd
2015-01-23 12:10 - 2015-01-23 12:10 - 00000000 ____D () C:\ProgramData\5457405597257962480
2015-01-23 12:10 - 2015-01-23 12:10 - 00000000 ____D () C:\Program Files (x86)\unIsaleess
2015-01-23 12:08 - 2015-01-23 12:08 - 00000000 ____D () C:\ProgramData\{015d5a94-011a-a5b7-015d-d5a940116a50}
2015-01-23 11:00 - 2015-01-23 11:00 - 00003266 _____ () C:\Windows\System32\Tasks\{6201D78C-F698-436A-917E-ED7E37A21761}
2015-01-21 23:42 - 2015-01-22 16:55 - 00000165 _____ () C:\Windows\Reimage.ini
2015-01-21 22:15 - 2015-01-21 22:15 - 00000000 ____D () C:\Users\Intan\AppData\Local\Microsoft Games
2015-01-21 21:23 - 2014-06-27 10:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-01-21 21:23 - 2014-06-27 09:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-01-21 21:20 - 2014-11-22 10:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-21 21:20 - 2014-06-24 11:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-21 21:20 - 2014-06-24 10:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-01-21 21:15 - 2014-07-09 10:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-21 21:15 - 2014-07-09 10:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-21 21:15 - 2014-07-09 10:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-21 21:15 - 2014-07-09 10:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-21 21:15 - 2014-07-09 10:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-21 21:15 - 2014-07-09 09:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-01-21 21:15 - 2014-07-09 09:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-01-21 21:15 - 2014-07-09 09:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-01-21 21:15 - 2014-07-09 09:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-01-21 21:15 - 2014-07-09 09:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-01-21 21:15 - 2014-07-09 06:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-21 21:15 - 2014-07-09 06:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2015-01-21 21:15 - 2013-11-26 16:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-01-21 21:15 - 2013-11-24 02:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-01-21 21:15 - 2013-11-24 01:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-01-21 21:15 - 2013-11-23 06:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-01-21 18:24 - 2015-01-23 21:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-21 18:24 - 2015-01-23 20:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-21 18:24 - 2015-01-21 18:42 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-21 10:12 - 2015-01-21 10:12 - 00000000 __SHD () C:\Users\Intan\AppData\Local\EmieUserList
2015-01-21 10:12 - 2015-01-21 10:12 - 00000000 __SHD () C:\Users\Intan\AppData\Local\EmieSiteList
2015-01-21 10:12 - 2015-01-21 10:12 - 00000000 __SHD () C:\Users\Intan\AppData\Local\EmieBrowserModeList
2015-01-21 09:05 - 2015-01-21 09:05 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-01-21 09:05 - 2015-01-21 09:05 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-01-21 09:04 - 2015-01-23 21:21 - 01729358 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 09:03 - 2015-01-21 09:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-01-21 09:01 - 2015-01-20 17:16 - 00000000 ____D () C:\Windows\Panther
2015-01-21 08:52 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-21 08:00 - 2015-01-21 08:00 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-01-21 01:39 - 2015-01-21 01:39 - 00001979 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Connect.lnk
2015-01-21 01:39 - 2015-01-21 01:39 - 00001973 _____ () C:\Users\Public\Desktop\Connect.lnk
2015-01-21 01:39 - 2015-01-21 01:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yes
2015-01-21 01:38 - 2015-01-21 01:38 - 00000000 ____D () C:\Program Files (x86)\Yes
2015-01-21 01:38 - 2014-06-24 16:01 - 00111104 _____ (GCT Semiconductor, Inc.) C:\Windows\system32\Drivers\gdmuwm.sys
2015-01-21 01:38 - 2014-06-24 16:01 - 00032768 _____ (GCT Semiconductor, Inc.) C:\Windows\system32\Drivers\gdmwmprt.sys
2015-01-21 01:38 - 2014-06-24 16:01 - 00032768 _____ (GCT Semiconductor) C:\Windows\system32\Drivers\gdminit.sys
2015-01-21 01:36 - 2015-01-21 01:37 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-21 01:35 - 2015-01-21 01:35 - 00000000 ____D () C:\Users\Intan\AppData\Roaming\Yes
2015-01-21 01:12 - 2015-01-21 01:25 - 00000000 ____D () C:\Windows\Minidump
2015-01-20 22:43 - 2015-01-20 22:56 - 28376848 _____ (YTL Communications) C:\Users\Intan\Downloads\Connect_Installer.exe
2015-01-20 22:08 - 2015-01-20 22:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-01-20 22:08 - 2015-01-20 22:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_01009.Wdf
2015-01-20 22:08 - 2015-01-20 22:08 - 00000000 ____D () C:\Program Files\Synaptics
2015-01-20 21:55 - 2015-01-20 21:55 - 00000000 ____D () C:\Users\Intan\AppData\Roaming\AVG2015
2015-01-20 21:54 - 2015-01-20 21:54 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-20 21:54 - 2015-01-20 21:54 - 00000000 ____D () C:\Users\Intan\AppData\Roaming\TuneUp Software
2015-01-20 21:54 - 2015-01-20 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-20 21:53 - 2015-01-20 21:55 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-20 21:53 - 2015-01-20 21:53 - 00000000 ___HD () C:\$AVG
2015-01-20 21:52 - 2015-01-20 21:52 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-20 21:50 - 2015-01-23 19:19 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-20 21:50 - 2015-01-20 22:17 - 00000000 ____D () C:\Users\Intan\AppData\Local\Avg2015
2015-01-20 21:50 - 2015-01-20 21:50 - 00000000 ____D () C:\Users\Intan\AppData\Local\MFAData
2015-01-20 21:49 - 2015-01-20 21:49 - 04637504 _____ (AVG Technologies) C:\Users\Intan\Downloads\avg_free_stb_all_2015_5557_cnet.exe
2015-01-20 21:40 - 2015-01-20 21:40 - 00000000 ____D () C:\Windows\SysWOW64\sda
2015-01-20 21:40 - 2012-02-01 17:06 - 09888872 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsBaStorIcon.dll
2015-01-20 21:40 - 2012-02-01 17:06 - 00292968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsBaStor.sys
2015-01-20 21:37 - 2015-01-20 21:37 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-01-20 21:36 - 2015-01-20 21:36 - 04961800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcredist_x64.exe
2015-01-20 21:36 - 2015-01-20 21:36 - 04746304 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS
2015-01-20 21:36 - 2015-01-20 21:36 - 04659712 _____ (Broadcom Corporation) C:\Windows\system32\bcmttls.dll
2015-01-20 21:36 - 2015-01-20 21:36 - 03952640 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2015-01-20 21:36 - 2015-01-20 21:36 - 03617792 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2015-01-20 21:36 - 2015-01-20 21:36 - 03215280 _____ (Microsoft Corporation) C:\Windows\system32\vcredist_x64.exe
2015-01-20 21:36 - 2015-01-20 21:36 - 01047552 _____ (Broadcom Corporation) C:\Windows\system32\BCMLogon.dll
2015-01-20 21:36 - 2015-01-20 21:36 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2015-01-20 21:36 - 2015-01-20 21:36 - 00073728 _____ (Broadcom Corporation) C:\Windows\system32\wltrynt.dll
2015-01-20 21:36 - 2015-01-20 21:36 - 00035344 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2015-01-20 21:36 - 2015-01-20 21:36 - 00022592 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcm42rly.sys
2015-01-20 21:36 - 2015-01-20 21:36 - 00021568 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmvwl64.sys
2015-01-20 21:36 - 2015-01-20 21:36 - 00007168 _____ () C:\Windows\system32\demandService.exe
2015-01-20 21:36 - 2015-01-20 21:36 - 00006656 _____ () C:\Windows\system32\bcmwlrc.dll
2015-01-20 21:36 - 2015-01-20 21:36 - 00000471 _____ () C:\Windows\system32\vcredist_x64.bat
2015-01-20 21:36 - 2015-01-20 21:36 - 00000446 _____ () C:\Windows\SysWOW64\vcredist_x64.bat
2015-01-20 21:36 - 2015-01-20 21:36 - 00000000 ____D () C:\Program Files\Broadcom
2015-01-20 21:34 - 2012-03-16 21:02 - 00685672 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-01-20 21:34 - 2012-03-16 21:02 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-01-20 21:34 - 2012-03-16 21:02 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-01-20 21:31 - 2015-01-20 21:31 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-20 21:30 - 2015-01-20 21:40 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-20 21:30 - 2015-01-20 21:31 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-01-20 21:30 - 2015-01-20 21:30 - 00000000 ____D () C:\Program Files\Realtek
2015-01-20 21:30 - 2012-03-01 19:24 - 00115524 _____ () C:\Windows\system32\Drivers\RtPCEE4.DAT
