Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Desktop mirrored by malware; Malwareprotection and rescue-modes blocked...


  • This topic is locked This topic is locked
33 replies to this topic

#1 ChrisCGN

ChrisCGN

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 23 January 2015 - 06:55 PM

Hello there,

 

I got infected by some sort of malware/virus/trojan....really don't know what it could be...or how to remove it...

It mirrors my desktop through an alternative user-profile and blocks malwareprotection in normal and save-mode.

I can't even start Bitdefender Rescue Mode, because the bdr-ld01.mbr gets blocked during boot...

 

I hope one of you guys can help me out, because I'm seriously at a loss here :-(

 

Here's the FRST.txt from the scan. The Addition.txt will be in the next one.

 

Thanks in advance for your help!

 

p.s.: One weird thing I just saw: IE isn't my default browser.....Chrome is...

 

p.p.s.: I uninstalled MBAM and reiinstalled it as MickyMouse.exe, since I thought that might stop the block from the virus.

          That's probably why it doesn't seem to show up in the Addition.txt...

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Chris (administrator) on CHRIS-PC on 24-01-2015 00:33:18
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris (Available profiles: Chris)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AgileBits) C:\Program Files (x86)\1Password\Agile1pService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\seccenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\MickyMouse\MickyMouse.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKU\S-1-5-21-1658664929-4190690133-2850637579-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2014-11-25] (Bitdefender)
HKU\S-1-5-21-1658664929-4190690133-2850637579-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2015-01-13] (Tonec Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll (AgileBits)
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll (AgileBits)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{B36C1905-424C-4B9C-B477-E3EF8B03C552}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{D233C410-4233-4100-9C7D-EBA0ACC0C3EA}: [NameServer] 8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: 
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\searchplugins\duckduckgo.xml
FF Extension: YouTube Unblocker - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\youtubeunblocker@unblocker.yt [2014-12-17]
FF Extension: FT DeepDark - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-01-03]
FF Extension: DownloadHelper - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: DownThemAll! AntiContainer - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\anticontainer@downthemall.net.xpi [2014-12-17]
FF Extension: MEGA - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\firefox@mega.co.nz.xpi [2014-09-17]
FF Extension: ZenMate Security & Privacy VPN - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\firefox@zenmate.com.xpi [2014-12-17]
FF Extension: ProxTube - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: YouTube HTML5-Video - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\jid0-MXvUXM1npF7yTcY3bpZVht72AR4@jetpack.xpi [2014-12-17]
FF Extension: DuckDuckGo Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-08-13]
FF Extension: 1Password - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\onepassword4@agilebits.com.xpi [2014-06-24]
FF Extension: FlashGot - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-10-20]
FF Extension: css converter - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\{5a0c41da-10be-404a-afb6-c574b41e669e}.xpi [2014-12-21]
FF Extension: {601e631c-c752-4e6c-928c-05e0c61aaf7b} - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\{601e631c-c752-4e6c-928c-05e0c61aaf7b}.xpi [2014-12-17]
FF Extension: NoScript - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-06-22]
FF Extension: FXChrome - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi [2014-12-17]
FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-22]
FF Extension: DownThemAll! - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-08-13]
FF Extension: Greasemonkey - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-01-16]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-20]
FF HKLM-x32\...\Firefox\Extensions: [{569e46e1-b161-4451-9e3d-5523e6edd1ef}] - C:\Program Files (x86)\fs protection\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-01-20]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF HKU\S-1-5-21-1658664929-4190690133-2850637579-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5 [2015-01-15]
FF HKU\S-1-5-21-1658664929-4190690133-2850637579-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5
FF Extension: No Name - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8lml6ous.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (1Password: Password Manager and Secure Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2015-01-18]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-17]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-17]
CHR Extension: (Adblock Plus) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-17]
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-17]
CHR Extension: (ZenMate Security & Privacy VPN) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-01-17]
CHR Extension: (IDM Integration Module) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2015-01-20]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-17]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-17]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.
 
R2 Agile1Password; C:\Program Files (x86)\1Password\Agile1pService.exe [768784 2014-06-04] (AgileBits)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
U2 MBAMScheduler; C:\Program Files (x86)\MickyMouse\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\MickyMouse\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2014-12-15] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-09-25] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2014-12-02] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-24] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2014-08-08] (Spotflux, Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 cleanhlp; \??\C:\EEK\bin\cleanhlp64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-24 00:32 - 2015-01-24 00:33 - 00038226 _____ () C:\Users\Chris\Desktop\Addition.txt
2015-01-24 00:31 - 2015-01-24 00:33 - 00022379 _____ () C:\Users\Chris\Desktop\FRST.txt
2015-01-24 00:31 - 2015-01-24 00:33 - 00000000 ____D () C:\FRST
2015-01-24 00:22 - 2015-01-24 00:22 - 00001001 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-24 00:15 - 2015-01-24 00:15 - 02126848 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe
2015-01-24 00:00 - 2015-01-24 00:11 - 00000336 _____ () C:\windows\setupact.log
2015-01-24 00:00 - 2015-01-24 00:00 - 00000000 _____ () C:\windows\setuperr.log
2015-01-23 23:59 - 2015-01-23 23:59 - 00004594 _____ () C:\windows\PFRO.log
2015-01-23 23:36 - 2015-01-23 23:36 - 00003025 _____ () C:\stat.txt
2015-01-23 23:17 - 2015-01-23 23:17 - 01761234 _____ () C:\Users\Chris\Documents\bookmarks_1_23_15.html
2015-01-23 22:29 - 2015-01-23 22:29 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2015-01-23 22:29 - 2015-01-23 22:29 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-23 22:29 - 2015-01-23 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-23 22:29 - 2015-01-23 22:29 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-23 22:24 - 2015-01-23 22:31 - 1789542400 _____ () C:\Users\Chris\Downloads\KB3AIK_EN.iso
2015-01-23 19:45 - 2015-01-24 00:26 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-23 19:45 - 2015-01-24 00:22 - 00000000 ____D () C:\Program Files (x86)\MickyMouse
2015-01-23 19:45 - 2015-01-24 00:20 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-23 19:45 - 2015-01-23 19:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-23 19:45 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-01-23 19:45 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-01-23 17:24 - 2015-01-23 17:24 - 01761992 _____ (ESET) C:\Users\Chris\Downloads\nod32.exe
2015-01-23 01:46 - 2015-01-23 02:35 - 00000524 _____ () C:\Users\Chris\Desktop\Search DISABLEReg.txt
2015-01-23 00:44 - 2015-01-23 00:44 - 17149616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2015-01-22 22:16 - 2015-01-22 22:16 - 02126848 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2015-01-22 18:59 - 2015-01-23 23:05 - 00000000 ____D () C:\windows\Minidump
2015-01-22 18:45 - 2015-01-22 17:01 - 02347384 _____ (ESET) C:\Users\Chris\Desktop\esetsmartinstaller_enu.exe
2015-01-22 18:27 - 2015-01-22 18:27 - 00012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe
2015-01-22 18:17 - 2015-01-22 18:27 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-21 21:32 - 2015-01-21 21:32 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Chris\Downloads\rkill.com
2015-01-21 20:30 - 2015-01-21 21:08 - 00000000 ____D () C:\Users\Chris\Desktop\RARs
2015-01-21 20:25 - 2015-01-21 21:47 - 00000000 ____D () C:\Users\Chris\Desktop\TV & Movies
2015-01-21 20:19 - 2015-01-21 21:28 - 00000000 ____D () C:\Users\Chris\Desktop\Dokumente
2015-01-21 20:00 - 2015-01-23 23:26 - 00000000 ____D () C:\Users\Chris\Desktop\Win8
2015-01-21 18:49 - 2015-01-21 18:49 - 00000000 ___RD () C:\ESD
2015-01-21 15:22 - 2015-01-21 15:23 - 00000000 ____D () C:\Program Files (x86)\Recover Keys
2015-01-21 15:22 - 2015-01-21 15:22 - 00001054 _____ () C:\Users\Public\Desktop\Recover Keys.lnk
2015-01-21 15:22 - 2015-01-21 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recover Keys
2015-01-21 13:00 - 2015-01-21 13:00 - 00000000 ____D () C:\windows\ERUNT
2015-01-21 10:49 - 2015-01-23 19:06 - 00037624 _____ () C:\windows\system32\Drivers\TrueSight.sys
2015-01-21 10:49 - 2015-01-21 10:49 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-20 20:15 - 2015-01-20 20:15 - 02967032 _____ (Malwarebytes ) C:\Users\Chris\Downloads\mbae-setup-1.05.1.1016.exe
2015-01-20 19:48 - 2015-01-20 19:48 - 00032989 _____ () C:\Users\Chris\Downloads\FRST.txt
2015-01-20 19:42 - 2015-01-20 19:42 - 00036620 _____ () C:\Users\Chris\Downloads\Addition.txt
2015-01-20 19:41 - 2015-01-20 19:41 - 00004241 _____ () C:\Users\Chris\Downloads\fixlist.txt
2015-01-20 19:38 - 2015-01-20 19:38 - 14893616 _____ () C:\Users\Chris\Downloads\gu5setup.exe
2015-01-20 18:44 - 2015-01-20 18:44 - 00263032 _____ (BitDefender) C:\windows\system32\Drivers\avchv.sys
2015-01-20 18:44 - 2015-01-20 18:44 - 00074000 _____ (BitDefender SRL) C:\windows\system32\bdsandboxuiskin32.dll
2015-01-20 18:13 - 2015-01-20 18:13 - 00000385 _____ () C:\windows\system32\user_gensett.xml
2015-01-20 18:13 - 2015-01-20 18:13 - 00000385 _____ () C:\Users\Chris\AppData\Roaminguser_gensett.xml
2015-01-20 18:12 - 2015-01-20 18:12 - 00002126 _____ () C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2015-01-20 18:12 - 2015-01-20 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-01-20 18:12 - 2009-07-14 14:21 - 01721576 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01009.dll
2015-01-20 18:11 - 2015-01-20 18:21 - 00000000 ____D () C:\ProgramData\BDLogging
2015-01-20 18:11 - 2015-01-20 18:18 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Bitdefender
2015-01-20 18:11 - 2014-12-02 16:40 - 00082824 _____ (BitDefender SRL) C:\windows\system32\Drivers\bdsandbox.sys
2015-01-20 18:11 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\windows\SysWOW64\bdsandboxuiskin32.dll
2015-01-20 18:11 - 2014-09-25 15:57 - 01288472 _____ (BitDefender) C:\windows\system32\Drivers\avc3.sys
2015-01-20 18:11 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\windows\system32\Drivers\avckf.sys
2015-01-20 18:11 - 2013-11-13 15:41 - 00093600 _____ (BitDefender LLC) C:\windows\system32\Drivers\BdfNdisf6.sys
2015-01-20 18:11 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\windows\system32\Drivers\bdvedisk.sys
2015-01-20 18:11 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\windows\capicom.dll
2015-01-20 18:09 - 2015-01-20 18:12 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-01-20 18:09 - 2015-01-20 18:11 - 00000000 ____D () C:\Program Files\Bitdefender
2015-01-20 18:09 - 2015-01-20 18:09 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\QuickScan
2015-01-20 18:09 - 2015-01-20 18:09 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-01-20 18:09 - 2014-12-02 16:37 - 00084336 _____ (BitDefender SRL) C:\windows\system32\BDSandBoxUISkin.dll
2015-01-20 18:09 - 2014-12-02 13:37 - 00033360 _____ (BitDefender SRL) C:\windows\system32\BDSandBoxUH.dll
2015-01-20 18:09 - 2014-10-22 09:29 - 00155912 _____ (BitDefender LLC) C:\windows\system32\Drivers\gzflt.sys
2015-01-20 18:09 - 2014-10-15 16:14 - 00452040 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\trufos.sys
2015-01-20 18:08 - 2015-01-20 18:08 - 03077776 _____ (Symantec Corporation) C:\Users\Chris\Downloads\NPE.exe
2015-01-20 17:20 - 2015-01-20 17:21 - 384225624 _____ () C:\Users\Chris\Desktop\bitdefender_ts_18_64b.exe
2015-01-20 16:49 - 2015-01-20 16:49 - 00065232 _____ (Malwarebytes) C:\Users\Chris\Downloads\regassassin-setup-1.03.exe
2015-01-20 02:39 - 2015-01-20 02:41 - 74880480 _____ (Microsoft Corporation) C:\Users\Chris\Downloads\MAPSetup.exe
2015-01-20 00:54 - 2015-01-22 14:33 - 00000250 _____ () C:\windows\SysWOW64\PARTIZAN.TXT
2015-01-20 00:45 - 2015-01-20 00:50 - 00000339 _____ () C:\windows\system32\Partizan.RRI
2015-01-20 00:45 - 2015-01-20 00:45 - 00040208 _____ (Greatis Software) C:\windows\system32\Partizan.exe
2015-01-20 00:43 - 2015-01-20 00:55 - 00000000 ____D () C:\ProgramData\RegRun
2015-01-20 00:11 - 2015-01-22 15:19 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2015-01-20 00:11 - 2015-01-20 00:11 - 00003324 _____ () C:\windows\System32\Tasks\UnHackMe Task Scheduler
2015-01-20 00:11 - 2015-01-20 00:11 - 00000002 RSHOT () C:\windows\winstart.bat
2015-01-20 00:11 - 2015-01-20 00:11 - 00000002 RSHOT () C:\windows\SysWOW64\CONFIG.NT
2015-01-20 00:11 - 2015-01-20 00:11 - 00000002 RSHOT () C:\windows\SysWOW64\AUTOEXEC.NT
2015-01-19 14:52 - 2015-01-19 14:52 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Chris\Desktop\procexp.exe
2015-01-19 09:01 - 2015-01-24 00:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-19 08:35 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-01-19 08:35 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-01-19 08:35 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-01-19 08:35 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-01-19 08:35 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-01-19 08:35 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-01-19 08:35 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-01-19 08:35 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-01-19 08:28 - 2015-01-21 15:05 - 00000000 ____D () C:\Qoobox
2015-01-19 08:27 - 2015-01-19 08:48 - 00000000 ____D () C:\windows\erdnt
2015-01-19 04:42 - 2015-01-19 04:42 - 00001162 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2015-01-19 04:42 - 2015-01-19 04:42 - 00001151 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2015-01-19 04:42 - 2015-01-19 04:42 - 00001139 _____ () C:\Users\Public\Desktop\Security Task Manager.lnk
2015-01-19 04:42 - 2015-01-19 04:42 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2015-01-19 04:34 - 2015-01-19 04:34 - 00111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2015-01-19 04:34 - 2015-01-19 04:34 - 00000000 ____D () C:\Program Files\Java
2015-01-19 04:01 - 2015-01-19 04:01 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Oracle
2015-01-17 17:40 - 2015-01-23 16:04 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-17 17:40 - 2015-01-17 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-17 17:39 - 2015-01-17 17:39 - 00004104 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-17 17:39 - 2015-01-17 17:39 - 00003852 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-17 15:15 - 2015-01-17 15:15 - 00001049 _____ () C:\Users\Chris\Desktop\Internet Download Manager.lnk
2015-01-17 10:04 - 2015-01-17 10:04 - 00001465 _____ () C:\Users\Chris\Downloads\rapidgator_net.php.php
2015-01-17 06:07 - 2015-01-23 04:05 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Steganos
2015-01-17 06:07 - 2015-01-23 03:33 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Steganos VPN
2015-01-17 03:10 - 2015-01-22 18:03 - 00003754 _____ () C:\windows\System32\Tasks\AutoKMS
2015-01-15 22:40 - 2015-01-15 22:40 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-15 22:40 - 2015-01-15 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-15 22:11 - 2015-01-24 00:15 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\IDM
2015-01-15 22:11 - 2015-01-15 22:40 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-01-15 01:00 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-15 01:00 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-15 01:00 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-15 01:00 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-15 01:00 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-15 01:00 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-15 01:00 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-01-15 00:28 - 2015-01-15 00:28 - 00001842 _____ () C:\Users\Chris\Downloads\FixOptimum.deb
2015-01-14 13:30 - 2015-01-14 13:30 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\F-Secure
2015-01-14 13:26 - 2015-01-14 13:26 - 00020698 _____ () C:\windows\prodsett_copy.ini
2015-01-14 12:48 - 2015-01-21 08:22 - 00000000 ____D () C:\Program Files (x86)\fs protection
2015-01-14 06:37 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-14 06:37 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-14 06:37 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-14 06:37 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-14 06:37 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-14 06:37 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-13 13:36 - 2014-11-29 01:37 - 00180648 _____ (Tonec Inc.) C:\windows\system32\Drivers\idmwfp.sys
2015-01-13 05:18 - 2015-01-24 00:16 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\DMCache
2015-01-13 05:18 - 2015-01-23 03:57 - 00000000 ____D () C:\Users\Chris\Downloads\Compressed
2015-01-13 05:18 - 2015-01-13 05:18 - 00000000 ____D () C:\ProgramData\IDM
2015-01-12 20:54 - 2015-01-12 20:54 - 00015926 _____ () C:\Users\Chris\Downloads\repo.biteyourapple.net.evernote_7.6.1_iphoneos-arm.evernote.deb
2015-01-11 21:03 - 2015-01-11 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-11 09:45 - 2015-01-20 18:03 - 00000000 ____D () C:\ProgramData\F-Secure
2015-01-11 09:45 - 2015-01-11 13:54 - 00000000 ____D () C:\Program Files (x86)\F-Secure
2015-01-10 02:41 - 2015-01-10 02:41 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\TaiG
2015-01-08 20:01 - 2015-01-08 18:58 - 568583998 _____ () C:\Users\Chris\Downloads\TwoDDL.eu_O64RG.part3.rar
2015-01-08 19:52 - 2015-01-08 18:59 - 1073741834 _____ () C:\Users\Chris\Downloads\TwoDDL.eu_O64RG.part2.rar
2015-01-08 19:43 - 2015-01-08 18:58 - 1073741828 _____ () C:\Users\Chris\Downloads\TwoDDL.eu_O64RG.part1.rar
2015-01-07 10:29 - 2015-01-08 10:44 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\36936AE9.sys
2014-12-31 17:06 - 2014-12-31 17:07 - 968464740 _____ () C:\Users\Chris\Downloads\LMCSKIDROW-MYRLS.rar
2014-12-30 15:47 - 2014-12-30 16:01 - 1270476178 _____ () C:\Users\Chris\Downloads\SEXY SHOOT TO KILL WARM UP.wav
2014-12-30 03:28 - 2015-01-23 00:44 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-12-30 03:28 - 2015-01-23 00:44 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-30 03:28 - 2015-01-23 00:44 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-12-30 03:15 - 2014-12-30 03:14 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-30 03:14 - 2014-12-30 03:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-30 03:14 - 2014-12-30 03:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-30 02:52 - 2014-12-30 02:53 - 00000000 ____D () C:\windows\system32\appmgmt
2014-12-30 01:57 - 2014-12-30 02:12 - 392068669 _____ () C:\Users\Chris\Downloads\DFTallPlugsB11.2014.rar
2014-12-30 01:45 - 2014-12-30 01:54 - 49909520 _____ () C:\Users\Chris\Downloads\Rays-2.0v2.exe
2014-12-29 18:27 - 2014-12-29 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-12-29 18:26 - 2014-12-29 18:34 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Mp3tag
2014-12-29 01:12 - 2014-12-29 01:12 - 00073628 _____ () C:\Users\Chris\Downloads\repo.biteyourapple.net.deezert3r_1.0.3_iphoneos-arm.deb
2014-12-27 16:12 - 2014-12-27 16:12 - 09174925 _____ (CCRMA, Stanford University ) C:\Users\Chris\Downloads\ISSE-Setup-v0.2.0.exe
2014-12-27 15:14 - 2015-01-21 02:43 - 02146224 _____ () C:\Users\Chris\Downloads\elevayta-extra-boy-pro-50_crack.zip
2014-12-27 15:02 - 2014-12-27 15:02 - 00916429 _____ () C:\Users\Chris\Downloads\Isol8or Vocal Remover VST.zip
2014-12-27 05:06 - 2014-12-27 05:06 - 00011365 _____ () C:\Users\Chris\Downloads\libcrypt-w32-bin.zip
2014-12-27 02:34 - 2014-12-30 02:52 - 00000000 ____D () C:\ProgramData\WinZip
2014-12-27 02:17 - 2014-12-27 02:17 - 00003128 _____ () C:\windows\System32\Tasks\{D2D9C9D2-1089-455E-A4DA-4F7A88868321}
2014-12-27 02:16 - 2014-12-27 02:16 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2014-12-27 02:16 - 2014-12-27 02:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals
2014-12-27 02:16 - 2014-12-27 02:16 - 00000000 ____D () C:\Program Files (x86)\DiskInternals
2014-12-26 08:03 - 2014-12-26 08:05 - 03732602 _____ () C:\Users\Chris\Downloads\p.a. 26-12-2014.rar
2014-12-26 08:02 - 2014-12-26 08:04 - 07285822 _____ () C:\Users\Chris\Downloads\_jdown2premium.blogspot.com_24.12.2014.rar
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-24 00:19 - 2014-06-22 19:15 - 01500309 _____ () C:\windows\WindowsUpdate.log
2015-01-24 00:19 - 2009-07-14 05:45 - 00044208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-24 00:19 - 2009-07-14 05:45 - 00044208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-24 00:18 - 2009-07-14 06:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-24 00:11 - 2014-06-22 19:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-24 00:11 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-23 23:58 - 2014-08-20 09:20 - 00000000 ____D () C:\windows\pss
2015-01-23 23:45 - 2014-06-22 19:26 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2015-01-23 23:43 - 2014-07-19 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-01-23 23:42 - 2014-07-19 12:28 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-23 23:37 - 2014-10-09 15:14 - 00000000 ____D () C:\ProgramData\Origin
2015-01-23 23:36 - 2014-11-12 14:55 - 00000000 ____D () C:\MyGames
2015-01-23 23:36 - 2014-10-16 11:54 - 00000000 ____D () C:\Program Files (x86)\Glyph
2015-01-23 23:35 - 2014-11-28 17:08 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2015-01-23 23:32 - 2014-06-23 20:35 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-01-23 23:32 - 2014-06-23 20:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-01-23 23:32 - 2014-06-23 00:30 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-23 23:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-23 23:30 - 2014-07-16 14:51 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-23 23:29 - 2014-07-16 14:57 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-23 23:29 - 2014-06-23 13:36 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Adobe
2015-01-23 23:28 - 2014-07-16 15:02 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-01-23 23:06 - 2014-07-08 22:17 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\XnView
2015-01-23 23:06 - 2014-06-23 14:39 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Azureus
2015-01-23 23:05 - 2014-06-23 05:11 - 00000000 ____D () C:\windows\Panther
2015-01-23 20:00 - 2014-06-22 23:49 - 00000000 ___RD () C:\Users\Chris\Dropbox
2015-01-23 20:00 - 2014-06-22 23:44 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Dropbox
2015-01-23 19:17 - 2014-06-22 19:23 - 00000000 ____D () C:\Users\Chris
2015-01-23 18:54 - 2014-11-21 19:23 - 00013824 ___SH () C:\Users\Chris\Downloads\Thumbs.db
2015-01-23 04:03 - 2014-07-16 17:28 - 00000000 ____D () C:\Program Files (x86)\Imagenomic
2015-01-23 04:02 - 2014-07-16 18:03 - 00000000 ____D () C:\Program Files\JixiPix Software
2015-01-23 04:01 - 2014-07-16 17:13 - 00000000 ____D () C:\Program Files (x86)\DynamicPhotoHDR5
2015-01-22 23:38 - 2009-07-14 06:08 - 00032620 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-01-22 11:13 - 2009-07-14 06:38 - 00025600 ___SH () C:\windows\system32\config\BCD-Template.LOG
2015-01-22 11:13 - 2009-07-14 06:32 - 00028672 _____ () C:\windows\system32\config\BCD-Template
2015-01-22 10:30 - 2014-06-22 19:23 - 00000000 ____D () C:\Recovery
2015-01-21 23:48 - 2012-08-08 07:54 - 00000000 ____D () C:\Users\Chris\Desktop\LicenseCrawler
2015-01-21 20:33 - 2014-10-31 00:11 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\vlc
2015-01-21 18:25 - 2009-07-14 05:45 - 05107304 _____ () C:\windows\system32\FNTCACHE.DAT
2015-01-21 15:38 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration
2015-01-21 15:03 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2015-01-21 08:06 - 2014-12-18 07:56 - 00000000 ____D () C:\Users\Chris\Desktop\Musikproduktion
2015-01-20 21:45 - 2014-06-22 21:40 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\AgileBits
2015-01-20 18:22 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\Offline Web Pages
2015-01-20 01:25 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2015-01-19 14:12 - 2014-06-22 19:23 - 00000000 ___RD () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-19 08:50 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default
2015-01-19 08:45 - 2014-07-19 12:27 - 00000000 ____D () C:\ProgramData\Temp
2015-01-19 04:55 - 2014-06-22 19:37 - 00766336 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-01-17 17:40 - 2014-08-18 00:14 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-17 15:15 - 2014-06-23 20:50 - 00000000 ____D () C:\Users\Chris\Desktop\Systemdienste
2015-01-17 06:09 - 2014-06-23 20:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-17 03:07 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\AppCompat
2015-01-15 20:36 - 2014-06-22 19:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-14 13:28 - 2014-12-09 14:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 07:19 - 2014-06-22 21:55 - 00000000 ____D () C:\windows\system32\MRT
2015-01-14 07:13 - 2014-06-22 21:55 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-11 01:59 - 2014-07-09 00:07 - 00000000 ____D () C:\Users\Chris\Desktop\Games
2014-12-30 14:45 - 2009-07-14 06:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-12-30 03:15 - 2014-06-23 16:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-30 02:56 - 2014-09-28 01:47 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-12-30 02:53 - 2014-11-30 23:31 - 00000000 ____D () C:\Program Files (x86)\PSPad editor
2014-12-30 00:36 - 2014-10-14 11:50 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\SpiderOak
2014-12-29 18:27 - 2014-06-23 00:55 - 00000983 _____ () C:\Users\Public\Desktop\Mp3tag.lnk
2014-12-29 18:27 - 2014-06-23 00:55 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
 