2015-01-20 21:30 - 2012-02-29 14:35 - 02729472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-01-20 21:30 - 2012-02-29 14:02 - 04757608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-01-20 21:30 - 2012-02-29 11:03 - 00238772 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-20 21:30 - 2012-02-23 19:46 - 01251432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-01-20 21:30 - 2012-02-21 22:09 - 02657896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-01-20 21:30 - 2012-02-21 19:45 - 02605400 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2015-01-20 21:30 - 2012-02-21 14:26 - 02528832 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-01-20 21:30 - 2012-02-21 13:35 - 03847272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-01-20 21:30 - 2012-02-17 19:53 - 00102504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-01-20 21:30 - 2012-02-17 15:54 - 00396632 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-01-20 21:30 - 2012-02-14 00:05 - 08363864 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2015-01-20 21:30 - 2012-02-13 22:35 - 00978776 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-01-20 21:30 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-01-20 21:30 - 2012-01-23 22:30 - 00537456 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-01-20 21:30 - 2012-01-23 22:30 - 00524656 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-01-20 21:30 - 2012-01-23 22:30 - 00449392 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-01-20 21:30 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-01-20 21:30 - 2011-12-23 13:30 - 00823912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-01-20 21:30 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-01-20 21:30 - 2011-12-20 05:43 - 00220776 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-01-20 21:30 - 2011-12-18 17:58 - 02131288 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-01-20 21:30 - 2011-12-18 17:58 - 01247576 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2015-01-20 21:30 - 2011-12-15 13:16 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-01-20 21:30 - 2011-12-15 13:16 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-01-20 21:30 - 2011-12-15 13:16 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-01-20 21:30 - 2011-12-15 13:16 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-01-20 21:30 - 2011-12-15 13:16 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-01-20 21:30 - 2011-12-13 16:58 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-01-20 21:30 - 2011-12-13 11:01 - 01698408 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-01-20 21:30 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-01-20 21:30 - 2011-09-26 22:41 - 00000024 _____ () C:\Windows\system32\Drivers\rtkhdaud.dat
2015-01-20 21:30 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-01-20 21:30 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-01-20 21:30 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-01-20 21:30 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-01-20 21:30 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-01-20 21:30 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-01-20 21:30 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-01-20 21:30 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-01-20 21:30 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-01-20 21:30 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-01-20 21:30 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-01-20 21:30 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-01-20 21:30 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-01-20 21:30 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-01-20 21:30 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-01-20 21:30 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-01-20 21:30 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-01-20 21:30 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-01-20 21:30 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-01-20 21:30 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-01-20 21:30 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-01-20 21:30 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-01-20 21:30 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-01-20 21:30 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-01-20 21:30 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-01-20 21:30 - 2010-10-03 13:46 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-01-20 21:30 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-01-20 21:30 - 2010-09-23 17:21 - 00039672 _____ () C:\Windows\system32\Drivers\RtPCEE3.DAT
2015-01-20 21:30 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-01-20 21:30 - 2010-07-22 16:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-01-20 21:30 - 2010-03-22 13:21 - 00247560 _____ () C:\Windows\system32\Drivers\RTConvEQ.dat
2015-01-20 21:30 - 2010-03-22 13:21 - 00001448 _____ () C:\Windows\system32\Drivers\RtHdatEx.dat
2015-01-20 21:30 - 2010-02-11 15:45 - 00000176 _____ () C:\Windows\system32\Drivers\RTHDAEQ1.dat
2015-01-20 21:30 - 2010-01-26 21:52 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX3.dat
2015-01-20 21:30 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-01-20 21:30 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-01-20 21:30 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-01-20 21:30 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-01-20 21:30 - 2009-11-17 18:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-01-20 21:30 - 2008-08-21 13:43 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX2.dat
2015-01-20 21:30 - 2005-06-27 05:29 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX1.dat
2015-01-20 21:30 - 2005-06-27 05:29 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX0.dat
2015-01-20 21:25 - 2011-12-06 15:55 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-01-20 21:20 - 2015-01-20 21:20 - 00000000 ____D () C:\Users\Intan\AppData\Roaming\Intel Corporation
2015-01-20 21:20 - 2015-01-20 21:20 - 00000000 ____D () C:\ProgramData\Intel
2015-01-20 21:18 - 2015-01-20 21:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-20 21:18 - 2015-01-20 21:18 - 00000000 ____D () C:\Users\Intan\AppData\Roaming\InstallShield
2015-01-20 21:18 - 2011-11-29 19:40 - 00568600 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2015-01-20 21:09 - 2015-01-20 21:09 - 00000000 ____D () C:\Users\Intan\AppData\Roaming\Adobe
2015-01-20 21:03 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-01-20 21:00 - 2015-01-20 21:00 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-20 21:00 - 2015-01-20 21:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-20 21:00 - 2015-01-20 21:00 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-20 21:00 - 2015-01-20 21:00 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-20 21:00 - 2015-01-20 21:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-01-20 21:00 - 2015-01-20 21:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-01-20 21:00 - 2015-01-20 21:00 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-20 21:00 - 2015-01-20 21:00 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-01-20 21:00 - 2015-01-20 21:00 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-20 21:00 - 2015-01-20 21:00 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-01-20 21:00 - 2015-01-20 21:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-01-20 21:00 - 2015-01-20 21:00 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-01-20 21:00 - 2015-01-20 21:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-20 20:54 - 2015-01-20 20:54 - 00770556 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-20 20:51 - 2015-01-20 20:52 - 00006283 _____ () C:\Users\Intan\AppData\Local\HWVendorDetection.log
2015-01-20 20:36 - 2014-11-11 11:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-20 20:36 - 2014-11-11 10:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-20 20:19 - 2015-01-20 20:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-20 20:19 - 2015-01-20 20:19 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-20 19:53 - 2013-05-10 13:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-01-20 19:53 - 2013-05-10 13:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-01-20 19:53 - 2013-05-10 12:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-01-20 19:53 - 2013-05-10 12:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-01-20 19:42 - 2015-01-20 19:42 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-01-20 19:34 - 2015-01-20 21:25 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-20 19:34 - 2015-01-20 19:34 - 00000000 ____D () C:\Intel
2015-01-20 18:44 - 2014-10-18 10:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-20 18:44 - 2014-10-18 09:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-20 18:44 - 2014-07-07 10:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-20 18:44 - 2014-07-07 10:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-20 18:44 - 2014-07-07 10:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-20 18:44 - 2014-07-07 10:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-20 18:44 - 2014-07-07 09:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-01-20 18:44 - 2014-07-07 09:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-01-20 18:44 - 2014-07-07 09:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-01-20 18:44 - 2014-07-07 09:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-01-20 18:42 - 2012-07-26 11:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-01-20 18:42 - 2012-07-26 11:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-01-20 18:42 - 2012-07-26 11:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-01-20 18:42 - 2012-07-26 11:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-01-20 18:42 - 2012-07-26 11:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-01-20 18:42 - 2012-07-26 10:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-01-20 18:42 - 2012-07-26 10:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-01-20 18:42 - 2012-06-02 22:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-01-20 18:29 - 2015-01-20 18:32 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-20 18:29 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-20 18:27 - 2014-07-01 06:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-20 18:27 - 2014-07-01 06:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-01-20 18:27 - 2014-06-06 14:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-01-20 18:27 - 2014-06-06 14:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-20 18:27 - 2014-03-10 05:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-20 18:27 - 2014-03-10 05:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-20 18:27 - 2014-03-10 05:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-01-20 18:27 - 2014-03-10 05:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-01-20 18:24 - 2014-10-14 10:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-20 18:24 - 2014-10-14 10:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-20 18:24 - 2014-10-14 10:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-20 18:24 - 2014-10-14 09:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-01-20 18:24 - 2014-10-14 09:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-01-20 18:24 - 2013-10-04 10:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-01-20 18:24 - 2013-10-04 10:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-01-20 18:24 - 2013-10-04 09:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-01-20 18:24 - 2013-10-04 09:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-01-20 18:24 - 2012-10-10 02:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-01-20 18:24 - 2012-10-10 02:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-01-20 18:24 - 2012-10-10 01:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-01-20 18:24 - 2012-10-10 01:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-01-20 18:23 - 2014-07-17 10:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-20 18:23 - 2014-07-17 10:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-20 18:23 - 2014-07-17 10:07 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-01-20 18:23 - 2014-07-17 10:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-20 18:23 - 2014-07-17 10:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-01-20 18:23 - 2014-07-17 10:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-01-20 18:23 - 2014-07-17 09:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-01-20 18:23 - 2014-07-17 09:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-01-20 18:23 - 2014-07-17 09:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-01-20 18:23 - 2014-07-17 09:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-01-20 18:23 - 2014-07-17 09:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-20 18:23 - 2014-07-17 09:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-01-20 18:23 - 2014-03-04 17:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-01-20 18:23 - 2014-03-04 17:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-01-20 18:23 - 2014-03-04 17:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-01-20 18:23 - 2014-03-04 17:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-01-20 18:23 - 2014-03-04 17:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-01-20 18:23 - 2014-03-04 17:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-01-20 18:23 - 2014-03-04 17:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-01-20 18:23 - 2014-03-04 17:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-20 18:23 - 2014-03-04 17:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-01-20 18:23 - 2014-03-04 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-01-20 18:23 - 2014-03-04 17:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-01-20 18:23 - 2014-03-04 17:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-01-20 18:23 - 2014-03-04 17:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-01-20 18:23 - 2014-03-04 17:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-01-20 18:23 - 2014-03-04 17:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-01-20 18:23 - 2014-03-04 17:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-01-20 18:23 - 2013-02-15 14:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-20 18:23 - 2013-02-15 14:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-01-20 18:23 - 2013-02-15 11:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-01-20 18:23 - 2012-12-07 21:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-01-20 18:23 - 2012-12-07 21:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-01-20 18:23 - 2012-12-07 20:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-01-20 18:23 - 2012-12-07 20:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-01-20 18:23 - 2012-12-07 19:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-01-20 18:23 - 2012-12-07 19:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-01-20 18:23 - 2012-12-07 19:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-01-20 18:23 - 2012-12-07 19:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-01-20 18:23 - 2012-12-07 19:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-01-20 18:23 - 2012-12-07 19:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-01-20 18:23 - 2012-12-07 19:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-01-20 18:23 - 2012-12-07 19:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-01-20 18:23 - 2012-12-07 19:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-01-20 18:23 - 2012-12-07 19:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-01-20 18:23 - 2012-12-07 19:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-01-20 18:23 - 2012-12-07 19:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-01-20 18:23 - 2012-12-07 19:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-01-20 18:23 - 2012-12-07 19:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-01-20 18:23 - 2012-12-07 18:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-01-20 18:22 - 2014-11-11 11:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-20 18:22 - 2014-11-11 11:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-20 18:22 - 2014-11-11 10:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-01-20 18:22 - 2014-11-11 10:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-20 18:22 - 2014-10-14 10:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-20 18:22 - 2014-10-14 10:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-20 18:22 - 2014-10-14 09:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-01-20 18:22 - 2014-10-14 09:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-01-20 18:22 - 2014-04-12 10:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-01-20 18:22 - 2014-04-12 10:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-01-20 18:22 - 2014-04-12 10:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-01-20 18:22 - 2014-04-12 10:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-01-20 18:22 - 2014-04-12 10:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-01-20 18:21 - 2014-06-25 10:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-20 18:21 - 2014-06-25 09:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-01-20 18:21 - 2014-03-04 17:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-20 18:21 - 2014-03-04 17:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-01-20 18:21 - 2014-03-04 17:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-01-20 18:21 - 2014-03-04 17:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-01-20 18:21 - 2014-03-04 17:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-01-20 18:21 - 2014-03-04 17:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-01-20 18:21 - 2014-03-04 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-01-20 18:21 - 2014-03-04 17:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-01-20 18:21 - 2014-03-04 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-01-20 18:21 - 2014-03-04 16:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-01-20 18:21 - 2014-03-04 16:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-01-20 18:21 - 2013-08-02 10:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 09:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-01-20 18:21 - 2013-08-02 08:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 08:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 08:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-01-20 18:21 - 2013-08-02 08:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-01-20 18:21 - 2013-07-26 10:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-01-20 18:21 - 2013-07-26 09:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-01-20 18:21 - 2012-10-04 01:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-01-20 18:21 - 2012-10-04 01:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-20 18:21 - 2012-10-04 01:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-20 18:21 - 2012-10-04 01:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-01-20 18:21 - 2012-10-04 01:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-01-20 18:21 - 2012-10-04 00:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-01-20 18:21 - 2012-10-04 00:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-01-20 18:21 - 2012-10-04 00:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-01-20 18:20 - 2014-12-04 10:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-20 18:20 - 2014-12-04 10:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-20 18:20 - 2014-12-04 10:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-20 18:20 - 2014-12-04 10:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-20 18:20 - 2014-12-04 10:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-20 18:20 - 2014-12-04 10:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-20 18:20 - 2014-12-04 10:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-20 18:20 - 2014-12-02 07:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-20 18:20 - 2014-06-16 10:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-20 18:20 - 2013-12-04 10:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-01-20 18:20 - 2013-12-04 10:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-01-20 18:20 - 2013-12-04 10:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-01-20 18:20 - 2013-12-04 10:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-01-20 18:20 - 2013-12-04 10:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-01-20 18:20 - 2013-12-04 10:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-01-20 18:20 - 2013-12-04 10:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-01-20 18:20 - 2013-12-04 10:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-01-20 18:20 - 2013-12-04 10:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-01-20 18:20 - 2013-12-04 10:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-01-20 18:20 - 2013-12-04 10:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-01-20 18:20 - 2013-12-04 10:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-01-20 18:20 - 2013-12-04 10:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-01-20 18:20 - 2013-12-04 10:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-01-20 18:20 - 2013-12-04 09:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-01-20 18:20 - 2013-12-04 09:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-01-20 18:20 - 2013-12-04 09:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-01-20 18:20 - 2013-12-04 09:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-01-20 18:20 - 2013-10-06 04:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-01-20 18:20 - 2013-10-06 03:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-01-20 18:20 - 2013-07-12 18:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-01-20 18:20 - 2013-07-12 18:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-01-20 18:20 - 2013-07-09 13:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-01-20 18:20 - 2013-07-09 13:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-01-20 18:20 - 2013-07-09 12:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-01-20 18:20 - 2013-07-09 12:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-01-20 18:20 - 2013-04-10 14:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-01-20 18:20 - 2011-02-03 19:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-01-20 18:19 - 2014-09-19 17:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-20 18:19 - 2014-09-19 17:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-20 18:19 - 2014-09-19 17:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-20 18:19 - 2014-09-19 17:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-20 18:19 - 2014-09-19 17:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-20 18:19 - 2014-09-19 17:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-20 18:19 - 2014-09-19 17:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-01-20 18:19 - 2014-09-19 17:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-01-20 18:19 - 2014-09-19 17:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-01-20 18:19 - 2014-09-19 17:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-01-20 18:19 - 2014-09-19 17:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-01-20 18:19 - 2014-09-19 17:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-01-20 18:19 - 2013-08-29 10:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-01-20 18:19 - 2013-08-29 10:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-01-20 18:19 - 2013-08-29 10:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-01-20 18:19 - 2013-08-29 09:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-01-20 18:19 - 2013-08-29 09:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-01-20 18:19 - 2013-08-29 09:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-01-20 18:19 - 2013-07-09 13:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-01-20 18:19 - 2013-07-09 12:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-01-20 18:18 - 2014-12-12 13:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-20 18:18 - 2014-12-12 13:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-20 18:18 - 2014-12-12 13:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-20 18:18 - 2014-12-12 13:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-20 18:18 - 2014-12-12 13:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-20 18:18 - 2014-12-12 13:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-20 18:18 - 2014-12-12 13:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-20 18:18 - 2014-12-06 12:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-20 18:18 - 2014-12-06 11:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-20 18:18 - 2014-12-06 11:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-20 18:18 - 2014-10-10 08:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-20 18:18 - 2014-10-03 10:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-20 18:18 - 2014-10-03 10:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-20 18:18 - 2014-10-03 10:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-20 18:18 - 2014-10-03 10:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-20 18:18 - 2014-10-03 10:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-20 18:18 - 2014-10-03 09:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-20 18:18 - 2014-10-03 09:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-20 18:18 - 2014-10-03 09:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-20 18:18 - 2014-08-01 19:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-01-20 18:18 - 2014-08-01 19:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-01-20 18:18 - 2014-06-18 10:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-20 18:18 - 2014-06-18 09:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-01-20 18:18 - 2014-04-05 10:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-20 18:18 - 2014-04-05 10:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-20 18:18 - 2013-11-26 19:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-01-20 18:18 - 2013-09-08 10:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-01-20 18:18 - 2013-09-08 10:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-01-20 18:18 - 2013-08-02 10:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-01-20 18:18 - 2013-08-02 10:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-01-20 