==================== Files in the root of some directories =======
2014-11-23 13:46 - 2014-11-23 13:49 - 0000554 _____ () C:\Users\Chris\AppData\Roaming\koukou.ini
2014-06-25 22:55 - 2014-06-25 22:55 - 0001508 _____ () C:\Users\Chris\AppData\Local\recently-used.xbel
2014-07-27 02:59 - 2015-01-21 06:56 - 0007627 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2014-10-01 23:25 - 2014-12-13 01:23 - 0000780 _____ () C:\Users\Chris\AppData\Local\RT2870_{B36C1905-424C-4B9C-B477-E3EF8B03C552}_prof
2014-10-01 23:25 - 2014-12-13 01:23 - 0000792 _____ () C:\Users\Chris\AppData\Local\RT2870_{B36C1905-424C-4B9C-B477-E3EF8B03C552}_sta
2014-06-22 19:27 - 2014-06-22 19:27 - 0000780 _____ () C:\Users\Chris\AppData\Local\RT2870_{D233C410-4233-4100-9C7D-EBA0ACC0C3EA}_prof
2014-06-22 19:27 - 2014-06-22 19:27 - 0000769 _____ () C:\Users\Chris\AppData\Local\RT2870_{D233C410-4233-4100-9C7D-EBA0ACC0C3EA}_sta
2014-07-16 17:21 - 2014-07-16 17:21 - 0000008 _____ () C:\ProgramData\extras.lib
2014-06-23 00:43 - 2014-06-23 00:44 - 0000205 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2015-01-14 12:14
 
==================== End Of Log ============================

 

Attached Files

  • Attached File  FRST.txt   46.63KB   1 downloads

Edited by ChrisCGN, 23 January 2015 - 07:22 PM.


BC AdBot (Login to Remove)

 


#2 ChrisCGN

ChrisCGN
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 23 January 2015 - 06:59 PM

Here's the Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Chris at 2015-01-24 00:32:37
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
1Password 1.0.9.341 (HKLM-x32\...\1Password_is1) (Version: 1.0 - AgileBits)
1Password 4.1.0.530 (HKLM-x32\...\1Password4_is1) (Version: 4.0 - AgileBits)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG8200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG8200_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dropbox (HKU\S-1-5-21-1658664929-4190690133-2850637579-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
f.lux (HKU\S-1-5-21-1658664929-4190690133-2850637579-1000\...\Flux) (Version:  - )
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hama Wireless LAN Adapter (HKLM-x32\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Mega Codec Pack 10.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
MakeMKV v1.8.14 (HKLM-x32\...\MakeMKV) (Version: v1.8.14 - GuinpinSoft inc)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1019 - Marvell)
Mashup (x32 Version: 2.0.316.0 - Mixed In Key LLC) Hidden
Mashup 2.0 (HKU\S-1-5-21-1658664929-4190690133-2850637579-1000\...\{a3aab771-de1e-46ef-aa2c-6245ceadbfba}) (Version: 2.0.316.0 - Mixed In Key LLC)
MediaInfo 0.7.71 (HKLM\...\MediaInfo) (Version: 0.7.71 - MediaArea.net)
MediaInfo Lite 0.7.71 (HKLM-x32\...\mediainfolite_is1) (Version: 0.7.71 - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mixed In Key 5 (HKLM-x32\...\{5C64CCE1-D944-4E81-94AD-B340070048A3}) (Version: 5.5.1005.0 - Mixed In Key LLC)
MixMeister Fusion 7.6.0 (HKLM-x32\...\mmfsetup_is1) (Version:  - MixMeister Technology LLC)
MKVToolNix 7.3.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.3.0 - Moritz Bunkus)
Mozilla Firefox 35.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0a1 - Mozilla)
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF24 Creator 6.5.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Perfectly Clear Plugin 1.7.1 (HKLM-x32\...\Perfectly Clear Plugin) (Version: 1.7.1 - Athentech)
PhotoSync (HKLM\...\{C05D2D98-CCBD-4E66-9954-021ED55CB1E2}) (Version: 2.3.0 - touchbyte GmbH)
plist Editor Pro 2.1.0 (HKLM-x32\...\plist Editor Pro) (Version: 2.1.0 - VOWSoft, Ltd.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Recover Keys (HKLM-x32\...\Recover Keys_is1) (Version: 8.0.3.112 - Recover Keys)
Security Task Manager 2.0 (HKLM-x32\...\Security Task Manager) (Version: 2.0 - Neuber Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Spotify (HKU\S-1-5-21-1658664929-4190690133-2850637579-1000\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
USBFast (HKLM-x32\...\{AED142A8-96EA-42DE-B212-60BFC98D6CC7}) (Version: 1.3.0.30 - Prolific Technology Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XnView 2.22 (HKLM-x32\...\XnView_is1) (Version: 2.22 - Gougelet Pierre-e)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1658664929-4190690133-2850637579-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1658664929-4190690133-2850637579-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1658664929-4190690133-2850637579-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1658664929-4190690133-2850637579-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1658664929-4190690133-2850637579-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1658664929-4190690133-2850637579-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1658664929-4190690133-2850637579-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1658664929-4190690133-2850637579-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1658664929-4190690133-2850637579-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
21-01-2015 22:06:41 Installed Windows 7 USB/DVD Download Tool
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-01-18 18:24 - 2015-01-21 15:03 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0CF1A260-802F-47D3-89BF-74D9D7EEA40A} - System32\Tasks\{D2D9C9D2-1089-455E-A4DA-4F7A88868321} => pcalua.exe -a C:\Users\Chris\Downloads\zip_repair.exe -d C:\Users\Chris\Downloads
Task: {472185AA-BFCB-4DE1-88C6-DE8C58FD6F15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {49C8A919-6A61-496A-BAE6-55E11651B131} - System32\Tasks\{8D11741A-A838-481C-ACE6-C6CEDDBA36AA} => pcalua.exe -a "C:\Program Files (x86)\MixMeister Fusion\MmUnInst.exe" -d "C:\Program Files (x86)\MixMeister Fusion"
Task: {51CC7E39-7A42-490A-9B97-71F4833077F9} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-06-23] ()
Task: {5C5BA952-D395-415E-9E5A-C07BD18ADD55} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6411AB7D-9748-4072-8F25-304D3BE98389} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe
Task: {6DF3DD54-C982-47F7-94FC-D39951BB6135} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {72DC0D9F-81C3-4F12-A3CA-136725F87701} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {76219F6F-1EC8-49BB-8FF6-04463BD9D07B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {900060EC-D2C6-4914-BB4F-9D29C102F988} - System32\Tasks\{2189D590-85E9-411D-A30A-4344C8212732} => pcalua.exe -a C:\Users\Chris\Desktop\pr-setup.exe -d C:\Users\Chris\Desktop
Task: {BDEA696B-9F0D-4640-840B-2D015860325A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-17] (Google Inc.)
Task: {D47A70E5-6DDA-4B2C-89E6-9054D9813A83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-17] (Google Inc.)
Task: {DD35686B-E27C-4F3E-BEBC-3FD8BB9DC5C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E23E065F-06C2-4D6A-B9EC-A2C6AF3CEABF} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {FE657B4F-0A53-4646-86B7-C30B9DDE2C85} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23] (Adobe Systems Incorporated)
 
==================== Loaded Modules (whitelisted) =============
 
2015-01-20 18:11 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-01-20 18:11 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-01-20 18:11 - 2014-12-17 14:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-01-20 18:11 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-01-20 18:11 - 2014-07-24 09:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl
2015-01-20 18:11 - 2014-07-24 09:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl
2015-01-20 18:11 - 2014-07-24 09:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl
2015-01-20 18:11 - 2014-07-24 09:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl
2014-06-22 19:50 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-01-20 18:11 - 2014-12-17 13:45 - 00470544 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdidntconp.dll
2015-01-20 18:11 - 2014-12-17 14:34 - 00187392 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\ui\bdidntconp.ui
2015-01-23 16:04 - 2015-01-21 04:41 - 01450312 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\libglesv2.dll
2015-01-23 16:04 - 2015-01-21 04:41 - 00205128 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\libegl.dll
2015-01-23 16:04 - 2015-01-21 04:41 - 10864456 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\pdf.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-14 23:28 - 2014-10-14 23:28 - 08897696 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\windows\SysWOW64\FlashPlayerInstaller.exe:BDU
AlternateDataStreams: C:\Users\Chris\Desktop\FRST64.exe:BDU
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: ASGT => 2
MSCONFIG\Services: FoxitCloudUpdateService => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: RichVideo => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Hama Wireless LAN Utility.lnk => C:\windows\pss\Hama Wireless LAN Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Chris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Chris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: Agile1pAgent => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
MSCONFIG\startupreg: Bdagent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe"
MSCONFIG\startupreg: Bitdefender Wallet Agent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: f.lux => "C:\Users\Chris\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LGODDFU => "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SpiderOak => 
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Chris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Tresorit => 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-1658664929-4190690133-2850637579-500 - Administrator - Disabled)
Chris (S-1-5-21-1658664929-4190690133-2850637579-1000 - Administrator - Enabled) => C:\Users\Chris
Guest (S-1-5-21-1658664929-4190690133-2850637579-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/24/2015 00:19:11 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/24/2015 00:12:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.5.0.0, time stamp: 0x52aef33f
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x5315a05a
Exception code: 0xe0434352
Fault offset: 0x000000000000940d
Faulting process id: 0x8a0
Faulting application start time: 0xAutoKMS.exe0
Faulting application path: AutoKMS.exe1
Faulting module path: AutoKMS.exe2
Report Id: AutoKMS.exe3
 
Error: (01/24/2015 00:12:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
   at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
   at ..(System.String, System.String, ., System.String)
   at ...ctor()
   at ..(.)
   at ..()
 
Error: (01/24/2015 00:00:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.5.0.0, time stamp: 0x52aef33f
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x5315a05a
Exception code: 0xe0434352
Fault offset: 0x000000000000940d
Faulting process id: 0x72c
Faulting application start time: 0xAutoKMS.exe0
Faulting application path: AutoKMS.exe1
Faulting module path: AutoKMS.exe2
Report Id: AutoKMS.exe3
 
Error: (01/24/2015 00:00:50 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
   at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
   at ..(System.String, System.String, ., System.String)
   at ...ctor()
   at ..(.)
   at ..()
 
Error: (01/23/2015 11:45:13 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /ForceROT{A93F0837-8462-4B7E-BD0C-E59D75567D0C}; Description = Konfiguriert ASUS GPU Tweak; Error = 0x80070422).
 
Error: (01/23/2015 11:43:46 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall; Description = Konfiguriert YouCam; Error = 0x80070422).
 
Error: (01/23/2015 11:43:12 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall; Description = Konfiguriert PowerStarter; Error = 0x80070422).
 
Error: (01/23/2015 11:42:10 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall; Description = Konfiguriert Power2Go; Error = 0x80070422).
 
Error: (01/23/2015 11:40:54 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe Files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe" /z-uninstall; Description = Konfiguriert MediaShow; Error = 0x80070422).
 
 
System errors:
=============
Error: (01/24/2015 00:25:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: 
%%1058
 
Error: (01/24/2015 00:25:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error: 
%%1058
 
Error: (01/24/2015 00:25:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: 
%%1058
 
Error: (01/24/2015 00:25:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error: 
%%1058
 
Error: (01/24/2015 00:22:31 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error: 
%%5
 
Error: (01/24/2015 00:21:54 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error: 
%%5
 
Error: (01/24/2015 00:21:54 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error: 
%%5
 
Error: (01/24/2015 00:21:54 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error: 
%%5
 
Error: (01/24/2015 00:19:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Cryptographic Services service failed to start due to the following error: 
%%1079
 
Error: (01/24/2015 00:18:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Cryptographic Services service failed to start due to the following error: 
%%1079
 
 
Microsoft Office Sessions:
=========================
Error: (01/24/2015 00:19:11 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Chris\Desktop\esetsmartinstaller_enu.exe
 
Error: (01/24/2015 00:12:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AutoKMS.exe2.5.0.052aef33fKERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d8a001d03761f39be9d7C:\Windows\AutoKMS\AutoKMS.exeC:\windows\system32\KERNELBASE.dll462894d2-a355-11e4-a455-00248cfca8bd
 
Error: (01/24/2015 00:12:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
   at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
   at ..(System.String, System.String, ., System.String)
   at ...ctor()
   at ..(.)
   at ..()
 
Error: (01/24/2015 00:00:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AutoKMS.exe2.5.0.052aef33fKERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d72c01d037605d147221C:\Windows\AutoKMS\AutoKMS.exeC:\windows\system32\KERNELBASE.dllb0fca604-a353-11e4-a2c1-00248cfca8bd
 
Error: (01/24/2015 00:00:50 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
   at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
   at ..(System.String, System.String, ., System.String)
   at ...ctor()
   at ..(.)
   at ..()
 
Error: (01/23/2015 11:45:13 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /ForceROT{A93F0837-8462-4B7E-BD0C-E59D75567D0C}Konfiguriert ASUS GPU Tweak0x80070422
 
Error: (01/23/2015 11:43:46 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstallKonfiguriert YouCam0x80070422
 
Error: (01/23/2015 11:43:12 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstallKonfiguriert PowerStarter0x80070422
 
Error: (01/23/2015 11:42:10 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstallKonfiguriert Power2Go0x80070422
 
Error: (01/23/2015 11:40:54 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe Files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe" /z-uninstallKonfiguriert MediaShow0x80070422
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-01-21 15:02:45.750
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-21 15:02:45.656
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-21 15:02:45.547
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-21 15:02:45.438
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-19 08:47:39.789
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-19 08:47:39.695
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 41%
Total physical RAM: 6135.11 MB
Available physical RAM: 3560.17 MB
Total Pagefile: 24538.3 MB
Available Pagefile: 21669.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1863.01 GB) (Free:406.74 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:596.07 GB) (Free:73.18 GB) NTFS
Drive g: (STORE N GO) (Removable) (Total:7.47 GB) (Free:7.18 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 46E5FCD8)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 53A62D7C)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 36E9CF35)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Attached Files



#3 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,044 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:41 PM

Posted 25 January 2015 - 02:26 PM

Hey, :)

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#4 ChrisCGN

ChrisCGN
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 27 January 2015 - 09:08 AM

Hello Machiavelli,

I have some updates from my side:
I reinstalled the PC, because this was getting too uncomfortable for me...
BUT, whatever infected me actually is on my system again....god knows how...