18:18 - 2013-08-02 09:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-01-20 18:18 - 2013-08-02 08:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-01-20 18:18 - 2013-06-26 06:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-01-20 18:18 - 2013-05-10 13:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-01-20 18:18 - 2013-05-10 11:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-01-20 18:18 - 2013-04-26 07:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-01-20 18:18 - 2013-04-01 06:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-01-20 18:18 - 2012-11-29 06:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-01-20 18:18 - 2012-11-29 06:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-01-20 18:18 - 2012-11-29 06:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-01-20 18:17 - 2014-12-19 11:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-20 18:17 - 2014-12-19 09:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-20 18:17 - 2014-12-12 01:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-20 18:17 - 2014-11-08 11:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-20 18:17 - 2014-11-08 10:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-20 18:17 - 2014-10-25 09:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-20 18:17 - 2014-10-25 09:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-01-20 18:17 - 2014-08-21 14:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-20 18:17 - 2014-08-21 14:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-20 18:17 - 2014-08-21 14:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-20 18:17 - 2014-08-21 14:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-01-20 18:17 - 2014-08-12 10:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-20 18:17 - 2014-08-12 09:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-01-20 18:17 - 2014-06-19 06:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-20 18:17 - 2014-06-19 06:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-20 18:17 - 2014-06-19 06:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-01-20 18:17 - 2014-06-19 06:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-20 18:17 - 2014-06-19 06:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-01-20 18:17 - 2014-06-19 06:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-20 18:17 - 2014-04-25 10:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-20 18:17 - 2014-04-25 10:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-01-20 18:17 - 2014-03-26 22:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-20 18:17 - 2014-03-26 22:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-01-20 18:17 - 2014-03-26 22:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-01-20 18:17 - 2014-03-26 22:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-01-20 18:17 - 2014-02-04 10:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-01-20 18:17 - 2014-02-04 10:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-01-20 18:17 - 2014-02-04 10:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-01-20 18:17 - 2014-02-04 10:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-01-20 18:17 - 2014-02-04 10:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-01-20 18:17 - 2014-01-29 10:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-20 18:17 - 2014-01-29 10:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-20 18:17 - 2013-11-27 09:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-01-20 18:17 - 2013-11-27 09:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-01-20 18:17 - 2013-11-27 09:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-01-20 18:17 - 2013-11-27 09:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-01-20 18:17 - 2013-11-27 09:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-01-20 18:17 - 2013-08-05 10:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-01-20 18:17 - 2012-11-23 11:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-01-20 18:17 - 2011-04-09 14:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-01-20 18:17 - 2011-04-09 13:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-01-20 18:16 - 2014-11-11 09:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-20 18:16 - 2014-10-30 10:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-20 18:16 - 2014-10-30 09:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-20 18:16 - 2014-10-03 10:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-20 18:16 - 2014-10-03 10:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-20 18:16 - 2014-10-03 10:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-20 18:16 - 2014-10-03 10:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-20 18:16 - 2014-10-03 10:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-20 18:16 - 2014-10-03 09:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-20 18:16 - 2014-10-03 09:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-20 18:16 - 2014-10-03 09:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-20 18:16 - 2014-10-03 09:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-20 18:16 - 2014-10-03 09:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-20 18:16 - 2014-09-25 10:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-20 18:16 - 2014-09-25 09:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-01-20 18:16 - 2014-09-04 13:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-20 18:16 - 2014-09-04 13:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-01-20 18:16 - 2014-06-06 18:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-20 18:16 - 2014-06-06 17:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-01-20 18:16 - 2014-05-30 14:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-20 18:16 - 2014-01-28 10:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-01-20 18:16 - 2013-10-30 10:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-01-20 18:16 - 2013-10-30 10:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-01-20 18:16 - 2013-10-19 10:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-01-20 18:16 - 2013-10-19 09:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-01-20 18:16 - 2013-10-04 10:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-01-20 18:16 - 2013-10-04 09:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-01-20 18:16 - 2013-07-25 17:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-01-20 18:16 - 2013-07-25 16:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-01-20 18:16 - 2013-07-20 18:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-20 18:16 - 2013-07-20 18:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-20 18:16 - 2013-07-04 20:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-01-20 18:16 - 2013-07-04 20:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-01-20 18:16 - 2013-07-04 20:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-01-20 18:16 - 2013-07-04 19:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-01-20 18:16 - 2013-07-04 19:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-01-20 18:16 - 2013-07-04 19:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-01-20 18:16 - 2013-07-03 12:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-01-20 18:16 - 2013-07-03 12:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-01-20 18:16 - 2013-06-06 13:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-01-20 18:16 - 2013-06-06 13:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-01-20 18:16 - 2013-06-06 13:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-01-20 18:16 - 2013-06-06 13:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-01-20 18:16 - 2013-06-06 12:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-01-20 18:16 - 2013-06-06 12:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-01-20 18:16 - 2013-06-06 12:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-01-20 18:16 - 2013-06-06 11:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-01-20 18:16 - 2013-06-06 11:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-01-20 18:16 - 2013-06-06 11:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-01-20 18:16 - 2013-04-26 13:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-01-20 18:16 - 2013-04-26 12:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-01-20 18:16 - 2013-03-19 13:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-01-20 18:16 - 2013-02-12 12:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-01-20 18:16 - 2013-01-24 14:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-01-20 18:16 - 2012-11-02 13:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-01-20 18:16 - 2012-11-02 13:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-01-20 18:16 - 2012-09-26 06:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2015-01-20 18:16 - 2012-09-26 06:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-01-20 18:15 - 2013-07-04 20:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-01-20 18:12 - 2015-01-21 07:50 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2015-01-20 18:12 - 2015-01-20 18:12 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-01-20 18:12 - 2015-01-20 18:12 - 00000000 ____D () C:\Users\Intan\AppData\Local\SlimWare Utilities Inc