I have the new FRST-logs from the fresh install and gonna attach them and then run the programs you mentioned and post their logs as well.

p.s.: Could this originate from a different computer in the home-network?

 

p.p.s.: I switched back to FF as my main browser....just to have "No Script" again...


Edited by ChrisCGN, 27 January 2015 - 09:43 AM.


#5 ChrisCGN

ChrisCGN
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 27 January 2015 - 09:11 AM

FRST.txt - after reinstallation - before running ADWCleaner, Mbam, JRT

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Chris (administrator) on CHRIS-PC on 27-01-2015 14:37:47
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris & UpdatusUser (Available profiles: Chris & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hama GmbH & Co KG) C:\Program Files (x86)\Hama\Common\RaUI.exe
(AgileBits) C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Chris\AppData\Local\Temp\BDAntiCryptoWall\BDAntiCryptoWall.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1686480 2014-12-17] (Bitdefender)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [Agile1pAgent] => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [3706640 2014-11-20] (AgileBits)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2561848 2014-12-10] (Malwarebytes Corporation)
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2014-11-25] (Bitdefender)
HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2015-01-13] (Tonec Inc.)
HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\MountPoints2: {a58cbd15-a53f-11e4-bf8d-806e6f6e6963} - E:\CheckID.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hama Wireless LAN Utility.lnk
ShortcutTarget: Hama Wireless LAN Utility.lnk -> C:\Program Files (x86)\Hama\Common\RaUI.exe (Hama GmbH & Co KG)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3560617416-725466407-2438327745-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/de-de/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll (AgileBits)
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll (AgileBits)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKU\S-1-5-21-3560617416-725466407-2438327745-1000 -> Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\jhbxuc9j.default
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: NoScript - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\jhbxuc9j.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-01-26]
FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\jhbxuc9j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-26]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-01-26]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5 [2015-01-26]
FF HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.duckduckgo.com/"
CHR DefaultSearchURL: Default -> https://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (1Password: Password Manager and Secure Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-26]
CHR Extension: (MEGA) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Adblock Plus) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-26]
CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (ZenMate Security & Privacy VPN) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-01-26]
CHR Extension: (IDM Integration Module) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2015-01-26]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2014-12-15] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-09-25] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2014-12-02] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2014-12-10] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-27] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avc3.sys 70CCDD9BCBAA5A918A7D135E28A824E2
C:\Windows\System32\DRIVERS\avckf.sys 0956716D5565680DC83992C11BBDB2C2
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys 3533B749563E89EFAC7290A2BA3B4097
C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys EC80614A72BC7039D2B22E3DD6C15895
C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys C0247341C1BCD7FF2742821D0AD7AFBC
C:\Windows\system32\drivers\bdsandbox.sys 9FDA6E9379C3434625B06B192E37C1B6
C:\Windows\System32\DRIVERS\bdvedisk.sys 50F796CB1E8C80F3D19435CB50C3DAB5
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys 00C3C6C55C435810C9475C219F4D1B26
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\gzflt.sys C8B54E81501386A91B0E0BD596965C9B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\idmwfp.sys 3F2013A2880FE503B1B3BC8212764923
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 41774FF331F609EF442B7398EE6202B1
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbamchameleon.sys 478CC94C937D235CB0A96AB8F2359D81
C:\Windows\system32\drivers\mbam.sys CA43F8904E24BBE49982E4C0B29E6579
C:\Windows\system32\drivers\MBAMSwissArmy.sys 26C43960C99EE861A5D0EDC4DCF3B1C3
C:\Windows\system32\drivers\mwac.sys A646C2DDB8C46E9B20A326FAF566646C
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys 2219A3D695405E7BA2186BA6B9EDE14A
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netr28ux.sys EED1FBDE98CF5F6D5C0C5B27AB1F68EC
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys 8EBCB9165EE7F1571842F4D9D624A74C
C:\Windows\System32\DRIVERS\nusb3xhc.sys 5D54DBB12BBFE07CC283FD39F2CD6D63
C:\Windows\System32\drivers\nvhda64v.sys E366A5681C50785D4ED04FCFD65C3415
C:\Windows\System32\DRIVERS\nvlddmkm.sys 2232AE1BB51A96A7381A2CA17DF12E24
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\synth3dvsc.sys C3A39C4079305480972D29C44B868C78
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys EF4469AB69EB15E5D3754E6AEAFBCD3D
C:\Windows\System32\DRIVERS\trufos.sys 3E75A47D2DEFD2683DCA409572FBE8B2
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\yk62x64.sys ==> MD5 is legit

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 14:37 - 2015-01-27 14:38 - 00031528 _____ () C:\Users\Chris\Desktop\FRST.txt
2015-01-27 14:35 - 2015-01-27 14:35 - 00000381 _____ () C:\Users\Chris\Desktop\Eset1.txt
2015-01-27 13:11 - 2015-01-27 13:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-27 13:10 - 2015-01-27 13:10 - 00000000 ____D () C:\Users\Chris\AppData\Local\NVIDIA
2015-01-27 02:20 - 2015-01-27 02:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-27 02:20 - 2015-01-27 02:20 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-27 02:17 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-01-27 02:17 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-01-27 02:17 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-01-27 02:17 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-01-27 02:17 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-01-27 02:17 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-27 02:17 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-01-27 02:17 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-01-27 02:17 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-01-27 02:17 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-01-27 02:17 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-27 02:17 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-01-27 02:17 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-01-27 02:17 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-27 02:17 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-01-27 02:17 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-01-27 02:17 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-27 02:17 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-01-27 02:14 - 2015-01-27 02:14 - 00749404 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-27 02:11 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-01-27 02:11 - 2012-08-23 15:12 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\terminpt.sys
2015-01-27 02:11 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-01-27 02:11 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-01-27 02:11 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-01-27 02:11 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-01-27 02:11 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-01-27 02:11 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-01-27 02:10 - 2014-07-02 18:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-27 02:06 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-01-27 02:06 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-01-27 01:35 - 2015-01-27 01:35 - 943446123 _____ () C:\Users\Chris\Downloads\Looking.S02E03.720p.HDTV.x264-KILLERS.mkv
2015-01-27 01:30 - 2015-01-27 01:30 - 00003236 _____ () C:\Windows\System32\Tasks\BDAntiCryptoWallTask
2015-01-27 01:30 - 2015-01-27 01:30 - 00002038 __RSH () C:\ProgramData\ntuser.pol
2015-01-27 01:26 - 2015-01-27 01:26 - 1880539615 _____ () C:\Users\Chris\Downloads\Gotham.S01E12.1080p.WEB-DL.DD5.1.H.264-ECI_www.theextopia.com.mkv
2015-01-27 00:27 - 2015-01-27 00:27 - 727121018 _____ () C:\Users\Chris\Downloads\Supernatural.S10E10.720p.HDTV.X264-DIMENSION_www.theextopia.com.mkv
2015-01-27 00:22 - 2015-01-27 00:22 - 1731733680 _____ () C:\Users\Chris\Downloads\The.Flash.2014.S01E10.1080p.WEB-DL.DD5.1.H.264-NTb_www.theextopia.com.mkv
2015-01-26 23:54 - 2015-01-26 23:54 - 924010404 _____ () C:\Users\Chris\Downloads\Galavant.S01E06.1080p.WEB-DL.DD5.1.H.264-HWD_www.theextopia.com.mkv
2015-01-26 23:47 - 2015-01-26 23:47 - 898372878 _____ () C:\Users\Chris\Downloads\Galavant.S01E05.1080p.WEB-DL.DD5.1.H.264-HWD_www.theextopia.com.mkv
2015-01-26 22:21 - 2015-01-26 22:22 - 1575785304 _____ () C:\Users\Chris\Downloads\Eye.Candy.S01E02.1080p.WEB-DL.AAC2.0.H.264-KiNGS_www.theextopia.com.mkv
2015-01-26 22:15 - 2015-01-26 22:15 - 00000000 ____D () C:\Users\Chris\AppData\Temp
2015-01-26 21:40 - 2015-01-26 21:41 - 1735823331 _____ () C:\Users\Chris\Downloads\Arrow.S03E10.1080p.WEB-DL.DD5.1.H.264-BS_www.theextopia.com.mkv
2015-01-26 20:41 - 2015-01-26 20:42 - 1907004675 _____ () C:\Users\Chris\Downloads\Empire.2015.S01E03.1080p.WEB.DL.DD5.1.H.264.QUEENS_www.theextopia.com.mkv
2015-01-26 20:28 - 2015-01-26 20:28 - 229607303 _____ () C:\Users\Chris\Downloads\American.Horror.Story.S04E13.1080p.WEB-DL.DD5.1.H.264-ECI_www.theextopia.com.part3.rar
2015-01-26 20:22 - 2015-01-26 20:23 - 1073741824 _____ () C:\Users\Chris\Downloads\American.Horror.Story.S04E13.1080p.WEB-DL.DD5.1.H.264-ECI_www.theextopia.com.part2.rar
2015-01-26 20:00 - 2015-01-26 20:00 - 1073741824 _____ () C:\Users\Chris\Downloads\American.Horror.Story.S04E13.1080p.WEB-DL.DD5.1.H.264-ECI_www.theextopia.com.part1.rar
2015-01-26 19:41 - 2015-01-26 19:41 - 00008192 __RSH () C:\BOOTSECT.BAK
2015-01-26 19:41 - 2015-01-26 11:01 - 00000000 ____D () C:\Windows\Panther
2015-01-26 19:41 - 2010-11-21 04:23 - 00383786 __RSH () C:\bootmgr
2015-01-26 19:35 - 2015-01-26 19:35 - 1123402160 _____ () C:\Users\Chris\Downloads\Revenge.S04E14.720p.HDTV.X264-DIMENSION.mkv
2015-01-26 19:28 - 2015-01-26 19:28 - 1861180362 _____ () C:\Users\Chris\Downloads\The.100.S02E09.1080p.WEB-DL.DD5.1.H.264-KiNGS.mkv
2015-01-26 19:18 - 2015-01-26 19:18 - 1834365867 _____ () C:\Users\Chris\Downloads\The.Vampire.Diaries.S06E11.1080p.WEB-DL.DD5.1.H.264-KiNGS.mkv
2015-01-26 19:16 - 2015-01-26 19:16 - 00001120 _____ () C:\Users\Chris\Desktop\Malwarebytes Anti-Exploit.lnk
2015-01-26 19:08 - 2015-01-26 19:08 - 954858845 _____ () C:\Users\Chris\Downloads\Grimm.S04E10.720p.HDTV.X264-DIMENSION.mkv
2015-01-26 19:00 - 2015-01-26 19:00 - 1738512158 _____ () C:\Users\Chris\Downloads\Banshee.S03E03.720p.HDTV.x264-KILLERS.mkv
2015-01-26 18:40 - 2015-01-26 18:40 - 922398150 _____ () C:\Users\Chris\Downloads\Helix.S02E02.720p.HDTV.x264-KILLERS.mkv
2015-01-26 18:31 - 2015-01-26 18:31 - 00002082 _____ () C:\Users\Chris\Desktop\JDownloader 2.lnk
2015-01-26 18:31 - 2015-01-26 18:31 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-01-26 18:31 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-26 18:31 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-26 18:31 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-26 18:31 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-26 18:31 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-26 18:31 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-01-26 18:31 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-26 18:31 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2015-01-26 18:31 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-26 18:31 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-01-26 18:31 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-01-26 18:31 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-01-26 18:31 - 2011-03-11 07:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-01-26 18:31 - 2011-03-11 07:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-01-26 18:31 - 2011-03-11 07:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-01-26 18:31 - 2011-03-11 07:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-01-26 18:31 - 2011-03-11 07:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-01-26 18:31 - 2011-03-11 07:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-01-26 18:31 - 2011-03-11 07:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-01-26 18:31 - 2011-03-11 06:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-01-26 18:31 - 2011-03-11 06:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2015-01-26 18:31 - 2011-03-11 05:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-01-26 18:29 - 2015-01-26 18:30 - 00000000 ____D () C:\Users\Chris\AppData\Local\JDownloader v2.0
2015-01-26 18:24 - 2015-01-27 01:26 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\vlc
2015-01-26 18:23 - 2015-01-26 18:23 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-01-26 18:23 - 2015-01-26 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-26 18:22 - 2015-01-26 18:22 - 00000000 ____D () C:\Program Files\VideoLAN
2015-01-26 18:20 - 2015-01-27 13:10 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2015-01-26 18:20 - 2015-01-26 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-01-26 18:20 - 2015-01-26 18:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-01-26 18:15 - 2015-01-26 18:15 - 1421616689 _____ () C:\Users\Chris\Downloads\Gotham.S01E12.What.The.Little.Bird.Told.Him.720p.WEB-DL.DD5.1.H.264-ECI.mkv
2015-01-26 18:03 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-26 18:03 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-26 17:55 - 2015-01-26 17:55 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Adobe
2015-01-26 17:15 - 2015-01-26 17:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 17:15 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-01-26 17:15 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-01-26 17:15 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-01-26 17:15 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-01-26 16:57 - 2015-01-27 13:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 16:57 - 2015-01-26 16:57 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-26 16:57 - 2015-01-26 16:57 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-26 16:57 - 2015-01-26 16:57 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Mozilla
2015-01-26 16:57 - 2015-01-26 16:57 - 00000000 ____D () C:\Users\Chris\AppData\Local\Mozilla
2015-01-26 16:57 - 2015-01-26 16:57 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-26 16:56 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-01-26 16:56 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-01-26 16:56 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-01-26 16:48 - 2015-01-26 16:48 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-26 16:48 - 2015-01-26 16:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-26 16:48 - 2015-01-26 16:48 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-26 16:48 - 2015-01-26 16:48 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-26 16:48 - 2015-01-26 16:48 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-01-26 16:48 - 2015-01-26 16:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-01-26 16:48 - 2015-01-26 16:48 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-26 16:48 - 2015-01-26 16:48 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-01-26 16:48 - 2015-01-26 16:48 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-26 16:48 - 2015-01-26 16:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-01-26 16:48 - 2015-01-26 16:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-26 16:47 - 2015-01-26 16:47 - 00007605 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2015-01-26 16:24 - 2015-01-26 16:24 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-01-26 16:18 - 2015-01-26 16:56 - 00017549 _____ () C:\Windows\IE11_main.log
2015-01-26 16:11 - 2015-01-26 16:11 - 13945728 _____ () C:\Users\Chris\Desktop\BDAntiCryptoWall_Release.exe
2015-01-26 15:22 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-26 15:22 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-26 15:22 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-01-26 15:21 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-26 15:21 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-26 15:21 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-26 15:21 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-26 15:21 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-01-26 15:21 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-01-26 15:21 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-01-26 15:20 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-01-26 15:20 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-01-26 15:20 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-01-26 15:20 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-01-26 15:20 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-01-26 15:20 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-01-26 15:20 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-01-26 15:20 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-01-26 15:11 - 2012-03-01 07:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-01-26 15:11 - 2012-03-01 07:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-01-26 15:11 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-01-26 15:03 - 2015-01-26 15:06 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-26 15:03 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-26 15:01 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-26 15:01 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-01-26 15:01 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-01-26 15:01 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-26 15:01 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-26 15:01 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-26 15:01 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-01-26 15:01 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-26 14:59 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-26 14:59 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-01-26 14:59 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-01-26 14:59 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-01-26 14:59 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-01-26 14:59 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-01-26 14:59 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-01-26 14:59 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-01-26 14:59 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-01-26 14:59 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-01-26 14:59 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-01-26 14:59 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-01-26 14:59 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-01-26 14:59 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-01-26 14:59 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-01-26 14:59 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-01-26 14:59 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-01-26 14:59 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-01-26 14:59 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-01-26 14:59 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-01-26 14:59 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-01-26 14:59 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-01-26 14:59 - 2012-02-17 07:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-01-26 14:59 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-01-26 14:59 - 2012-02-17 05:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-01-26 14:59 - 2011-06-16 06:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-01-26 14:59 - 2011-06-16 05:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-01-26 14:59 - 2011-03-03 07:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-01-26 14:59 - 2011-03-03 07:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-01-26 14:59 - 2011-03-03 07:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-01-26 14:59 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-01-26 14:59 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2015-01-26 14:59 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-01-26 14:58 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-26 14:58 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-26 14:58 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-26 14:58 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-26 14:58 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-26 14:58 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-26 14:58 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-26 14:58 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-26 14:58 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-01-26 14:58 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-01-26 14:58 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-01-26 14:58 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-01-26 14:58 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-01-26 14:58 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-01-26 14:58 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-01-26 14:58 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-01-26 14:58 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-01-26 14:58 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-01-26 14:58 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-01-26 14:58 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-01-26 14:58 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-01-26 14:58 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-01-26 14:58 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-01-26 14:58 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-01-26 14:58 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-01-26 14:58 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-01-26 14:58 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-01-26 14:58 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-01-26 14:58 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-01-26 14:58 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-26 14:58 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-26 14:58 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-01-26 14:58 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-01-26 14:58 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-01-26 14:58 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-01-26 14:58 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-01-26 14:58 - 2010-12-23 11:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-01-26 14:58 - 2010-12-23 11:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-01-26 14:58 - 2010-12-23 11:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-01-26 14:58 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2015-01-26 14:58 - 2010-12-23 06:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2015-01-26 14:58 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2015-01-26 14:57 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-26 14:57 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-26 14:57 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-26 14:57 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-26 14:57 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-26 14:57 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-26 14:57 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-26 14:57 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-01-26 14:57 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-01-26 14:57 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-26 14:57 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-01-26 14:57 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-01-26 14:57 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-01-26 14:57 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-01-26 14:57 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-01-26 14:57 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-01-26 14:57 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-01-26 14:57 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-01-26 14:57 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-01-26 14:57 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-01-26 14:57 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-01-26 14:57 - 2012-11-28 23:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-01-26 14:57 - 2011-12-30 07:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-01-26 14:57 - 2011-12-30 06:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-01-26 14:57 - 2011-05-24 12:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-01-26 14:57 - 2011-05-24 11:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2015-01-26 14:57 - 2011-05-24 11:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2015-01-26 14:57 - 2011-05-24 11:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2015-01-26 14:57 - 2011-05-24 11:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-01-26 14:57 - 2011-04-29 04:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-01-26 14:57 - 2011-04-29 04:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-01-26 14:57 - 2011-04-29 04:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-01-26 14:57 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-01-26 14:57 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-01-26 14:56 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-26 14:56 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-26 14:56 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-26 14:56 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-26 14:56 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-26 14:56 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-26 14:56 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-26 14:56 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-26 14:56 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-26 14:56 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-26 14:56 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-26 14:56 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-26 14:56 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-26 14:56 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-26 14:56 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-26 14:56 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-01-26 14:56 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-26 14:56 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-01-26 14:56 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-26 14:56 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-01-26 14:56 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-26 14:56 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-26 14:56 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-26 14:56 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-26 14:56 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-26 14:56 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-01-26 14:56 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-01-26 14:56 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-01-26 14:56 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-01-26 14:56 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-01-26 14:56 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-01-26 14:56 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-01-26 14:56 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-01-26 14:56 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-26 14:56 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-26 14:56 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-01-26 14:56 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-01-26 14:56 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-01-26 14:56 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-01-26 14:56 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-01-26 14:56 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-01-26 14:56 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-01-26 14:56 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-01-26 14:56 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-01-26 14:56 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-01-26 14:56 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-01-26 14:56 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-01-26 14:56 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-01-26 14:56 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-01-26 14:56 - 2011-08-17 06:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-01-26 14:56 - 2011-08-17 06:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-01-26 14:56 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2015-01-26 14:56 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2015-01-26 14:55 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-26 14:55 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-01-26 14:55 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-26 14:55 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-01-26 14:55 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-01-26 14:55 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-01-26 14:55 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-01-26 14:55 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-01-26 14:55 - 2012-01-04 11:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-01-26 14:55 - 2012-01-04 09:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-01-26 14:55 - 2011-06-15 11:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-01-26 14:55 - 2011-06-15 11:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-01-26 14:55 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-01-26 14:55 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-26 14:53 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-26 14:53 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-26 14:53 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-26 14:53 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-26 14:53 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-01-26 14:53 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-26 14:53 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-26 14:53 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-26 14:53 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-01-26 14:53 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-01-26 14:53 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-26 14:53 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-01-26 14:53 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-01-26 14:53 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-01-26 14:53 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-26 14:53 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-01-26 14:53 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-01-26 14:53 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-01-26 14:53 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-01-26 14:53 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-01-26 14:53 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-01-26 14:53 - 2012-04-26 06:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-01-26 14:53 - 2012-04-26 06:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-01-26 14:52 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-26 14:52 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-01-26 14:52 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-26 14:52 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-01-26 14:52 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-01-26 14:52 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-01-26 14:52 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-01-26 14:52 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-01-26 14:52 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-01-26 14:52 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-01-26 14:52 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-01-26 14:52 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-01-26 14:52 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-01-26 14:52 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-01-26 14:52 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-01-26 14:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-01-26 14:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-01-26 14:52 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-01-26 14:52 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-01-26 14:52 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-01-26 14:52 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-01-26 14:52 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-01-26 14:52 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-01-26 14:52 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-01-26 14:52 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-01-26 14:52 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-01-26 14:52 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-01-26 14:52 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-01-26 14:52 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-01-26 14:52 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-01-26 14:52 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-01-26 14:52 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-01-26 14:52 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-01-26 14:52 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-01-26 14:52 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-01-26 14:52 - 2012-07-04 23:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-01-26 14:52 - 2012-07-04 23:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-01-26 14:52 - 2012-07-04 23:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-01-26 14:52 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2015-01-26 14:52 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2015-01-26 14:51 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-26 14:51 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-26 14:51 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-26 14:51 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-26 14:51 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-26 14:51 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-26 14:51 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-26 14:51 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-26 14:51 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-26 14:51 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-26 14:51 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-26 14:51 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-26 14:51 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-26 14:51 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-26 14:51 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-01-26 14:51 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-01-26 14:51 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-01-26 14:51 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-26 14:51 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-01-26 14:51 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-26 14:51 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-26 14:51 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-01-26 14:51 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-01-26 14:51 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-01-26 14:51 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-01-26 14:51 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-01-26 14:51 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-01-26 14:51 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-01-26 14:51 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-01-26 14:51 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-01-26 14:51 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-01-26 14:51 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-01-26 14:51 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-01-26 14:51 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-01-26 14:51 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-01-26 14:51 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-01-26 14:51 - 2012-06-06 07:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-01-26 14:51 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-01-26 14:51 - 2011-11-17 07:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-01-26 14:51 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2015-01-26 14:51 - 2011-10-26 06:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-01-26 14:51 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-01-26 14:51 - 2011-10-15 07:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-01-26 14:51 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2015-01-26 14:51 - 2011-05-04 06:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-01-26 14:51 - 2011-05-04 06:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-01-26 14:51 - 2011-05-04 06:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-01-26 14:51 - 2011-05-04 06:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-01-26 14:51 - 2011-05-04 05:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-01-26 14:51 - 2011-05-04 05:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-01-26 14:51 - 2011-05-04 05:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-01-26 14:51 - 2011-05-04 05:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-01-26 14:51 - 2011-03-11 07:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-01-26 14:51 - 2011-03-11 07:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-01-26 14:51 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-01-26 14:51 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-01-26 14:50 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-26 14:50 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-01-26 14:50 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-26 14:50 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-01-26 14:50 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-01-26 14:50 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-01-26 14:50 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-01-26 14:50 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-01-26 14:50 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-01-26 14:50 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-01-26 14:50 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-01-26 14:50 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-01-26 14:50 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-01-26 14:50 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-01-26 14:50 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-01-26 14:50 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-01-26 14:50 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-01-26 14:50 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-01-26 14:50 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-01-26 14:50 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-01-26 14:50 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-01-26 14:50 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-01-26 14:50 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2015-01-26 14:50 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-01-26 14:50 - 2012-05-14 06:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-01-26 14:50 - 2012-03-17 08:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-01-26 14:50 - 2011-12-16 09:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-01-26 14:50 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2015-01-26 14:50 - 2011-08-27 06:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-01-26 14:50 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2015-01-26 14:50 - 2011-07-09 03:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-01-26 14:50 - 2011-05-03 06:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-01-26 14:50 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-01-26 14:50 - 2011-04-27 03:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-01-26 14:50 - 2011-04-27 03:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-01-26 14:50 - 2011-02-23 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-01-26 14:50 - 2011-02-18 11:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-01-26 14:50 - 2011-02-18 06:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-01-26 14:50 - 2011-02-12 12:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-01-26 14:50 - 2011-02-05 18:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-01-26 14:50 - 2011-02-05 18:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2015-01-26 14:50 - 2011-02-05 18:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-01-26 14:50 - 2011-02-05 18:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2015-01-26 14:50 - 2011-02-05 18:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-01-26 14:50 - 2011-02-05 18:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-01-26 14:50 - 2011-02-05 18:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-01-26 14:41 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-01-26 14:41 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-01-26 14:41 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-01-26 14:41 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-01-26 14:41 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-01-26 14:40 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-01-26 14:40 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-01-26 14:28 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-01-26 14:11 - 2015-01-27 13:31 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\DMCache
2015-01-26 14:11 - 2015-01-26 16:10 - 00000000 ____D () C:\Users\Chris\Downloads\Compressed
2015-01-26 14:11 - 2015-01-26 14:33 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\IDM
2015-01-26 14:11 - 2015-01-26 14:11 - 00001009 _____ () C:\Users\Chris\Desktop\Internet Download Manager.lnk
2015-01-26 14:11 - 2015-01-26 14:11 - 00000000 ____D () C:\Users\Chris\Downloads\Video
2015-01-26 14:11 - 2015-01-26 14:11 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-26 14:11 - 2015-01-26 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-26 14:11 - 2015-01-26 14:11 - 00000000 ____D () C:\ProgramData\IDM
2015-01-26 14:10 - 2015-01-26 14:11 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-01-26 13:36 - 2015-01-26 13:36 - 02347384 _____ (ESET) C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe
2015-01-26 13:25 - 2015-01-26 13:25 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-01-26 13:25 - 2015-01-26 13:25 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-01-26 13:20 - 2015-01-27 14:25 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 13:20 - 2015-01-27 13:27 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-26 13:20 - 2015-01-27 13:25 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-26 13:20 - 2015-01-26 13:20 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-26 13:20 - 2015-01-26 13:20 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\Users\Chris\AppData\Local\Deployment
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\Users\Chris\AppData\Local\Apps\2.0
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-26 12:56 - 2015-01-26 12:56 - 00527147 _____ () C:\ProgramData\1422273176.bdinstall.bin
2015-01-26 12:56 - 2015-01-26 12:56 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2015-01-26 12:56 - 2015-01-26 12:56 - 00000385 _____ () C:\Users\Chris\AppData\Roaminguser_gensett.xml
2015-01-26 12:55 - 2015-01-26 13:15 - 00000000 ____D () C:\ProgramData\BDLogging
2015-01-26 12:55 - 2015-01-26 12:55 - 00002122 _____ () C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2015-01-26 12:55 - 2015-01-26 12:55 - 00000684 ____H () C:\bdr-cf01
2015-01-26 12:55 - 2015-01-26 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-01-26 12:55 - 2014-12-02 16:40 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-01-26 12:55 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-01-26 12:55 - 2014-09-25 15:57 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-01-26 12:55 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-01-26 12:55 - 2013-11-13 15:41 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2015-01-26 12:55 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-01-26 12:55 - 2009-07-14 14:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-01-26 12:55 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-01-26 12:54 - 2015-01-26 13:01 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Bitdefender
2015-01-26 12:54 - 2015-01-26 12:55 - 00253404 ____H () C:\bdr-ld01
2015-01-26 12:54 - 2015-01-26 12:55 - 00009216 ____H () C:\bdr-ld01.mbr
2015-01-26 12:54 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2015-01-26 12:54 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2015-01-26 12:53 - 2015-01-26 12:55 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-01-26 12:53 - 2015-01-26 12:54 - 00000000 ____D () C:\Program Files\Bitdefender
2015-01-26 12:53 - 2014-12-02 16:37 - 00084336 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2015-01-26 12:53 - 2014-12-02 13:37 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2015-01-26 12:53 - 2014-10-22 09:29 - 00155912 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-01-26 12:53 - 2014-10-15 16:14 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-01-26 12:52 - 2015-01-26 16:13 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\QuickScan
2015-01-26 12:52 - 2015-01-26 12:53 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-01-26 12:42 - 2015-01-26 12:42 - 00000000 ____D () C:\Users\Chris\Documents\1Password
2015-01-26 12:42 - 2015-01-26 12:42 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\AgileBits
2015-01-26 12:29 - 2015-01-26 12:30 - 00000000 ____D () C:\Program Files (x86)\1Password 4
2015-01-26 12:29 - 2015-01-26 12:29 - 00001033 _____ () C:\Users\Public\Desktop\1Password 4.lnk
2015-01-26 12:29 - 2015-01-26 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Password
2015-01-26 12:29 - 2014-04-22 11:30 - 02081792 _____ (Chilkat Software, Inc.) C:\Windows\SysWOW64\ChilkatSocket.dll
2015-01-26 12:29 - 2014-04-22 11:30 - 01972736 _____ (Chilkat Software, Inc.) C:\Windows\SysWOW64\ChilkatCrypt2.dll
2015-01-26 12:29 - 2014-04-22 11:30 - 01795072 _____ (Chilkat Software, Inc.) C:\Windows\SysWOW64\ChilkatCert.dll
2015-01-26 12:29 - 2014-04-22 11:30 - 01682432 _____ (Chilkat Software, Inc.) C:\Windows\SysWOW64\ChilkatZip2.dll
2015-01-26 12:28 - 2015-01-27 13:10 - 00000000 ___RD () C:\Users\Chris\Dropbox
2015-01-26 12:28 - 2015-01-26 12:28 - 00001125 _____ () C:\Users\Chris\Desktop\Dropbox.lnk
2015-01-26 12:26 - 2015-01-26 12:26 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-01-26 12:25 - 2015-01-27 13:10 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Dropbox
2015-01-26 12:14 - 2015-01-26 18:03 - 00000769 _____ () C:\Users\Chris\AppData\Local\RT2870_{0DD9E132-1716-4B2C-A232-EE22E71989DF}_sta
2015-01-26 12:13 - 2015-01-26 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-26 12:10 - 2015-01-27 13:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-26 12:10 - 2015-01-26 12:10 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2015-01-26 12:10 - 2014-07-02 19:55 - 06783776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-01-26 12:10 - 2014-07-02 19:55 - 03522392 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-01-26 12:10 - 2014-07-02 19:55 - 02559960 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-01-26 12:10 - 2014-07-02 19:55 - 00935368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-01-26 12:10 - 2014-07-02 19:55 - 00386520 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-01-26 12:10 - 2014-07-02 19:55 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-01-26 12:10 - 2014-07-02 11:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-26 12:10 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-26 12:10 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-26 12:09 - 2015-01-27 02:10 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-26 12:09 - 2015-01-27 02:10 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-26 12:09 - 2015-01-26 12:09 - 00000000 ____D () C:\temp
2015-01-26 12:09 - 2014-08-19 22:15 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-01-26 12:09 - 2014-08-19 22:15 - 00061912 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-01-26 12:09 - 2014-08-19 22:14 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2015-01-26 12:09 - 2012-08-30 20:14 - 01760104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco64.dll
2015-01-26 12:09 - 2012-08-30 20:14 - 01482600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco64.dll
2015-01-26 12:08 - 2015-01-27 02:10 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-26 12:08 - 2014-08-19 22:15 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-26 12:08 - 2014-08-19 22:14 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-01-26 12:05 - 2015-01-26 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEC Electronics
2015-01-26 12:05 - 2015-01-26 12:05 - 00000000 ____D () C:\Program Files (x86)\NEC Electronics
2015-01-26 12:04 - 2015-01-26 12:04 - 00005070 _____ () C:\Windows\Ascd_tmp.ini
2015-01-26 12:04 - 2015-01-26 12:04 - 00001769 _____ () C:\Windows\Language_trs.ini
2015-01-26 12:04 - 2015-01-26 12:04 - 00000000 ____D () C:\Users\Chris\AppData\Local\Downloaded Installations
2015-01-26 12:01 - 2015-01-26 18:03 - 00000778 _____ () C:\Users\Chris\AppData\Local\RT2870_{0DD9E132-1716-4B2C-A232-EE22E71989DF}_prof
2015-01-26 12:00 - 2015-01-26 12:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-26 12:00 - 2015-01-26 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hama Wireless LAN
2015-01-26 12:00 - 2015-01-26 12:00 - 00000000 ____D () C:\Program Files (x86)\Hama
2015-01-26 11:22 - 2015-01-27 13:41 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-26 11:22 - 2015-01-26 11:22 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-26 11:22 - 2015-01-26 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-26 11:22 - 2015-01-26 11:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-26 11:22 - 2015-01-26 11:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-26 11:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-26 11:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-26 11:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-26 11:17 - 2015-01-27 14:37 - 00000000 ____D () C:\FRST
2015-01-26 11:16 - 2015-01-26 11:16 - 02129920 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe
2015-01-26 11:07 - 2015-01-26 11:07 - 00057560 _____ () C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-26 11:04 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-26 11:04 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-26 11:04 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-01-26 11:04 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-26 11:02 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-26 11:02 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-26 11:02 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-01-26 11:02 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-01-26 11:02 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-26 11:02 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-26 11:02 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-26 11:02 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-26 11:02 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-26 11:02 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-26 11:01 - 2015-01-26 17:55 - 00001413 _____ () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-26 11:01 - 2015-01-26 12:28 - 00000000 ____D () C:\Users\Chris
2015-01-26 11:01 - 2015-01-26 11:01 - 00000020 ___SH () C:\Users\Chris\ntuser.ini
2015-01-26 11:01 - 2015-01-26 11:01 - 00000000 __SHD () C:\Recovery
2015-01-26 11:01 - 2015-01-26 11:01 - 00000000 ____D () C:\Users\Chris\AppData\Local\VirtualStore
2015-01-26 11:01 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-26 11:01 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-26 10:51 - 2015-01-27 14:37 - 01053077 _____ () C:\Windows\WindowsUpdate.log
2015-01-26 10:46 - 2015-01-26 10:46 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-01-26 10:46 - 2015-01-26 10:46 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-01-26 10:45 - 2015-01-26 10:45 - 00001355 _____ () C:\Windows\TSSysprep.log
2015-01-13 13:36 - 2014-11-29 01:37 - 00180648 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 14:36 - 2009-07-14 05:45 - 00020832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-27 14:36 - 2009-07-14 05:45 - 00020832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-27 13:09 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-27 13:08 - 2009-07-14 06:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 13:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-27 13:04 - 2009-07-14 05:51 - 00023160 _____ () C:\Windows\setupact.log
2015-01-27 13:03 - 2010-11-21 04:47 - 00011696 _____ () C:\Windows\PFRO.log
2015-01-27 02:20 - 2011-04-12 09:28 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-27 02:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-27 02:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-27 01:30 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-01-26 19:41 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-26 19:41 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-01-26 17:47 - 2009-07-14 05:45 - 00267816 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-26 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-26 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-26 13:15 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2015-01-26 12:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-26 12:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-26 12:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-01-26 11:04 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-26 11:02 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2015-01-26 11:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2015-01-26 10:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-26 10:46 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-26 10:45 - 2009-07-14 05:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2015-01-26 10:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-01-26 10:43 - 2011-04-12 09:28 - 00000000 ____D () C:\Windows\CSC

==================== Files in the root of some directories =======

2015-01-26 16:47 - 2015-01-26 16:47 - 0007605 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2015-01-26 12:01 - 2015-01-26 18:03 - 0000778 _____ () C:\Users\Chris\AppData\Local\RT2870_{0DD9E132-1716-4B2C-A232-EE22E71989DF}_prof
2015-01-26 12:14 - 2015-01-26 18:03 - 0000769 _____ () C:\Users\Chris\AppData\Local\RT2870_{0DD9E132-1716-4B2C-A232-EE22E71989DF}_sta
2015-01-26 12:56 - 2015-01-26 12:56 - 0527147 _____ () C:\ProgramData\1422273176.bdinstall.bin

Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\130667668433770712.exe
C:\Users\Chris\AppData\Local\Temp\13066766855418022401.exe
C:\Users\Chris\AppData\Local\Temp\130667669105233290.exe
C:\Users\Chris\AppData\Local\Temp\13066766913009471234.exe
C:\Users\Chris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplgezff.dll
C:\Users\Chris\AppData\Local\Temp\ICReinstall_13066766855418022401.exe
C:\Users\Chris\AppData\Local\Temp\proxy_vole5875133703648682317.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {ecba0a09-a58a-11e4-b133-81809b18fb3a}
displayorder            {current}
toolsdisplayorder       {bdbdbd00-6057-11e0-a7f3-ce9adfd72001}
                        {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {ecba0a0b-a58a-11e4-b133-81809b18fb3a}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {ecba0a09-a58a-11e4-b133-81809b18fb3a}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {ecba0a0b-a58a-11e4-b133-81809b18fb3a}
device                  ramdisk=[C:]\Recovery\ecba0a0b-a58a-11e4-b133-81809b18fb3a\Winre.wim,{ecba0a0c-a58a-11e4-b133-81809b18fb3a}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\ecba0a0b-a58a-11e4-b133-81809b18fb3a\Winre.wim,{ecba0a0c-a58a-11e4-b133-81809b18fb3a}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {ecba0a09-a58a-11e4-b133-81809b18fb3a}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

Real-mode Boot Sector
---------------------
identifier              {bdbdbd00-6057-11e0-a7f3-ce9adfd72001}
device                  partition=C:
path                    \bdr-ld01.mbr
description             Bitdefender Rescue Mode - Windows 7 Ultimate SP 1 (x64)

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {ecba0a0c-a58a-11e4-b133-81809b18fb3a}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\ecba0a0b-a58a-11e4-b133-81809b18fb3a\boot.sdi



LastRegBack: 2015-01-26 10:42

==================== End Of Log ============================

 

Attached File  FRST.txt   141.45KB   0 downloads


Edited by ChrisCGN, 27 January 2015 - 09:12 AM.