2015-01-20 18:07 - 2014-10-14 10:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-20 18:07 - 2014-10-14 09:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-20 18:07 - 2014-06-03 18:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-20 18:07 - 2014-06-03 18:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-20 18:07 - 2014-06-03 18:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-01-20 18:07 - 2014-06-03 17:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-01-20 18:07 - 2014-06-03 17:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-01-20 18:07 - 2013-02-27 13:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-01-20 17:53 - 2014-10-18 10:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-20 17:53 - 2014-10-18 09:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-01-20 17:53 - 2014-08-23 10:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-20 17:53 - 2014-08-23 09:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-01-20 17:53 - 2014-01-24 10:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-01-20 17:53 - 2013-10-12 10:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-01-20 17:53 - 2013-10-12 10:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-01-20 17:53 - 2013-10-12 10:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-01-20 17:53 - 2013-10-12 10:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-01-20 17:53 - 2013-10-12 10:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-01-20 17:53 - 2013-10-12 10:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-01-20 17:53 - 2013-10-12 10:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-01-20 17:53 - 2013-10-12 10:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-01-20 17:53 - 2013-10-12 10:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-01-20 17:53 - 2013-10-12 09:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-01-20 17:53 - 2013-10-12 09:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-01-20 17:53 - 2013-10-12 09:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-01-20 17:53 - 2013-10-12 09:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-01-20 17:53 - 2013-08-28 09:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-01-20 17:53 - 2013-05-13 13:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-01-20 17:53 - 2013-05-13 11:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-01-20 17:53 - 2013-05-13 11:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-01-20 17:53 - 2013-05-13 11:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-01-20 17:52 - 2014-07-14 10:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-01-20 17:52 - 2014-07-14 09:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-01-20 17:43 - 2015-01-20 17:43 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-20 17:43 - 2015-01-20 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-20 17:42 - 2015-01-23 21:16 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-20 17:42 - 2015-01-23 20:47 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-20 17:42 - 2015-01-20 17:43 - 00000000 ____D () C:\Users\Intan\AppData\Local\Google
2015-01-20 17:42 - 2015-01-20 17:43 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-20 17:42 - 2015-01-20 17:42 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-20 17:42 - 2015-01-20 17:42 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-20 17:41 - 2015-01-20 17:42 - 00000000 ____D () C:\Users\Intan\AppData\Local\Deployment
2015-01-20 17:41 - 2015-01-20 17:41 - 00000000 ____D () C:\Users\Intan\AppData\Local\Apps\2.0
2015-01-20 17:28 - 2015-01-23 19:44 - 00109296 _____ () C:\Users\Intan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-20 17:26 - 2014-05-15 00:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-20 17:26 - 2014-05-15 00:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-20 17:26 - 2014-05-15 00:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-20 17:26 - 2014-05-15 00:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-20 17:26 - 2014-05-15 00:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-01-20 17:26 - 2014-05-15 00:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-01-20 17:26 - 2014-05-15 00:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-01-20 17:26 - 2014-05-15 00:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-20 17:26 - 2014-05-15 00:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-20 17:26 - 2014-05-15 00:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-20 17:25 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-20 17:25 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-20 17:25 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-20 17:25 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-20 17:23 - 2015-01-21 01:14 - 00000000 ____D () C:\temp
2015-01-20 17:22 - 2015-01-21 01:14 - 00006725 _____ () C:\ytlDriverInstaller.log
2015-01-20 17:21 - 2015-01-21 01:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-20 17:18 - 2015-01-20 21:09 - 00001413 _____ () C:\Users\Intan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-20 17:18 - 2015-01-20 17:18 - 00000000 ____D () C:\Users\Intan\AppData\Local\VirtualStore
2015-01-20 17:16 - 2015-01-21 21:40 - 00000000 ____D () C:\Users\Intan
2015-01-20 17:16 - 2015-01-20 17:16 - 00000020 ___SH () C:\Users\Intan\ntuser.ini
2015-01-20 17:16 - 2015-01-20 17:16 - 00000000 __SHD () C:\Recovery
2015-01-20 17:16 - 2009-07-14 12:54 - 00000000 ___RD () C:\Users\Intan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-20 17:16 - 2009-07-14 12:49 - 00000000 ___RD () C:\Users\Intan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-23 21:16 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 21:13 - 2009-07-14 12:45 - 00016832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-23 21:13 - 2009-07-14 12:45 - 00016832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-23 19:47 - 2009-07-14 13:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-23 19:43 - 2009-07-14 12:45 - 00413672 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-23 19:33 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-23 19:32 - 2010-11-21 15:16 - 00000000 ____D () C:\Windows\ShellNew
2015-01-23 19:31 - 2009-07-14 11:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-23 19:29 - 2009-07-14 10:34 - 00000478 _____ () C:\Windows\win.ini
2015-01-21 21:40 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\registration
2015-01-21 16:43 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
2015-01-21 09:05 - 2009-07-14 13:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-21 09:05 - 2009-07-14 11:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-21 09:05 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-01-21 09:02 - 2010-11-21 15:16 - 00000000 ____D () C:\Windows\CSC
2015-01-21 09:00 - 2009-07-14 13:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-21 09:00 - 2009-07-14 13:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\et-EE
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-20 21:36 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\Help
2015-01-20 21:06 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-20 20:19 - 2010-11-21 15:16 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-20 20:19 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-20 20:19 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-20 20:19 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-01-20 20:19 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-20 20:19 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-20 20:19 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-20 20:19 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-20 17:26 - 2009-07-14 11:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-20 17:21 - 2009-07-14 13:32 - 00000000 ____D () C:\Windows\system32\restore
2015-01-20 17:16 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\Recovery
2015-01-08 09:55 - 2010-11-21 11:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== Files in the root of some directories =======
2015-01-23 12:53 - 2015-01-23 19:56 - 0067804 _____ () C:\Users\Intan\AppData\Roaming\ICARE.LOG
2015-01-20 20:51 - 2015-01-20 20:52 - 0006283 _____ () C:\Users\Intan\AppData\Local\HWVendorDetection.log
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-21 16:36
 