#6 ChrisCGN

ChrisCGN
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 27 January 2015 - 09:14 AM

Addition.txt - after reinstallation - before ADWCleaner, Mbam, JRT

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Chris at 2015-01-27 14:38:38
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1Password 4.1.0.530 (HKLM-x32\...\1Password4_is1) (Version: 4.0 - AgileBits)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
Dropbox (HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hama Wireless LAN Adapter (HKLM-x32\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NVIDIA 3D Vision Controller Driver 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

26-01-2015 11:02:42 Windows Update
26-01-2015 12:00:33 Installiert Hama Wireless LAN Adapter
26-01-2015 12:04:48 Installiert NEC Electronics USB 3.0 Host Controller Driver
26-01-2015 14:34:13 Installed Microsoft Fix it 50123
26-01-2015 15:00:55 Windows Update
27-01-2015 02:06:16 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {3F374F9F-534F-4A81-ADA7-C9B7BD0F1CC7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26] (Google Inc.)
Task: {696D1DDF-D341-48AD-A61C-B72C5FA2D983} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26] (Google Inc.)
Task: {E9AA7B84-1557-497F-B46F-98DB66C3314D} - System32\Tasks\BDAntiCryptoWallTask => C:\Users\Chris\Desktop\BDAntiCryptoWall_Release.exe [2015-01-26] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2015-01-26 12:55 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-01-26 12:55 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-01-26 12:55 - 2014-12-17 14:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-01-26 12:55 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-01-26 12:55 - 2014-07-24 09:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl
2015-01-26 12:55 - 2014-07-24 09:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl
2015-01-26 12:55 - 2014-07-24 09:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl
2015-01-26 12:55 - 2014-07-24 09:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl
2015-01-26 12:10 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-27 01:30 - 2015-01-27 13:10 - 01208024 _____ () C:\Users\Chris\AppData\Local\Temp\BDAntiCryptoWall\BDAntiCryptoWall.exe
2015-01-27 01:30 - 2015-01-27 13:10 - 00091648 _____ () C:\Users\Chris\AppData\Local\Temp\BDAntiCryptoWall\BDMetrics.dll
2015-01-26 12:26 - 2015-01-08 21:44 - 00750080 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-27 13:10 - 2015-01-27 13:10 - 00043008 _____ () c:\users\chris\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplgezff.dll
2015-01-26 12:26 - 2015-01-08 21:44 - 00047616 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-01-26 12:26 - 2015-01-08 21:44 - 00863744 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-01-26 12:26 - 2015-01-08 21:44 - 00200704 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Chris\Desktop\BDAntiCryptoWall_Release.exe:BDU
AlternateDataStreams: C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3560617416-725466407-2438327745-500 - Administrator - Disabled)
Chris (S-1-5-21-3560617416-725466407-2438327745-1000 - Administrator - Enabled) => C:\Users\Chris
Guest (S-1-5-21-3560617416-725466407-2438327745-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3560617416-725466407-2438327745-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-3560617416-725466407-2438327745-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/27/2015 02:36:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2015 02:36:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2015 01:10:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2015 01:10:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2015 01:10:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2015 01:04:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2015 01:26:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.1.5.0, time stamp: 0x00000000
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000004e4e4
Faulting process id: 0x1998
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3

Error: (01/27/2015 00:30:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.1.5.0, time stamp: 0x00000000
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000004e4e4
Faulting process id: 0xda4
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3

Error: (01/27/2015 00:29:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.1.5.0, time stamp: 0x00000000
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000004e4e4
Faulting process id: 0x530
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3

Error: (01/26/2015 11:10:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.1.5.0, time stamp: 0x00000000
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000004e4e4
Faulting process id: 0x186c
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3


System errors:
=============
Error: (01/27/2015 01:06:43 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (01/27/2015 01:59:46 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (01/27/2015 01:52:15 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Description with the following error:
%%5

Error: (01/27/2015 01:52:15 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (01/27/2015 01:52:15 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Description with the following error:
%%5

Error: (01/27/2015 01:52:15 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (01/27/2015 01:52:15 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DelayedAutostart with the following error:
%%5

Error: (01/27/2015 01:52:15 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Description with the following error:
%%5

Error: (01/27/2015 01:52:15 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (01/27/2015 01:43:36 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Description with the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (01/27/2015 02:36:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Chris\Desktop\esetsmartinstaller_deu.exe

Error: (01/27/2015 02:36:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Chris\Desktop\esetsmartinstaller_deu.exe

Error: (01/27/2015 01:10:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Chris\Desktop\esetsmartinstaller_deu.exe

Error: (01/27/2015 01:10:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Chris\Desktop\esetsmartinstaller_deu.exe

Error: (01/27/2015 01:10:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Chris\Desktop\esetsmartinstaller_deu.exe

Error: (01/27/2015 01:04:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2015 01:26:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4199801d039c21968819bC:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll29c27014-a5bb-11e4-920a-00248cfca8bd

Error: (01/27/2015 00:30:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4da401d039bffca1eb83C:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll4003c7c1-a5b3-11e4-920a-00248cfca8bd

Error: (01/27/2015 00:29:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e453001d039b7089d7432C:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll36efc356-a5b3-11e4-920a-00248cfca8bd

Error: (01/26/2015 11:10:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4186c01d039b4dbe77a6eC:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll1b8bf4b8-a5a8-11e4-920a-00248cfca8bd


==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 57%
Total physical RAM: 6135.11 MB
Available physical RAM: 2615.71 MB
Total Pagefile: 12268.41 MB
Available Pagefile: 8719.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1774.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:596.07 GB) (Free:73.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 53A62D7C)
Partition 1: (Active) - (Size=1862.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 46E5FCD8)
Partition 1: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

Attached File  Addition.txt   24.59KB   0 downloads



#7 ChrisCGN

ChrisCGN
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 27 January 2015 - 09:17 AM

ADWCleaner:

 

# AdwCleaner v4.109 - Report created 27/01/2015 at 14:51:20
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Chris - CHRIS-PC
# Running from : C:\Users\Chris\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 en-US)


-\\ Google Chrome v40.0.2214.93


*************************

AdwCleaner[R0].txt - [1294 octets] - [27/01/2015 14:51:20]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1354 octets] ##########

 

                                                                                                                                                                                                                      

 

 

 

 

# AdwCleaner v4.109 - Report created 27/01/2015 at 14:53:20
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Chris - CHRIS-PC
# Running from : C:\Users\Chris\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 en-US)


-\\ Google Chrome v40.0.2214.93


*************************

AdwCleaner[R0].txt - [1442 octets] - [27/01/2015 14:51:20]
AdwCleaner[S0].txt - [1367 octets] - [27/01/2015 14:53:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1427 octets] ##########

 

 

Attached File  AdwCleanerR0.txt   1.41KB   0 downloadsAttached File  AdwCleanerS0.txt   1.48KB   0 downloads


Edited by ChrisCGN, 27 January 2015 - 09:17 AM.


#8 ChrisCGN

ChrisCGN
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 27 January 2015 - 09:19 AM

Mbam:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 27.01.2015
Scan Time: 14:57:59
Logfile: Mbam.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.27.06
Rootkit Database: v2015.01.14.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Chris

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 360927
Time Elapsed: 9 min, 14 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)Attached File  Mbam.txt   1.03KB   0 downloads



#9 ChrisCGN

ChrisCGN
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 27 January 2015 - 09:28 AM

JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Ultimate x64
Ran by Chris on 27.01.2015 at 15:21:39,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.01.2015 at 15:26:17,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Attached File  JRT.txt   621bytes   0 downloads



#10 ChrisCGN

ChrisCGN
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 27 January 2015 - 09:33 AM

FRST.txt - after ADWCleaner, Mbam, JRT

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Chris (administrator) on CHRIS-PC on 27-01-2015 15:29:31
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris & UpdatusUser (Available profiles: Chris & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Chris\AppData\Local\Temp\BDAntiCryptoWall\BDAntiCryptoWall.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hama GmbH & Co KG) C:\Program Files (x86)\Hama\Common\RaUI.exe
(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AgileBits) C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1686480 2014-12-17] (Bitdefender)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [Agile1pAgent] => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [3706640 2014-11-20] (AgileBits)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2561848 2014-12-10] (Malwarebytes Corporation)
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2014-11-25] (Bitdefender)
HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2015-01-13] (Tonec Inc.)
HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\MountPoints2: {a58cbd15-a53f-11e4-bf8d-806e6f6e6963} - E:\CheckID.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hama Wireless LAN Utility.lnk
ShortcutTarget: Hama Wireless LAN Utility.lnk -> C:\Program Files (x86)\Hama\Common\RaUI.exe (Hama GmbH & Co KG)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3560617416-725466407-2438327745-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3560617416-725466407-2438327745-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll (AgileBits)
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
BHO-x32: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll (AgileBits)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKU\S-1-5-21-3560617416-725466407-2438327745-1000 -> Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\jhbxuc9j.default
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: NoScript - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\jhbxuc9j.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-01-26]
FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\jhbxuc9j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-26]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-01-26]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5 [2015-01-26]
FF HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.duckduckgo.com/"
CHR DefaultSearchURL: Default -> https://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (1Password: Password Manager and Secure Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-26]
CHR Extension: (MEGA) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Adblock Plus) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-26]
CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (ZenMate Security & Privacy VPN) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-01-26]
CHR Extension: (IDM Integration Module) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2015-01-26]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2014-12-15] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-09-25] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2014-12-02] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2014-12-10] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avc3.sys 70CCDD9BCBAA5A918A7D135E28A824E2
C:\Windows\System32\DRIVERS\avckf.sys 0956716D5565680DC83992C11BBDB2C2
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys 3533B749563E89EFAC7290A2BA3B4097
C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys EC80614A72BC7039D2B22E3DD6C15895
C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys C0247341C1BCD7FF2742821D0AD7AFBC
C:\Windows\system32\drivers\bdsandbox.sys 9FDA6E9379C3434625B06B192E37C1B6
C:\Windows\System32\DRIVERS\bdvedisk.sys 50F796CB1E8C80F3D19435CB50C3DAB5
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys 00C3C6C55C435810C9475C219F4D1B26
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\gzflt.sys C8B54E81501386A91B0E0BD596965C9B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\idmwfp.sys 3F2013A2880FE503B1B3BC8212764923
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 41774FF331F609EF442B7398EE6202B1
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbamchameleon.sys 478CC94C937D235CB0A96AB8F2359D81
C:\Windows\system32\drivers\mbam.sys CA43F8904E24BBE49982E4C0B29E6579
C:\Windows\system32\drivers\mwac.sys A646C2DDB8C46E9B20A326FAF566646C
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys 2219A3D695405E7BA2186BA6B9EDE14A
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netr28ux.sys EED1FBDE98CF5F6D5C0C5B27AB1F68EC
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys 8EBCB9165EE7F1571842F4D9D624A74C
C:\Windows\System32\DRIVERS\nusb3xhc.sys 5D54DBB12BBFE07CC283FD39F2CD6D63
C:\Windows\System32\drivers\nvhda64v.sys E366A5681C50785D4ED04FCFD65C3415
C:\Windows\System32\DRIVERS\nvlddmkm.sys 2232AE1BB51A96A7381A2CA17DF12E24
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\synth3dvsc.sys C3A39C4079305480972D29C44B868C78
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys EF4469AB69EB15E5D3754E6AEAFBCD3D
C:\Windows\System32\DRIVERS\trufos.sys 3E75A47D2DEFD2683DCA409572FBE8B2
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\yk62x64.sys ==> MD5 is legit

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 15:29 - 2015-01-27 15:29 - 00031056 _____ () C:\Users\Chris\Desktop\FRST.txt
2015-01-27 15:26 - 2015-01-27 15:26 - 00000621 _____ () C:\Users\Chris\Desktop\JRT.txt
2015-01-27 15:21 - 2015-01-27 15:21 - 00000000 ____D () C:\Windows\ERUNT
2015-01-27 15:18 - 2015-01-27 15:18 - 00001054 _____ () C:\Users\Chris\Desktop\Mbam.txt
2015-01-27 15:01 - 2015-01-27 15:01 - 01707939 _____ (Thisisu) C:\Users\Chris\Desktop\JRT.exe
2015-01-27 14:51 - 2015-01-27 14:53 - 00000000 ____D () C:\AdwCleaner
2015-01-27 14:49 - 2015-01-27 14:49 - 02194432 _____ () C:\Users\Chris\Desktop\AdwCleaner.exe
2015-01-27 14:38 - 2015-01-27 14:39 - 00025180 _____ () C:\Users\Chris\Desktop\Addition (b4).txt
2015-01-27 14:37 - 2015-01-27 14:39 - 00144843 _____ () C:\Users\Chris\Desktop\FRST (b4).txt
2015-01-27 14:35 - 2015-01-27 14:35 - 00000381 _____ () C:\Users\Chris\Desktop\Eset1.txt
2015-01-27 13:11 - 2015-01-27 13:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-27 13:10 - 2015-01-27 13:10 - 00000000 ____D () C:\Users\Chris\AppData\Local\NVIDIA
2015-01-27 02:20 - 2015-01-27 02:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-27 02:20 - 2015-01-27 02:20 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-27 02:17 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-01-27 02:17 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-01-27 02:17 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-01-27 02:17 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-01-27 02:17 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-01-27 02:17 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-27 02:17 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-01-27 02:17 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-01-27 02:17 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-01-27 02:17 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-01-27 02:17 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-27 02:17 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-01-27 02:17 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-01-27 02:17 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-27 02:17 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-01-27 02:17 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-01-27 02:17 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-27 02:17 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-01-27 02:14 - 2015-01-27 02:14 - 00749404 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-27 02:11 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-01-27 02:11 - 2012-08-23 15:12 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\terminpt.sys
2015-01-27 02:11 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-01-27 02:11 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-01-27 02:11 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-01-27 02:11 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-01-27 02:11 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-01-27 02:11 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-01-27 02:10 - 2014-07-02 18:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-27 02:06 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-01-27 02:06 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-01-27 01:35 - 2015-01-27 01:35 - 943446123 _____ () C:\Users\Chris\Downloads\Looking.S02E03.720p.HDTV.x264-KILLERS.mkv
2015-01-27 01:30 - 2015-01-27 14:55 - 00002038 __RSH () C:\ProgramData\ntuser.pol
2015-01-27 01:30 - 2015-01-27 01:30 - 00003236 _____ () C:\Windows\System32\Tasks\BDAntiCryptoWallTask
2015-01-27 01:26 - 2015-01-27 01:26 - 1880539615 _____ () C:\Users\Chris\Downloads\Gotham.S01E12.1080p.WEB-DL.DD5.1.H.264-ECI_www.theextopia.com.mkv
2015-01-27 00:27 - 2015-01-27 00:27 - 727121018 _____ () C:\Users\Chris\Downloads\Supernatural.S10E10.720p.HDTV.X264-DIMENSION_www.theextopia.com.mkv
2015-01-27 00:22 - 2015-01-27 00:22 - 1731733680 _____ () C:\Users\Chris\Downloads\The.Flash.2014.S01E10.1080p.WEB-DL.DD5.1.H.264-NTb_www.theextopia.com.mkv
2015-01-26 23:54 - 2015-01-26 23:54 - 924010404 _____ () C:\Users\Chris\Downloads\Galavant.S01E06.1080p.WEB-DL.DD5.1.H.264-HWD_www.theextopia.com.mkv
2015-01-26 23:47 - 2015-01-26 23:47 - 898372878 _____ () C:\Users\Chris\Downloads\Galavant.S01E05.1080p.WEB-DL.DD5.1.H.264-HWD_www.theextopia.com.mkv
2015-01-26 22:21 - 2015-01-26 22:22 - 1575785304 _____ () C:\Users\Chris\Downloads\Eye.Candy.S01E02.1080p.WEB-DL.AAC2.0.H.264-KiNGS_www.theextopia.com.mkv
2015-01-26 22:15 - 2015-01-26 22:15 - 00000000 ____D () C:\Users\Chris\AppData\Temp
2015-01-26 21:40 - 2015-01-26 21:41 - 1735823331 _____ () C:\Users\Chris\Downloads\Arrow.S03E10.1080p.WEB-DL.DD5.1.H.264-BS_www.theextopia.com.mkv
2015-01-26 20:41 - 2015-01-26 20:42 - 1907004675 _____ () C:\Users\Chris\Downloads\Empire.2015.S01E03.1080p.WEB.DL.DD5.1.H.264.QUEENS_www.theextopia.com.mkv
2015-01-26 20:28 - 2015-01-26 20:28 - 229607303 _____ () C:\Users\Chris\Downloads\American.Horror.Story.S04E13.1080p.WEB-DL.DD5.1.H.264-ECI_www.theextopia.com.part3.rar
2015-01-26 20:22 - 2015-01-26 20:23 - 1073741824 _____ () C:\Users\Chris\Downloads\American.Horror.Story.S04E13.1080p.WEB-DL.DD5.1.H.264-ECI_www.theextopia.com.part2.rar
2015-01-26 20:00 - 2015-01-26 20:00 - 1073741824 _____ () C:\Users\Chris\Downloads\American.Horror.Story.S04E13.1080p.WEB-DL.DD5.1.H.264-ECI_www.theextopia.com.part1.rar
2015-01-26 19:41 - 2015-01-26 19:41 - 00008192 __RSH () C:\BOOTSECT.BAK
2015-01-26 19:41 - 2015-01-26 11:01 - 00000000 ____D () C:\Windows\Panther
2015-01-26 19:41 - 2010-11-21 04:23 - 00383786 __RSH () C:\bootmgr
2015-01-26 19:35 - 2015-01-26 19:35 - 1123402160 _____ () C:\Users\Chris\Downloads\Revenge.S04E14.720p.HDTV.X264-DIMENSION.mkv
2015-01-26 19:28 - 2015-01-26 19:28 - 1861180362 _____ () C:\Users\Chris\Downloads\The.100.S02E09.1080p.WEB-DL.DD5.1.H.264-KiNGS.mkv
2015-01-26 19:18 - 2015-01-26 19:18 - 1834365867 _____ () C:\Users\Chris\Downloads\The.Vampire.Diaries.S06E11.1080p.WEB-DL.DD5.1.H.264-KiNGS.mkv
2015-01-26 19:16 - 2015-01-26 19:16 - 00001120 _____ () C:\Users\Chris\Desktop\Malwarebytes Anti-Exploit.lnk
2015-01-26 19:08 - 2015-01-26 19:08 - 954858845 _____ () C:\Users\Chris\Downloads\Grimm.S04E10.720p.HDTV.X264-DIMENSION.mkv
2015-01-26 19:00 - 2015-01-26 19:00 - 1738512158 _____ () C:\Users\Chris\Downloads\Banshee.S03E03.720p.HDTV.x264-KILLERS.mkv
2015-01-26 18:40 - 2015-01-26 18:40 - 922398150 _____ () C:\Users\Chris\Downloads\Helix.S02E02.720p.HDTV.x264-KILLERS.mkv
2015-01-26 18:31 - 2015-01-26 18:31 - 00002082 _____ () C:\Users\Chris\Desktop\JDownloader 2.lnk
2015-01-26 18:31 - 2015-01-26 18:31 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-01-26 18:31 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-26 18:31 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-26 18:31 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-26 18:31 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-26 18:31 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-26 18:31 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-01-26 18:31 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-26 18:31 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2015-01-26 18:31 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-26 18:31 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-01-26 18:31 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-01-26 18:31 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-01-26 18:31 - 2011-03-11 07:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-01-26 18:31 - 2011-03-11 07:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-01-26 18:31 - 2011-03-11 07:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-01-26 18:31 - 2011-03-11 07:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-01-26 18:31 - 2011-03-11 07:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-01-26 18:31 - 2011-03-11 07:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-01-26 18:31 - 2011-03-11 07:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-01-26 18:31 - 2011-03-11 06:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-01-26 18:31 - 2011-03-11 06:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2015-01-26 18:31 - 2011-03-11 05:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-01-26 18:29 - 2015-01-26 18:30 - 00000000 ____D () C:\Users\Chris\AppData\Local\JDownloader v2.0
2015-01-26 18:24 - 2015-01-27 01:26 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\vlc
2015-01-26 18:23 - 2015-01-26 18:23 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-01-26 18:23 - 2015-01-26 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-26 18:22 - 2015-01-26 18:22 - 00000000 ____D () C:\Program Files\VideoLAN
2015-01-26 18:20 - 2015-01-27 14:56 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2015-01-26 18:20 - 2015-01-26 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-01-26 18:20 - 2015-01-26 18:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-01-26 18:15 - 2015-01-26 18:15 - 1421616689 _____ () C:\Users\Chris\Downloads\Gotham.S01E12.What.The.Little.Bird.Told.Him.720p.WEB-DL.DD5.1.H.264-ECI.mkv
2015-01-26 18:03 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-26 18:03 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-26 17:55 - 2015-01-26 17:55 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Adobe
2015-01-26 17:15 - 2015-01-26 17:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 17:15 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-01-26 17:15 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-01-26 17:15 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-01-26 17:15 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-01-26 16:57 - 2015-01-27 13:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 16:57 - 2015-01-26 16:57 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-26 16:57 - 2015-01-26 16:57 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-26 16:57 - 2015-01-26 16:57 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Mozilla
2015-01-26 16:57 - 2015-01-26 16:57 - 00000000 ____D () C:\Users\Chris\AppData\Local\Mozilla
2015-01-26 16:57 - 2015-01-26 16:57 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-26 16:56 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-01-26 16:56 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-01-26 16:56 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-01-26 16:48 - 2015-01-26 16:48 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-26 16:48 - 2015-01-26 16:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-26 16:48 - 2015-01-26 16:48 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-26 16:48 - 2015-01-26 16:48 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-26 16:48 - 2015-01-26 16:48 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-01-26 16:48 - 2015-01-26 16:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-01-26 16:48 - 2015-01-26 16:48 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-26 16:48 - 2015-01-26 16:48 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-01-26 16:48 - 2015-01-26 16:48 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-26 16:48 - 2015-01-26 16:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-01-26 16:48 - 2015-01-26 16:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-26 16:47 - 2015-01-26 16:47 - 00007605 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2015-01-26 16:24 - 2015-01-26 16:24 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-01-26 16:18 - 2015-01-26 16:56 - 00017549 _____ () C:\Windows\IE11_main.log
2015-01-26 16:11 - 2015-01-26 16:11 - 13945728 _____ () C:\Users\Chris\Desktop\BDAntiCryptoWall_Release.exe
2015-01-26 15:22 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-26 15:22 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-26 15:22 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-01-26 15:21 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-26 15:21 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-26 15:21 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-26 15:21 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-26 15:21 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-01-26 15:21 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-01-26 15:21 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-01-26 15:20 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-01-26 15:20 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-01-26 15:20 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-01-26 15:20 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-01-26 15:20 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-01-26 15:20 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-01-26 15:20 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-01-26 15:20 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-01-26 15:11 - 2012-03-01 07:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-01-26 15:11 - 2012-03-01 07:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-01-26 15:11 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-01-26 15:03 - 2015-01-26 15:06 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-26 15:03 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-26 15:01 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-26 15:01 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-01-26 15:01 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-01-26 15:01 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-26 15:01 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-26 15:01 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-26 15:01 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-01-26 15:01 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-26 14:59 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-26 14:59 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-01-26 14:59 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-01-26 14:59 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-01-26 14:59 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-01-26 14:59 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-01-26 14:59 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-01-26 14:59 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-01-26 14:59 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-01-26 14:59 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-01-26 14:59 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-01-26 14:59 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-01-26 14:59 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-01-26 14:59 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-01-26 14:59 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-01-26 14:59 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-01-26 14:59 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-01-26 14:59 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-01-26 14:59 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-01-26 14:59 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-01-26 14:59 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-01-26 14:59 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-01-26 14:59 - 2012-02-17 07:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-01-26 14:59 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-01-26 14:59 - 2012-02-17 05:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-01-26 14:59 - 2011-06-16 06:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-01-26 14:59 - 2011-06-16 05:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-01-26 14:59 - 2011-03-03 07:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-01-26 14:59 - 2011-03-03 07:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-01-26 14:59 - 2011-03-03 07:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-01-26 14:59 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-01-26 14:59 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2015-01-26 14:59 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-01-26 14:58 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-26 14:58 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-26 14:58 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-26 14:58 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-26 14:58 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-26 14:58 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-26 14:58 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-26 14:58 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-26 14:58 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-01-26 14:58 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-01-26 14:58 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-01-26 14:58 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-01-26 14:58 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-01-26 14:58 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-01-26 14:58 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-01-26 14:58 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-01-26 14:58 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-01-26 14:58 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-01-26 14:58 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-01-26 14:58 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-01-26 14:58 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-01-26 14:58 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-01-26 14:58 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-01-26 14:58 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-01-26 14:58 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-01-26 14:58 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-01-26 14:58 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-01-26 14:58 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-01-26 14:58 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-01-26 14:58 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-26 14:58 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-26 14:58 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-01-26 14:58 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-01-26 14:58 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-01-26 14:58 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-01-26 14:58 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-01-26 14:58 - 2010-12-23 11:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-01-26 14:58 - 2010-12-23 11:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-01-26 14:58 - 2010-12-23 11:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-01-26 14:58 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2015-01-26 14:58 - 2010-12-23 06:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2015-01-26 14:58 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2015-01-26 14:57 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-26 14:57 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-26 14:57 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-26 14:57 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-26 14:57 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-26 14:57 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-26 14:57 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-26 14:57 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-01-26 14:57 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-01-26 14:57 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-26 14:57 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-01-26 14:57 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-01-26 14:57 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-01-26 14:57 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-01-26 14:57 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-01-26 14:57 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-01-26 14:57 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-01-26 14:57 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-01-26 14:57 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-01-26 14:57 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-01-26 14:57 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-01-26 14:57 - 2012-11-28 23:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-01-26 14:57 - 2011-12-30 07:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-01-26 14:57 - 2011-12-30 06:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-01-26 14:57 - 2011-05-24 12:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-01-26 14:57 - 2011-05-24 11:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2015-01-26 14:57 - 2011-05-24 11:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2015-01-26 14:57 - 2011-05-24 11:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2015-01-26 14:57 - 2011-05-24 11:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-01-26 14:57 - 2011-04-29 04:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-01-26 14:57 - 2011-04-29 04:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-01-26 14:57 - 2011-04-29 04:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-01-26 14:57 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-01-26 14:57 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-01-26 14:56 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-26 14:56 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-26 14:56 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-26 14:56 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-26 14:56 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-26 14:56 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-26 14:56 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-26 14:56 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-26 14:56 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-26 14:56 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-26 14:56 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-26 14:56 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-26 14:56 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-26 14:56 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-26 14:56 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-26 14:56 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-01-26 14:56 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-26 14:56 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-01-26 14:56 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-26 14:56 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-01-26 14:56 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-26 14:56 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-26 14:56 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-26 14:56 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-26 14:56 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-26 14:56 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-01-26 14:56 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-01-26 14:56 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-01-26 14:56 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-01-26 14:56 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-01-26 14:56 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-01-26 14:56 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-01-26 14:56 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-01-26 14:56 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-26 14:56 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-26 14:56 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-01-26 14:56 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-01-26 14:56 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-01-26 14:56 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-01-26 14:56 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-01-26 14:56 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-01-26 14:56 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-01-26 14:56 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-01-26 14:56 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-01-26 14:56 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-01-26 14:56 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-01-26 14:56 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-01-26 14:56 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-01-26 14:56 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-01-26 14:56 - 2011-08-17 06:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-01-26 14:56 - 2011-08-17 06:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-01-26 14:56 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2015-01-26 14:56 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2015-01-26 14:55 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-26 14:55 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-01-26 14:55 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-26 14:55 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-01-26 14:55 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-01-26 14:55 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-01-26 14:55 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-01-26 14:55 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-01-26 14:55 - 2012-01-04 11:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-01-26 14:55 - 2012-01-04 09:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-01-26 14:55 - 2011-06-15 11:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-01-26 14:55 - 2011-06-15 11:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-01-26 14:55 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-01-26 14:55 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-26 14:53 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-26 14:53 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-26 14:53 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-26 14:53 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-26 14:53 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-01-26 14:53 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-26 14:53 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-26 14:53 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-26 14:53 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-01-26 14:53 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-01-26 14:53 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-26 14:53 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-01-26 14:53 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-01-26 14:53 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-01-26 14:53 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-26 14:53 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-01-26 14:53 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-01-26 14:53 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-01-26 14:53 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-01-26 14:53 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-01-26 14:53 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-01-26 14:53 - 2012-04-26 06:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-01-26 14:53 - 2012-04-26 06:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-01-26 14:52 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-26 14:52 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-01-26 14:52 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-26 14:52 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-01-26 14:52 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-01-26 14:52 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-01-26 14:52 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-01-26 14:52 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-01-26 14:52 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-01-26 14:52 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-01-26 14:52 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-01-26 14:52 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-01-26 14:52 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-01-26 14:52 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-01-26 14:52 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-01-26 14:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-01-26 14:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-01-26 14:52 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-01-26 14:52 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-01-26 14:52 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-01-26 14:52 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-01-26 14:52 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-01-26 14:52 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-01-26 14:52 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-01-26 14:52 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-01-26 14:52 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-01-26 14:52 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-01-26 14:52 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-01-26 14:52 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-01-26 14:52 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-01-26 14:52 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-01-26 14:52 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-01-26 14:52 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-01-26 14:52 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-01-26 14:52 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-01-26 14:52 - 2012-07-04 23:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-01-26 14:52 - 2012-07-04 23:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-01-26 14:52 - 2012-07-04 23:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-01-26 14:52 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2015-01-26 14:52 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2015-01-26 14:51 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-26 14:51 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-26 14:51 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-26 14:51 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-26 14:51 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-26 14:51 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-26 14:51 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-26 14:51 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-26 14:51 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-26 14:51 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-26 14:51 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-26 14:51 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-26 14:51 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-26 14:51 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-26 14:51 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-01-26 14:51 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-01-26 14:51 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-01-26 14:51 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-26 14:51 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-01-26 14:51 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-26 14:51 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-26 14:51 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-01-26 14:51 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-01-26 14:51 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-01-26 14:51 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-01-26 14:51 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-01-26 14:51 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-01-26 14:51 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-01-26 14:51 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-01-26 14:51 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-01-26 14:51 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-01-26 14:51 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-01-26 14:51 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-01-26 14:51 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-01-26 14:51 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-01-26 14:51 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-01-26 14:51 - 2012-06-06 07:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-01-26 14:51 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-01-26 14:51 - 2011-11-17 07:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-01-26 14:51 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2015-01-26 14:51 - 2011-10-26 06:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-01-26 14:51 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-01-26 14:51 - 2011-10-15 07:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-01-26 14:51 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2015-01-26 14:51 - 2011-05-04 06:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-01-26 14:51 - 2011-05-04 06:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-01-26 14:51 - 2011-05-04 06:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-01-26 14:51 - 2011-05-04 06:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-01-26 14:51 - 2011-05-04 05:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-01-26 14:51 - 2011-05-04 05:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-01-26 14:51 - 2011-05-04 05:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-01-26 14:51 - 2011-05-04 05:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-01-26 14:51 - 2011-03-11 07:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-01-26 14:51 - 2011-03-11 07:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-01-26 14:51 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-01-26 14:51 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-01-26 14:50 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-26 14:50 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-01-26 14:50 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-26 14:50 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-01-26 14:50 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-01-26 14:50 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-01-26 14:50 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-01-26 14:50 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-01-26 14:50 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-01-26 14:50 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-01-26 14:50 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-01-26 14:50 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-01-26 14:50 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-01-26 14:50 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-01-26 14:50 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-01-26 14:50 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-01-26 14:50 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-01-26 14:50 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-01-26 14:50 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-01-26 14:50 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-01-26 14:50 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-01-26 14:50 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-01-26 14:50 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2015-01-26 14:50 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-01-26 14:50 - 2012-05-14 06:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-01-26 14:50 - 2012-03-17 08:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-01-26 14:50 - 2011-12-16 09:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-01-26 14:50 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2015-01-26 14:50 - 2011-08-27 06:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-01-26 14:50 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2015-01-26 14:50 - 2011-07-09 03:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-01-26 14:50 - 2011-05-03 06:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-01-26 14:50 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-01-26 14:50 - 2011-04-27 03:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-01-26 14:50 - 2011-04-27 03:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-01-26 14:50 - 2011-02-23 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-01-26 14:50 - 2011-02-18 11:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-01-26 14:50 - 2011-02-18 06:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-01-26 14:50 - 2011-02-12 12:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-01-26 14:50 - 2011-02-05 18:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-01-26 14:50 - 2011-02-05 18:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2015-01-26 14:50 - 2011-02-05 18:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-01-26 14:50 - 2011-02-05 18:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2015-01-26 14:50 - 2011-02-05 18:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-01-26 14:50 - 2011-02-05 18:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-01-26 14:50 - 2011-02-05 18:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-01-26 14:41 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-01-26 14:41 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-01-26 14:41 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-01-26 14:41 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-01-26 14:41 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-01-26 14:40 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-01-26 14:40 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-01-26 14:28 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-01-26 14:11 - 2015-01-27 15:21 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\DMCache
2015-01-26 14:11 - 2015-01-27 15:00 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\IDM
2015-01-26 14:11 - 2015-01-26 16:10 - 00000000 ____D () C:\Users\Chris\Downloads\Compressed
2015-01-26 14:11 - 2015-01-26 14:11 - 00001009 _____ () C:\Users\Chris\Desktop\Internet Download Manager.lnk
2015-01-26 14:11 - 2015-01-26 14:11 - 00000000 ____D () C:\Users\Chris\Downloads\Video
2015-01-26 14:11 - 2015-01-26 14:11 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-26 14:11 - 2015-01-26 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-26 14:11 - 2015-01-26 14:11 - 00000000 ____D () C:\ProgramData\IDM
2015-01-26 14:10 - 2015-01-26 14:11 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-01-26 13:36 - 2015-01-26 13:36 - 02347384 _____ (ESET) C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe
2015-01-26 13:25 - 2015-01-26 13:25 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-01-26 13:25 - 2015-01-26 13:25 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-01-26 13:20 - 2015-01-27 15:25 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 13:20 - 2015-01-27 14:56 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-26 13:20 - 2015-01-27 13:27 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-26 13:20 - 2015-01-26 13:20 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-26 13:20 - 2015-01-26 13:20 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\Users\Chris\AppData\Local\Deployment
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\Users\Chris\AppData\Local\Apps\2.0
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-26 12:56 - 2015-01-26 12:56 - 00527147 _____ () C:\ProgramData\1422273176.bdinstall.bin
2015-01-26 12:56 - 2015-01-26 12:56 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2015-01-26 12:56 - 2015-01-26 12:56 - 00000385 _____ () C:\Users\Chris\AppData\Roaminguser_gensett.xml
2015-01-26 12:55 - 2015-01-26 13:15 - 00000000 ____D () C:\ProgramData\BDLogging
2015-01-26 12:55 - 2015-01-26 12:55 - 00002122 _____ () C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2015-01-26 12:55 - 2015-01-26 12:55 - 00000684 ____H () C:\bdr-cf01
2015-01-26 12:55 - 2015-01-26 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-01-26 12:55 - 2014-12-02 16:40 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-01-26 12:55 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-01-26 12:55 - 2014-09-25 15:57 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-01-26 12:55 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-01-26 12:55 - 2013-11-13 15:41 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2015-01-26 12:55 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-01-26 12:55 - 2009-07-14 14:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-01-26 12:55 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-01-26 12:54 - 2015-01-26 13:01 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Bitdefender
2015-01-26 12:54 - 2015-01-26 12:55 - 00253404 ____H () C:\bdr-ld01
2015-01-26 12:54 - 2015-01-26 12:55 - 00009216 ____H () C:\bdr-ld01.mbr
2015-01-26 12:54 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2015-01-26 12:54 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2015-01-26 12:53 - 2015-01-26 12:55 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-01-26 12:53 - 2015-01-26 12:54 - 00000000 ____D () C:\Program Files\Bitdefender
2015-01-26 12:53 - 2014-12-02 16:37 - 00084336 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2015-01-26 12:53 - 2014-12-02 13:37 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2015-01-26 12:53 - 2014-10-22 09:29 - 00155912 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-01-26 12:53 - 2014-10-15 16:14 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-01-26 12:52 - 2015-01-26 16:13 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\QuickScan
2015-01-26 12:52 - 2015-01-26 12:53 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-01-26 12:42 - 2015-01-26 12:42 - 00000000 ____D () C:\Users\Chris\Documents\1Password
2015-01-26 12:42 - 2015-01-26 12:42 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\AgileBits
2015-01-26 12:29 - 2015-01-26 12:30 - 00000000 ____D () C:\Program Files (x86)\1Password 4
2015-01-26 12:29 - 2015-01-26 12:29 - 00001033 _____ () C:\Users\Public\Desktop\1Password 4.lnk
2015-01-26 12:29 - 2015-01-26 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Password
2015-01-26 12:29 - 2014-04-22 11:30 - 02081792 _____ (Chilkat Software, Inc.) C:\Windows\SysWOW64\ChilkatSocket.dll
2015-01-26 12:29 - 2014-04-22 11:30 - 01972736 _____ (Chilkat Software, Inc.) C:\Windows\SysWOW64\ChilkatCrypt2.dll
2015-01-26 12:29 - 2014-04-22 11:30 - 01795072 _____ (Chilkat Software, Inc.) C:\Windows\SysWOW64\ChilkatCert.dll
2015-01-26 12:29 - 2014-04-22 11:30 - 01682432 _____ (Chilkat Software, Inc.) C:\Windows\SysWOW64\ChilkatZip2.dll
2015-01-26 12:28 - 2015-01-27 14:56 - 00000000 ___RD () C:\Users\Chris\Dropbox
2015-01-26 12:28 - 2015-01-26 12:28 - 00001125 _____ () C:\Users\Chris\Desktop\Dropbox.lnk
2015-01-26 12:26 - 2015-01-26 12:26 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-01-26 12:25 - 2015-01-27 14:56 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Dropbox
2015-01-26 12:14 - 2015-01-26 18:03 - 00000769 _____ () C:\Users\Chris\AppData\Local\RT2870_{0DD9E132-1716-4B2C-A232-EE22E71989DF}_sta
2015-01-26 12:13 - 2015-01-26 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-26 12:10 - 2015-01-27 14:55 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-26 12:10 - 2015-01-26 12:10 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2015-01-26 12:10 - 2014-07-02 19:55 - 06783776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-01-26 12:10 - 2014-07-02 19:55 - 03522392 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-01-26 12:10 - 2014-07-02 19:55 - 02559960 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-01-26 12:10 - 2014-07-02 19:55 - 00935368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-01-26 12:10 - 2014-07-02 19:55 - 00386520 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-01-26 12:10 - 2014-07-02 19:55 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-01-26 12:10 - 2014-07-02 11:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-26 12:10 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-26 12:10 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-26 12:09 - 2015-01-27 02:10 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-26 12:09 - 2015-01-27 02:10 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-26 12:09 - 2015-01-26 12:09 - 00000000 ____D () C:\temp
2015-01-26 12:09 - 2014-08-19 22:15 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-01-26 12:09 - 2014-08-19 22:15 - 00061912 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-01-26 12:09 - 2014-08-19 22:14 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2015-01-26 12:09 - 2012-08-30 20:14 - 01760104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco64.dll
2015-01-26 12:09 - 2012-08-30 20:14 - 01482600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco64.dll
2015-01-26 12:08 - 2015-01-27 02:10 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-26 12:08 - 2014-08-19 22:15 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-26 12:08 - 2014-08-19 22:14 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-01-26 12:05 - 2015-01-26 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEC Electronics
2015-01-26 12:05 - 2015-01-26 12:05 - 00000000 ____D () C:\Program Files (x86)\NEC Electronics
2015-01-26 12:04 - 2015-01-26 12:04 - 00005070 _____ () C:\Windows\Ascd_tmp.ini
2015-01-26 12:04 - 2015-01-26 12:04 - 00001769 _____ () C:\Windows\Language_trs.ini
2015-01-26 12:04 - 2015-01-26 12:04 - 00000000 ____D () C:\Users\Chris\AppData\Local\Downloaded Installations
2015-01-26 12:01 - 2015-01-26 18:03 - 00000778 _____ () C:\Users\Chris\AppData\Local\RT2870_{0DD9E132-1716-4B2C-A232-EE22E71989DF}_prof
2015-01-26 12:00 - 2015-01-26 12:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-26 12:00 - 2015-01-26 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hama Wireless LAN
2015-01-26 12:00 - 2015-01-26 12:00 - 00000000 ____D () C:\Program Files (x86)\Hama
2015-01-26 11:22 - 2015-01-27 14:57 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-26 11:22 - 2015-01-26 11:22 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-26 11:22 - 2015-01-26 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-26 11:22 - 2015-01-26 11:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-26 11:22 - 2015-01-26 11:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-26 11:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-26 11:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-26 11:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-26 11:17 - 2015-01-27 15:29 - 00000000 ____D () C:\FRST
2015-01-26 11:16 - 2015-01-26 11:16 - 02129920 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe
2015-01-26 11:07 - 2015-01-26 11:07 - 00057560 _____ () C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-26 11:04 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-26 11:04 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-26 11:04 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-01-26 11:04 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-26 11:02 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-26 11:02 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-26 11:02 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-01-26 11:02 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-01-26 11:02 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-26 11:02 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-26 11:02 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-26 11:02 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-26 11:02 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-26 11:02 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-26 11:01 - 2015-01-26 17:55 - 00001413 _____ () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-26 11:01 - 2015-01-26 12:28 - 00000000 ____D () C:\Users\Chris
2015-01-26 11:01 - 2015-01-26 11:01 - 00000020 ___SH () C:\Users\Chris\ntuser.ini
2015-01-26 11:01 - 2015-01-26 11:01 - 00000000 __SHD () C:\Recovery
2015-01-26 11:01 - 2015-01-26 11:01 - 00000000 ____D () C:\Users\Chris\AppData\Local\VirtualStore
2015-01-26 11:01 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-26 11:01 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-26 10:51 - 2015-01-27 15:03 - 01081069 _____ () C:\Windows\WindowsUpdate.log
2015-01-26 10:46 - 2015-01-26 10:46 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-01-26 10:46 - 2015-01-26 10:46 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-01-26 10:45 - 2015-01-26 10:45 - 00001355 _____ () C:\Windows\TSSysprep.log
2015-01-13 13:36 - 2014-11-29 01:37 - 00180648 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 15:02 - 2009-07-14 06:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 14:55 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-27 14:55 - 2009-07-14 05:51 - 00023216 _____ () C:\Windows\setupact.log
2015-01-27 14:54 - 2010-11-21 04:47 - 00012010 _____ () C:\Windows\PFRO.log
2015-01-27 14:54 - 2009-07-14 05:45 - 00267816 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-27 14:53 - 2009-07-14 05:45 - 00020832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-27 14:53 - 2009-07-14 05:45 - 00020832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-27 13:09 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-27 02:20 - 2011-04-12 09:28 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-27 02:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-27 02:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-27 01:30 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-01-26 19:41 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-26 19:41 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-01-26 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-26 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-26 13:15 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2015-01-26 12:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-26 12:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-26 12:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-01-26 11:04 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-26 11:02 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2015-01-26 11:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2015-01-26 10:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-26 10:46 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-26 10:45 - 2009-07-14 05:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2015-01-26 10:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-01-26 10:43 - 2011-04-12 09:28 - 00000000 ____D () C:\Windows\CSC