==================== End Of Log ============================


#4 nazatul

nazatul
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 23 January 2015 - 08:12 PM

Addition log

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Intan at 2015-01-23 21:45:05
Running from C:\Users\Intan\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4260 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.128 - Broadcom Corporation)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Connect (HKLM-x32\...\{0699889D-F7F8-48BE-8C2E-694599E72F0D}) (Version: 1.9.21.0 - YTL Communications)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.56.316.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6581 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.41.5 - Synaptics Incorporated)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
23-01-2015 21:35:44 End of disinfection
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {41E3B2E2-3CCC-47F2-9C25-4B11D570A153} - System32\Tasks\{6201D78C-F698-436A-917E-ED7E37A21761} => pcalua.exe -a "F:\Microsoft Office Enterprise 2007 (Original Full Version)\setup.exe" -d "F:\Microsoft Office Enterprise 2007 (Original Full Version)"
Task: {7588E8EF-6241-4FE5-9284-87A31168214A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-20] (Google Inc.)
Task: {A0A53EDB-B4D1-45AA-A3B4-9F397FDDE05C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-20] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-01-21 01:38 - 2014-06-24 16:01 - 00059904 _____ () C:\Program Files (x86)\Yes\Connect\zlib1.dll
2015-01-20 21:18 - 2015-01-20 21:18 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2015-01-20 21:18 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-01-20 17:43 - 2015-01-09 08:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-20 17:43 - 2015-01-09 08:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-20 17:43 - 2015-01-09 08:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-20 17:43 - 2015-01-09 08:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^Intan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Windows Loader 2.2.2 Final By DAZ - SceneDL.lnk => C:\Windows\pss\Windows Loader 2.2.2 Final By DAZ - SceneDL.lnk.Startup
MSCONFIG\startupreg: LaunchYTLCM => C:\Program Files (x86)\Yes\Connect\Connect.exe
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3990567071-1084108826-403945762-500 - Administrator - Disabled)
Guest (S-1-5-21-3990567071-1084108826-403945762-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3990567071-1084108826-403945762-1002 - Limited - Enabled)
Intan (S-1-5-21-3990567071-1084108826-403945762-1000 - Administrator - Enabled) => C:\Users\Intan
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/23/2015 09:17:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/23/2015 09:13:33 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {c4f97a75-bbd9-42ee-9799-32948b1d6c51}
 
Error: (01/23/2015 08:26:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/23/2015 07:44:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/23/2015 06:48:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/23/2015 00:15:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: 2UUFeu47xlT8rx.exe, version: 0.0.0.0, time stamp: 0x54a01d76
Faulting module name: 2UUFeu47xlT8rx.exe, version: 0.0.0.0, time stamp: 0x54a01d76
Exception code: 0xc0000005
Fault offset: 0x000057d3
Faulting process id: 0x680
Faulting application start time: 0x2UUFeu47xlT8rx.exe0
Faulting application path: 2UUFeu47xlT8rx.exe1
Faulting module path: 2UUFeu47xlT8rx.exe2
Report Id: 2UUFeu47xlT8rx.exe3
 
Error: (01/23/2015 10:30:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/22/2015 04:43:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/21/2015 11:21:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/21/2015 09:42:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (01/23/2015 09:15:19 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (01/23/2015 09:15:19 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (01/23/2015 09:15:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (01/23/2015 09:14:29 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (01/23/2015 09:13:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (01/23/2015 09:13:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (01/23/2015 09:13:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (01/23/2015 09:13:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (01/23/2015 09:13:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Connect Service Daemon service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (01/23/2015 09:13:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2328M CPU @ 2.20GHz
Percentage of memory in use: 71%
Total physical RAM: 1884.36 MB
Available physical RAM: 533.79 MB
Total Pagefile: 3768.72 MB
Available Pagefile: 1812.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:234.28 GB) (Free:212.81 GB) NTFS
Drive d: () (Fixed) (Total:231.38 GB) (Free:209.47 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F5A29C44)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=234.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=231.4 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#5 nazatul

nazatul
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 23 January 2015 - 08:29 PM

FYI i've found this weird thing in startup called Windows Loader 2.2.2 Final by DAZ - sceneDL..i have unchecked it and restart.