==================== Files in the root of some directories =======

2015-01-26 16:47 - 2015-01-26 16:47 - 0007605 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2015-01-26 12:01 - 2015-01-26 18:03 - 0000778 _____ () C:\Users\Chris\AppData\Local\RT2870_{0DD9E132-1716-4B2C-A232-EE22E71989DF}_prof
2015-01-26 12:14 - 2015-01-26 18:03 - 0000769 _____ () C:\Users\Chris\AppData\Local\RT2870_{0DD9E132-1716-4B2C-A232-EE22E71989DF}_sta
2015-01-26 12:56 - 2015-01-26 12:56 - 0527147 _____ () C:\ProgramData\1422273176.bdinstall.bin

Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\130667668433770712.exe
C:\Users\Chris\AppData\Local\Temp\13066766855418022401.exe
C:\Users\Chris\AppData\Local\Temp\130667669105233290.exe
C:\Users\Chris\AppData\Local\Temp\13066766913009471234.exe
C:\Users\Chris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkexjta.dll
C:\Users\Chris\AppData\Local\Temp\ICReinstall_13066766855418022401.exe
C:\Users\Chris\AppData\Local\Temp\proxy_vole5875133703648682317.dll
C:\Users\Chris\AppData\Local\Temp\Quarantine.exe
C:\Users\Chris\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {ecba0a09-a58a-11e4-b133-81809b18fb3a}
displayorder            {current}
toolsdisplayorder       {bdbdbd00-6057-11e0-a7f3-ce9adfd72001}
                        {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {ecba0a0b-a58a-11e4-b133-81809b18fb3a}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {ecba0a09-a58a-11e4-b133-81809b18fb3a}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {ecba0a0b-a58a-11e4-b133-81809b18fb3a}
device                  ramdisk=[C:]\Recovery\ecba0a0b-a58a-11e4-b133-81809b18fb3a\Winre.wim,{ecba0a0c-a58a-11e4-b133-81809b18fb3a}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\ecba0a0b-a58a-11e4-b133-81809b18fb3a\Winre.wim,{ecba0a0c-a58a-11e4-b133-81809b18fb3a}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {ecba0a09-a58a-11e4-b133-81809b18fb3a}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

Real-mode Boot Sector
---------------------
identifier              {bdbdbd00-6057-11e0-a7f3-ce9adfd72001}
device                  partition=C:
path                    \bdr-ld01.mbr
description             Bitdefender Rescue Mode - Windows 7 Ultimate SP 1 (x64)

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {ecba0a0c-a58a-11e4-b133-81809b18fb3a}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\ecba0a0b-a58a-11e4-b133-81809b18fb3a\boot.sdi



LastRegBack: 2015-01-26 10:42

==================== End Of Log ============================

 

 

Attached File  FRST.txt   141.77KB   0 downloads



#11 ChrisCGN

ChrisCGN
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 27 January 2015 - 09:34 AM

Addition.txt - after ADWCleaner, Mbam, JRT

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Chris at 2015-01-27 15:30:40
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1Password 4.1.0.530 (HKLM-x32\...\1Password4_is1) (Version: 4.0 - AgileBits)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
Dropbox (HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hama Wireless LAN Adapter (HKLM-x32\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NVIDIA 3D Vision Controller Driver 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3560617416-725466407-2438327745-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

26-01-2015 11:02:42 Windows Update
26-01-2015 12:00:33 Installiert Hama Wireless LAN Adapter
26-01-2015 12:04:48 Installiert NEC Electronics USB 3.0 Host Controller Driver
26-01-2015 14:34:13 Installed Microsoft Fix it 50123
26-01-2015 15:00:55 Windows Update
27-01-2015 02:06:16 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {3F374F9F-534F-4A81-ADA7-C9B7BD0F1CC7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26] (Google Inc.)
Task: {696D1DDF-D341-48AD-A61C-B72C5FA2D983} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26] (Google Inc.)
Task: {E9AA7B84-1557-497F-B46F-98DB66C3314D} - System32\Tasks\BDAntiCryptoWallTask => C:\Users\Chris\Desktop\BDAntiCryptoWall_Release.exe [2015-01-26] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2015-01-26 12:55 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-01-26 12:55 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-01-26 12:55 - 2014-12-17 14:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-01-26 12:55 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-01-26 12:55 - 2014-07-24 09:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl
2015-01-26 12:55 - 2014-07-24 09:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl
2015-01-26 12:55 - 2014-07-24 09:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl
2015-01-26 12:55 - 2014-07-24 09:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl
2015-01-26 12:10 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-27 01:30 - 2015-01-27 14:55 - 01208024 _____ () C:\Users\Chris\AppData\Local\Temp\BDAntiCryptoWall\BDAntiCryptoWall.exe
2015-01-27 01:30 - 2015-01-27 14:55 - 00091648 _____ () C:\Users\Chris\AppData\Local\Temp\BDAntiCryptoWall\BDMetrics.dll
2015-01-26 12:26 - 2015-01-08 21:44 - 00750080 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-27 14:56 - 2015-01-27 14:56 - 00043008 _____ () c:\users\chris\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkexjta.dll
2015-01-26 12:26 - 2015-01-08 21:44 - 00047616 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-01-26 12:26 - 2015-01-08 21:44 - 00863744 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-01-26 12:26 - 2015-01-08 21:44 - 00200704 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-01-26 17:15 - 2015-01-26 17:15 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Chris\Desktop\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Chris\Desktop\BDAntiCryptoWall_Release.exe:BDU
AlternateDataStreams: C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe:BDU
AlternateDataStreams: C:\Users\Chris\Desktop\JRT.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3560617416-725466407-2438327745-500 - Administrator - Disabled)
Chris (S-1-5-21-3560617416-725466407-2438327745-1000 - Administrator - Enabled) => C:\Users\Chris
Guest (S-1-5-21-3560617416-725466407-2438327745-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3560617416-725466407-2438327745-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-3560617416-725466407-2438327745-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 31%
Total physical RAM: 6135.11 MB
Available physical RAM: 4174.85 MB
Total Pagefile: 12268.41 MB
Available Pagefile: 10088.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1774.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:596.07 GB) (Free:73.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 53A62D7C)
Partition 1: (Active) - (Size=1862.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 46E5FCD8)
Partition 1: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Attached File  Addition.txt   12.66KB   0 downloads



#12 ChrisCGN

ChrisCGN
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 27 January 2015 - 09:39 AM

Some things I find odd:
 
  • The task manager doesn't show all running programs
  • Bitdefender Cryptowall doesn't show
  • Malwarebytes Anti-Exploit doesn't show


But yes...whatever infected my previous installation is most definitely back...
IDM gives me the security-prompt again, warning that it has been altered by another program...

Edited by ChrisCGN, 27 January 2015 - 09:55 AM.


#13 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,044 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:41 PM

Posted 27 January 2015 - 11:46 AM

Step 1: FRST Fix
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\MountPoints2: {a58cbd15-a53f-11e4-bf8d-806e6f6e6963} - E:\CheckID.exe
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3560617416-725466407-2438327745-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - No Path
    AlternateDataStreams: C:\Users\Chris\Desktop\AdwCleaner.exe:BDU
    AlternateDataStreams: C:\Users\Chris\Desktop\BDAntiCryptoWall_Release.exe:BDU
    AlternateDataStreams: C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe:BDU
    AlternateDataStreams: C:\Users\Chris\Desktop\JRT.exe:BDU
    
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!
  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#14 ChrisCGN

ChrisCGN
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 27 January 2015 - 02:53 PM

Hey again,

 

here's the Fixlog from FRST and the subsequent scan-logs:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01
Ran by Chris at 2015-01-27 20:42:02 Run:1
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris & UpdatusUser (Available profiles: Chris & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\MountPoints2: {a58cbd15-a53f-11e4-bf8d-806e6f6e6963} - E:\CheckID.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3560617416-725466407-2438327745-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - No Path
AlternateDataStreams: C:\Users\Chris\Desktop\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Chris\Desktop\BDAntiCryptoWall_Release.exe:BDU
AlternateDataStreams: C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe:BDU
AlternateDataStreams: C:\Users\Chris\Desktop\JRT.exe:BDU
*****************

"HKU\S-1-5-21-3560617416-725466407-2438327745-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a58cbd15-a53f-11e4-bf8d-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{a58cbd15-a53f-11e4-bf8d-806e6f6e6963} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-3560617416-725466407-2438327745-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fabcmochhfpldjekobfaaggijgohadih" => Key deleted successfully.
C:\Users\Chris\Desktop\AdwCleaner.exe => ":BDU" ADS removed successfully.
C:\Users\Chris\Desktop\BDAntiCryptoWall_Release.exe => ":BDU" ADS removed successfully.
C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe => ":BDU" ADS removed successfully.
C:\Users\Chris\Desktop\JRT.exe => ":BDU" ADS removed successfully.

==== End of Fixlog 20:42:02 ====

 

Attached File  Fixlog.txt   2.4KB   0 downloads



#15 ChrisCGN

ChrisCGN
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 27 January 2015 - 03:02 PM

FRST.txt

 

p.s.: I had to split the log in two, since it was too big to upload in one .txt-file...lol...sorry :P

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Chris (administrator) on CHRIS-PC on 27-01-2015 20:45:03
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris & UpdatusUser (Available profiles: Chris & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
() C:\Users\Chris\AppData\Local\Temp\BDAntiCryptoWall\BDAntiCryptoWall.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hama GmbH & Co KG) C:\Program Files (x86)\Hama\Common\RaUI.exe
(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AgileBits) C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\idmBroker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1686480 2014-12-17] (Bitdefender)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [Agile1pAgent] => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [3706640 2014-11-20] (AgileBits)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2561848 2014-12-10] (Malwarebytes Corporation)
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2014-11-25] (Bitdefender)
HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2015-01-13] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hama Wireless LAN Utility.lnk
ShortcutTarget: Hama Wireless LAN Utility.lnk -> C:\Program Files (x86)\Hama\Common\RaUI.exe (Hama GmbH & Co KG)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3560617416-725466407-2438327745-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/de-de/?ocid=iehp
BHO: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll (AgileBits)
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
BHO-x32: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll (AgileBits)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKU\S-1-5-21-3560617416-725466407-2438327745-1000 -> Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\jhbxuc9j.default
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: NoScript - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\jhbxuc9j.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-01-26]
FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\jhbxuc9j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-26]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-01-26]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5 [2015-01-26]
FF HKU\S-1-5-21-3560617416-725466407-2438327745-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.duckduckgo.com/"
CHR DefaultSearchURL: Default -> https://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (1Password: Password Manager and Secure Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-26]
CHR Extension: (MEGA) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Adblock Plus) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-26]
CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (ZenMate Security & Privacy VPN) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-01-26]
CHR Extension: (IDM Integration Module) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2015-01-26]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-01-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2014-12-15] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-09-25] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2014-12-02] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2014-12-10] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-27] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avc3.sys 70CCDD9BCBAA5A918A7D135E28A824E2
C:\Windows\System32\DRIVERS\avckf.sys 0956716D5565680DC83992C11BBDB2C2
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys 3533B749563E89EFAC7290A2BA3B4097
C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys EC80614A72BC7039D2B22E3DD6C15895
C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys C0247341C1BCD7FF2742821D0AD7AFBC
C:\Windows\system32\drivers\bdsandbox.sys 9FDA6E9379C3434625B06B192E37C1B6
C:\Windows\System32\DRIVERS\bdvedisk.sys 50F796CB1E8C80F3D19435CB50C3DAB5
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys 00C3C6C55C435810C9475C219F4D1B26
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\gzflt.sys C8B54E81501386A91B0E0BD596965C9B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\idmwfp.sys 3F2013A2880FE503B1B3BC8212764923
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 41774FF331F609EF442B7398EE6202B1
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbamchameleon.sys 478CC94C937D235CB0A96AB8F2359D81
C:\Windows\system32\drivers\mbam.sys CA43F8904E24BBE49982E4C0B29E6579
C:\Windows\system32\drivers\MBAMSwissArmy.sys 26C43960C99EE861A5D0EDC4DCF3B1C3
C:\Windows\system32\drivers\mwac.sys A646C2DDB8C46E9B20A326FAF566646C
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys 2219A3D695405E7BA2186BA6B9EDE14A
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netr28ux.sys EED1FBDE98CF5F6D5C0C5B27AB1F68EC
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys 8EBCB9165EE7F1571842F4D9D624A74C
C:\Windows\System32\DRIVERS\nusb3xhc.sys 5D54DBB12BBFE07CC283FD39F2CD6D63
C:\Windows\System32\drivers\nvhda64v.sys E366A5681C50785D4ED04FCFD65C3415
C:\Windows\System32\DRIVERS\nvlddmkm.sys 2232AE1BB51A96A7381A2CA17DF12E24
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\synth3dvsc.sys C3A39C4079305480972D29C44B868C78
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys EF4469AB69EB15E5D3754E6AEAFBCD3D
C:\Windows\System32\DRIVERS\trufos.sys 3E75A47D2DEFD2683DCA409572FBE8B2
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\yk62x64.sys ==> MD5 is legit