#6 nazatul

nazatul
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 23 January 2015 - 08:58 PM

currently Ads by Unisales keep on bugging me while seaching in chrome. i have install and run adwcleaner but still it wont remove. i check in chrome extension and it keep coming back though i have delete it before. what should i do?



#7 shelf life

shelf life

  • Malware Response Team
  • 2,684 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:10:18 PM

Posted 23 January 2015 - 10:38 PM

1) First we will use FRST.

 

Open notepad. Please copy/paste the contents of the code box below into notepad. Save it to your desktop as fixlist.txt

 

Run FRST again like before except this time: press the Fix button just once and wait.
The tool will make a log on the desktop (Fixlog.txt) please post it to your reply.

C:\ProgramData\dhggokfilpabnokncihjodlbjhnmikmd
C:\ProgramData\5457405597257962480
C:\Program Files (x86)\unIsaleess
C:\ProgramData\{d62fd664-0b4b-0860-d62f-fd6640b45990}
C:\ProgramData\{015d5a94-011a-a5b7-015d-d5a940116a50}
C:\Windows\System32\Tasks\{6201D78C-F698-436A-917E-ED7E37A21761}
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

2) Next please uninstall Chrome via the add/remove programs panel. Then reinstall Chrome.

 

3) Last run adwcleaner:

 

    Right-click on adwcleaner.exe and select Run as Administrator to launch the application.
    Now click on the Scan tab, once the scan is complete click on the Clean tab and follow the prompts.
    Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

 

I wont be back online for 8-10 hours


Edited by shelf life, 23 January 2015 - 10:42 PM.

How Can I Reduce My Risk to Malware?


#8 nazatul

nazatul
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 24 January 2015 - 02:23 AM

Hi, I have run all the above steps and here is the log and report

 

 

Fixlog

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by Intan at 2015-01-24 11:51:25 Run:1
Running from C:\Users\Intan\Desktop
Loaded Profiles: Intan (Available profiles: Intan)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
C:\ProgramData\dhggokfilpabnokncihjodlbjhnmikmd
C:\ProgramData\5457405597257962480
C:\Program Files (x86)\unIsaleess
C:\ProgramData\{d62fd664-0b4b-0860-d62f-fd6640b45990}
C:\ProgramData\{015d5a94-011a-a5b7-015d-d5a940116a50}
C:\Windows\System32\Tasks\{6201D78C-F698-436A-917E-ED7E37A21761}
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
*****************
 
C:\ProgramData\dhggokfilpabnokncihjodlbjhnmikmd => Moved successfully.
"C:\ProgramData\5457405597257962480" => File/Directory not found.
C:\Program Files (x86)\unIsaleess => Moved successfully.
C:\ProgramData\{d62fd664-0b4b-0860-d62f-fd6640b45990} => Moved successfully.
C:\ProgramData\{015d5a94-011a-a5b7-015d-d5a940116a50} => Moved successfully.
C:\Windows\System32\Tasks\{6201D78C-F698-436A-917E-ED7E37A21761} => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
 
==== End of Fixlog 11:51:27 ====


#9 nazatul

nazatul
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 24 January 2015 - 02:24 AM

AdwCleaner Report
 
 
# AdwCleaner v4.108 - Report created 24/01/2015 at 12:13:09
# Updated 17/01/2015 by Xplode
# Database : 2015-01-23.3 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Intan - INTAN-PC
# Running from : C:\Users\Intan\Desktop\adwcleaner_4.108.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Google Chrome v40.0.2214.91
 
 
*************************
 
AdwCleaner[R0].txt - [2294 octets] - [24/01/2015 09:40:22]
AdwCleaner[R1].txt - [866 octets] - [24/01/2015 12:05:01]
AdwCleaner[S0].txt - [2352 octets] - [24/01/2015 09:44:29]
AdwCleaner[S1].txt - [788 octets] - [24/01/2015 12:13:09]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [847 octets] ##########


#10 shelf life

shelf life

  • Malware Response Team
  • 2,684 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:10:18 PM

Posted 24 January 2015 - 09:31 AM

Ok. Good. Adwcleaner is coming up clean now.

 

 

weird thing in startup called Windows Loader 2.2.2 Final by DAZ - sceneDL

This is software that will activate Windows 7. MS would consider your copy of windows to be:  "not a genuine licensed copy"

 

So hows it looking now on your end? Have you updated Malwarebytes lately and done a scan with it?


How Can I Reduce My Risk to Malware?


#11 nazatul

nazatul
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 24 January 2015 - 07:57 PM

Yes, I have updated Malwarebytes and run a scan. Results no malware detected!!  :)

So far so good now. Thank you for your help shelf life..you are a life saver  :thumbup2:



#12 shelf life

shelf life

  • Malware Response Team
  • 2,684 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:10:18 PM

Posted 25 January 2015 - 12:14 PM

Ok your welcome. you can get one more download that will automatically remove the tools we used then delete itself.

 

Please download Delfix.exe and save it to your desktop.

   https://toolslib.net/downloads/viewdownload/2-delfix/

 

   Right click and select "run as admin"

   Ensure Remove disinfection tools is checked

   Click on the run button.

   The tool will delete itself once it finishes. You can delete the log it generates

 

Happy safe surfing out there.


How Can I Reduce My Risk to Malware?


#13 shelf life

shelf life

  • Malware Response Team
  • 2,684 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:10:18 PM

Posted 08 February 2015 - 08:49 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users