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 20:45 - 2015-01-27 20:45 - 00031189 _____ () C:\Users\Chris\Desktop\FRST.txt
2015-01-27 20:43 - 2015-01-27 20:43 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieUserList
2015-01-27 20:43 - 2015-01-27 20:43 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieSiteList
2015-01-27 20:43 - 2015-01-27 20:43 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieBrowserModeList
2015-01-27 20:16 - 2015-01-27 20:16 - 848575476 _____ () C:\Users\Chris\Downloads\The.Originals.S02E11.720p.HDTV.X264-DIMENSION.mkv
2015-01-27 20:09 - 2015-01-27 20:09 - 920108510 _____ () C:\Users\Chris\Downloads\Galavant.S01E08.1080p.WEB-DL.DD5.1.H.264-HWD.mkv
2015-01-27 19:39 - 2015-01-27 19:39 - 904701305 _____ () C:\Users\Chris\Downloads\Galavant.S01E07.1080p.WEB-DL.DD5.1.H.264-HWD.mkv
2015-01-27 19:33 - 2015-01-27 19:34 - 1800702113 _____ () C:\Users\Chris\Downloads\Sleepy.Hollow.S02E14.Kali.Yuga.1080p.WEB-DL.DD5.1.H.264-BS.mkv
2015-01-27 19:20 - 2015-01-27 19:20 - 00000000 _____ () C:\Users\Chris\Desktop\New Text Document.txt
2015-01-27 19:19 - 2015-01-27 19:20 - 1933250041 _____ () C:\Users\Chris\Downloads\Gotham.S01E13.1080p.WEB-DL.DD5.1.AAC2.0.H.264-YFN.mkv
2015-01-27 19:07 - 2015-01-27 19:07 - 733815022 _____ () C:\Users\Chris\Downloads\Broadchurch.S02E04.Repack.720p.HDTV.X264-TLA.mkv
2015-01-27 19:00 - 2015-01-27 19:01 - 1586648647 _____ () C:\Users\Chris\Downloads\TwoDDL.eu_N04EB-D64-NS.part2.rar
2015-01-27 18:50 - 2015-01-27 18:53 - 2147483659 _____ () C:\Users\Chris\Downloads\TwoDDL.eu_N04EB-D64-NS.part1.rar
2015-01-27 17:48 - 2015-01-27 17:48 - 24743106 _____ () C:\Users\Chris\Desktop\vlc.exe
2015-01-27 15:21 - 2015-01-27 15:21 - 00000000 ____D () C:\Windows\ERUNT
2015-01-27 15:01 - 2015-01-27 15:01 - 01707939 _____ (Thisisu) C:\Users\Chris\Desktop\JRT.exe
2015-01-27 14:51 - 2015-01-27 14:53 - 00000000 ____D () C:\AdwCleaner
2015-01-27 14:49 - 2015-01-27 14:49 - 02194432 _____ () C:\Users\Chris\Desktop\AdwCleaner.exe
2015-01-27 13:11 - 2015-01-27 13:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-27 13:10 - 2015-01-27 13:10 - 00000000 ____D () C:\Users\Chris\AppData\Local\NVIDIA
2015-01-27 02:20 - 2015-01-27 02:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-27 02:20 - 2015-01-27 02:20 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-27 02:17 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-01-27 02:17 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-01-27 02:17 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-01-27 02:17 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-01-27 02:17 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-01-27 02:17 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-27 02:17 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-01-27 02:17 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-01-27 02:17 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-01-27 02:17 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-01-27 02:17 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-27 02:17 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-01-27 02:17 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-01-27 02:17 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-27 02:17 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-01-27 02:17 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-01-27 02:17 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-27 02:17 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-01-27 02:14 - 2015-01-27 02:14 - 00749404 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-27 02:11 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-01-27 02:11 - 2012-08-23 15:12 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\terminpt.sys
2015-01-27 02:11 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-01-27 02:11 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-01-27 02:11 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-01-27 02:11 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-01-27 02:11 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-01-27 02:11 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-01-27 02:10 - 2014-07-02 18:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-27 02:06 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-01-27 02:06 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-01-27 01:35 - 2015-01-27 01:35 - 943446123 _____ () C:\Users\Chris\Downloads\Looking.S02E03.720p.HDTV.x264-KILLERS.mkv
2015-01-27 01:30 - 2015-01-27 14:55 - 00002038 __RSH () C:\ProgramData\ntuser.pol
2015-01-27 01:30 - 2015-01-27 01:30 - 00003236 _____ () C:\Windows\System32\Tasks\BDAntiCryptoWallTask
2015-01-27 01:26 - 2015-01-27 01:26 - 1880539615 _____ () C:\Users\Chris\Downloads\Gotham.S01E12.1080p.WEB-DL.DD5.1.H.264-ECI.mkv
2015-01-27 00:27 - 2015-01-27 00:27 - 727121018 _____ () C:\Users\Chris\Downloads\Supernatural.S10E10.720p.HDTV.X264-DIMENSION.mkv
2015-01-27 00:22 - 2015-01-27 00:22 - 1731733680 _____ () C:\Users\Chris\Downloads\The.Flash.2014.S01E10.1080p.WEB-DL.DD5.1.H.264-NTb.mkv
2015-01-26 23:54 - 2015-01-26 23:54 - 924010404 _____ () C:\Users\Chris\Downloads\Galavant.S01E06.1080p.WEB-DL.DD5.1.H.264-HWD.mkv
2015-01-26 23:47 - 2015-01-26 23:47 - 898372878 _____ () C:\Users\Chris\Downloads\Galavant.S01E05.1080p.WEB-DL.DD5.1.H.264-HWD.mkv
2015-01-26 22:21 - 2015-01-26 22:22 - 1575785304 _____ () C:\Users\Chris\Downloads\Eye.Candy.S01E02.1080p.WEB-DL.AAC2.0.H.264-KiNGS.mkv
2015-01-26 22:15 - 2015-01-26 22:15 - 00000000 ____D () C:\Users\Chris\AppData\Temp
2015-01-26 21:40 - 2015-01-26 21:41 - 1735823331 _____ () C:\Users\Chris\Downloads\Arrow.S03E10.1080p.WEB-DL.DD5.1.H.264-BS.mkv
2015-01-26 20:41 - 2015-01-26 20:42 - 1907004675 _____ () C:\Users\Chris\Downloads\Empire.2015.S01E03.1080p.WEB.DL.DD5.1.H.264.QUEENS.mkv
2015-01-26 20:28 - 2015-01-26 20:28 - 229607303 _____ () C:\Users\Chris\Downloads\American.Horror.Story.S04E13.1080p.WEB-DL.DD5.1.H.264-ECI_www.theextopia.com.part3.rar
2015-01-26 20:22 - 2015-01-26 20:23 - 1073741824 _____ () C:\Users\Chris\Downloads\American.Horror.Story.S04E13.1080p.WEB-DL.DD5.1.H.264-ECI_www.theextopia.com.part2.rar
2015-01-26 20:00 - 2015-01-26 20:00 - 1073741824 _____ () C:\Users\Chris\Downloads\American.Horror.Story.S04E13.1080p.WEB-DL.DD5.1.H.264-ECI_www.theextopia.com.part1.rar
2015-01-26 19:41 - 2015-01-26 19:41 - 00008192 __RSH () C:\BOOTSECT.BAK
2015-01-26 19:41 - 2015-01-26 11:01 - 00000000 ____D () C:\Windows\Panther
2015-01-26 19:41 - 2010-11-21 04:23 - 00383786 __RSH () C:\bootmgr
2015-01-26 19:35 - 2015-01-26 19:35 - 1123402160 _____ () C:\Users\Chris\Downloads\Revenge.S04E14.720p.HDTV.X264-DIMENSION.mkv
2015-01-26 19:28 - 2015-01-26 19:28 - 1861180362 _____ () C:\Users\Chris\Downloads\The.100.S02E09.1080p.WEB-DL.DD5.1.H.264-KiNGS.mkv
2015-01-26 19:18 - 2015-01-26 19:18 - 1834365867 _____ () C:\Users\Chris\Downloads\The.Vampire.Diaries.S06E11.1080p.WEB-DL.DD5.1.H.264-KiNGS.mkv
2015-01-26 19:16 - 2015-01-26 19:16 - 00001120 _____ () C:\Users\Chris\Desktop\Malwarebytes Anti-Exploit.lnk
2015-01-26 19:08 - 2015-01-26 19:08 - 954858845 _____ () C:\Users\Chris\Downloads\Grimm.S04E10.720p.HDTV.X264-DIMENSION.mkv
2015-01-26 19:00 - 2015-01-26 19:00 - 1738512158 _____ () C:\Users\Chris\Downloads\Banshee.S03E03.720p.HDTV.x264-KILLERS.mkv
2015-01-26 18:40 - 2015-01-26 18:40 - 922398150 _____ () C:\Users\Chris\Downloads\Helix.S02E02.720p.HDTV.x264-KILLERS.mkv
2015-01-26 18:31 - 2015-01-26 18:31 - 00002082 _____ () C:\Users\Chris\Desktop\JDownloader 2.lnk
2015-01-26 18:31 - 2015-01-26 18:31 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-01-26 18:31 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-26 18:31 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-26 18:31 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-26 18:31 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-26 18:31 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-26 18:31 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-01-26 18:31 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-01-26 18:31 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-26 18:31 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2015-01-26 18:31 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-26 18:31 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-01-26 18:31 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-01-26 18:31 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-01-26 18:31 - 2011-03-11 07:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-01-26 18:31 - 2011-03-11 07:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-01-26 18:31 - 2011-03-11 07:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-01-26 18:31 - 2011-03-11 07:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-01-26 18:31 - 2011-03-11 07:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-01-26 18:31 - 2011-03-11 07:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-01-26 18:31 - 2011-03-11 07:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-01-26 18:31 - 2011-03-11 06:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-01-26 18:31 - 2011-03-11 06:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2015-01-26 18:31 - 2011-03-11 05:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-01-26 18:29 - 2015-01-26 18:30 - 00000000 ____D () C:\Users\Chris\AppData\Local\JDownloader v2.0
2015-01-26 18:24 - 2015-01-27 20:40 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\vlc
2015-01-26 18:23 - 2015-01-26 18:23 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-01-26 18:23 - 2015-01-26 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-26 18:22 - 2015-01-26 18:22 - 00000000 ____D () C:\Program Files\VideoLAN
2015-01-26 18:20 - 2015-01-27 18:08 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2015-01-26 18:20 - 2015-01-26 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-01-26 18:20 - 2015-01-26 18:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-01-26 18:15 - 2015-01-26 18:15 - 1421616689 _____ () C:\Users\Chris\Downloads\Gotham.S01E12.What.The.Little.Bird.Told.Him.720p.WEB-DL.DD5.1.H.264-ECI.mkv
2015-01-26 18:03 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-26 18:03 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-26 17:55 - 2015-01-26 17:55 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Adobe
2015-01-26 17:15 - 2015-01-26 17:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 17:15 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-01-26 17:15 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-01-26 17:15 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-01-26 17:15 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-01-26 16:57 - 2015-01-27 13:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 16:57 - 2015-01-26 16:57 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-26 16:57 - 2015-01-26 16:57 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-26 16:57 - 2015-01-26 16:57 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Mozilla
2015-01-26 16:57 - 2015-01-26 16:57 - 00000000 ____D () C:\Users\Chris\AppData\Local\Mozilla
2015-01-26 16:57 - 2015-01-26 16:57 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-26 16:56 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-01-26 16:56 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-01-26 16:56 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-01-26 16:48 - 2015-01-26 16:48 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-26 16:48 - 2015-01-26 16:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-26 16:48 - 2015-01-26 16:48 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-26 16:48 - 2015-01-26 16:48 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-26 16:48 - 2015-01-26 16:48 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-01-26 16:48 - 2015-01-26 16:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-01-26 16:48 - 2015-01-26 16:48 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-26 16:48 - 2015-01-26 16:48 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-01-26 16:48 - 2015-01-26 16:48 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-26 16:48 - 2015-01-26 16:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-01-26 16:48 - 2015-01-26 16:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-01-26 16:48 - 2015-01-26 16:48 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-01-26 16:48 - 2015-01-26 16:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-26 16:47 - 2015-01-26 16:47 - 00007605 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2015-01-26 16:24 - 2015-01-26 16:24 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-01-26 16:24 - 2015-01-26 16:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-01-26 16:18 - 2015-01-26 16:56 - 00017549 _____ () C:\Windows\IE11_main.log
2015-01-26 16:11 - 2015-01-26 16:11 - 13945728 _____ () C:\Users\Chris\Desktop\BDAntiCryptoWall_Release.exe
2015-01-26 15:22 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-26 15:22 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-26 15:22 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-01-26 15:21 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-26 15:21 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-26 15:21 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-26 15:21 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-26 15:21 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-01-26 15:21 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-01-26 15:21 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-01-26 15:20 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-01-26 15:20 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-01-26 15:20 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-01-26 15:20 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-01-26 15:20 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-01-26 15:20 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-01-26 15:20 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-01-26 15:20 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-01-26 15:11 - 2012-03-01 07:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-01-26 15:11 - 2012-03-01 07:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-01-26 15:11 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-01-26 15:03 - 2015-01-26 15:06 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-26 15:03 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-26 15:01 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-26 15:01 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-01-26 15:01 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-01-26 15:01 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-26 15:01 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-26 15:01 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-26 15:01 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-01-26 15:01 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-01-26 14:59 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-26 14:59 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-26 14:59 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-01-26 14:59 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-01-26 14:59 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-01-26 14:59 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-01-26 14:59 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-01-26 14:59 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-01-26 14:59 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-01-26 14:59 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-01-26 14:59 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-01-26 14:59 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-01-26 14:59 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-01-26 14:59 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-01-26 14:59 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-01-26 14:59 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-01-26 14:59 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-01-26 14:59 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-01-26 14:59 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-01-26 14:59 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-01-26 14:59 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-01-26 14:59 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-01-26 14:59 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-01-26 14:59 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-01-26 14:59 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-01-26 14:59 - 2012-02-17 07:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-01-26 14:59 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-01-26 14:59 - 2012-02-17 05:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-01-26 14:59 - 2011-06-16 06:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-01-26 14:59 - 2011-06-16 05:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-01-26 14:59 - 2011-03-03 07:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-01-26 14:59 - 2011-03-03 07:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-01-26 14:59 - 2011-03-03 07:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-01-26 14:59 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-01-26 14:59 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2015-01-26 14:59 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-01-26 14:58 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-26 14:58 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-26 14:58 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-26 14:58 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-26 14:58 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-26 14:58 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-26 14:58 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-26 14:58 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-26 14:58 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-01-26 14:58 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-01-26 14:58 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-01-26 14:58 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-01-26 14:58 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-01-26 14:58 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-01-26 14:58 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-01-26 14:58 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-01-26 14:58 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-01-26 14:58 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-01-26 14:58 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-01-26 14:58 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-01-26 14:58 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-01-26 14:58 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-01-26 14:58 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-01-26 14:58 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-01-26 14:58 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-01-26 14:58 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-01-26 14:58 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-01-26 14:58 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-01-26 14:58 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-01-26 14:58 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-01-26 14:58 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-01-26 14:58 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-01-26 14:58 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-26 14:58 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-26 14:58 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-01-26 14:58 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-01-26 14:58 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-01-26 14:58 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-01-26 14:58 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-01-26 14:58 - 2010-12-23 11:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-01-26 14:58 - 2010-12-23 11:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-01-26 14:58 - 2010-12-23 11:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-01-26 14:58 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2015-01-26 14:58 - 2010-12-23 06:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2015-01-26 14:58 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2015-01-26 14:57 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-26 14:57 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-26 14:57 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-26 14:57 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-26 14:57 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-26 14:57 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-26 14:57 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-26 14:57 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-01-26 14:57 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-01-26 14:57 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-26 14:57 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-01-26 14:57 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-01-26 14:57 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-01-26 14:57 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-01-26 14:57 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-01-26 14:57 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-01-26 14:57 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-01-26 14:57 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-01-26 14:57 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-01-26 14:57 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-01-26 14:57 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-01-26 14:57 - 2012-11-28 23:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-01-26 14:57 - 2011-12-30 07:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-01-26 14:57 - 2011-12-30 06:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-01-26 14:57 - 2011-05-24 12:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-01-26 14:57 - 2011-05-24 11:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2015-01-26 14:57 - 2011-05-24 11:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2015-01-26 14:57 - 2011-05-24 11:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2015-01-26 14:57 - 2011-05-24 11:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-01-26 14:57 - 2011-04-29 04:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-01-26 14:57 - 2011-04-29 04:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-01-26 14:57 - 2011-04-29 04:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-01-26 14:57 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-01-26 14:57 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-01-26 14:56 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-26 14:56 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-26 14:56 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-26 14:56 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-26 14:56 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-26 14:56 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-26 14:56 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-26 14:56 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-26 14:56 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-26 14:56 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-26 14:56 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-26 14:56 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-26 14:56 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-26 14:56 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-26 14:56 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-26 14:56 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-01-26 14:56 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-26 14:56 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-01-26 14:56 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-26 14:56 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-01-26 14:56 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-26 14:56 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-26 14:56 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-26 14:56 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-26 14:56 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-26 14:56 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-01-26 14:56 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-01-26 14:56 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-01-26 14:56 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-01-26 14:56 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-01-26 14:56 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-01-26 14:56 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-01-26 14:56 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-01-26 14:56 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-26 14:56 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-26 14:56 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-01-26 14:56 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-01-26 14:56 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-01-26 14:56 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-01-26 14:56 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-01-26 14:56 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-01-26 14:56 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-01-26 14:56 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-01-26 14:56 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-01-26 14:56 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-01-26 14:56 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-01-26 14:56 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-01-26 14:56 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-01-26 14:56 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-01-26 14:56 - 2011-08-17 06:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-01-26 14:56 - 2011-08-17 06:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-01-26 14:56 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2015-01-26 14:56 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2015-01-26 14:55 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-26 14:55 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-26 14:55 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-01-26 14:55 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-01-26 14:55 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-26 14:55 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-01-26 14:55 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-01-26 14:55 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-01-26 14:55 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-01-26 14:55 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-01-26 14:55 - 2012-01-04 11:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-01-26 14:55 - 2012-01-04 09:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-01-26 14:55 - 2011-06-15 11:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-01-26 14:55 - 2011-06-15 11:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-01-26 14:55 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-01-26 14:55 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2015-01-26 14:55 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-26 14:53 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-26 14:53 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-26 14:53 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-26 14:53 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-26 14:53 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-26 14:53 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-01-26 14:53 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-26 14:53 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-26 14:53 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-26 14:53 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-01-26 14:53 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-01-26 14:53 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-26 14:53 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-01-26 14:53 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-01-26 14:53 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-01-26 14:53 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-26 14:53 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-01-26 14:53 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-01-26 14:53 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-01-26 14:53 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-01-26 14:53 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-01-26 14:53 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-01-26 14:53 - 2012-04-26 06:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-01-26 14:53 - 2012-04-26 06:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-01-26 14:52 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-26 14:52 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-01-26 14:52 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-26 14:52 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-01-26 14:52 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-01-26 14:52 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-01-26 14:52 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-01-26 14:52 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-01-26 14:52 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-01-26 14:52 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-01-26 14:52 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-01-26 14:52 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-01-26 14:52 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-01-26 14:52 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-01-26 14:52 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-01-26 14:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-01-26 14:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-01-26 14:52 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-01-26 14:52 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-01-26 14:52 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-01-26 14:52 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-01-26 14:52 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-01-26 14:52 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-01-26 14:52 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-01-26 14:52 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-01-26 14:52 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-01-26 14:52 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-01-26 14:52 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-01-26 14:52 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-01-26 14:52 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-01-26 14:52 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-01-26 14:52 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-01-26 14:52 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-01-26 14:52 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-01-26 14:52 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-01-26 14:52 - 2012-07-04 23:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-01-26 14:52 - 2012-07-04 23:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-01-26 14:52 - 2012-07-04 23:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-01-26 14:52 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2015-01-26 14:52 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2015-01-26 14:51 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-26 14:51 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-26 14:51 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-26 14:51 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-26 14:51 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-26 14:51 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-26 14:51 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-26 14:51 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-26 14:51 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-26 14:51 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-26 14:51 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-26 14:51 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-26 14:51 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-26 14:51 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-26 14:51 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-01-26 14:51 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-01-26 14:51 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-01-26 14:51 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-26 14:51 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-01-26 14:51 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-26 14:51 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-26 14:51 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-01-26 14:51 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-01-26 14:51 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-01-26 14:51 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-01-26 14:51 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-01-26 14:51 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-01-26 14:51 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-01-26 14:51 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-01-26 14:51 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-01-26 14:51 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-01-26 14:51 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-01-26 14:51 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-01-26 14:51 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-01-26 14:51 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-01-26 14:51 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-01-26 14:51 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-01-26 14:51 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-01-26 14:51 - 2012-06-06 07:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-01-26 14:51 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-01-26 14:51 - 2011-11-17 07:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-01-26 14:51 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2015-01-26 14:51 - 2011-10-26 06:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-01-26 14:51 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-01-26 14:51 - 2011-10-15 07:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-01-26 14:51 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2015-01-26 14:51 - 2011-05-04 06:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-01-26 14:51 - 2011-05-04 06:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-01-26 14:51 - 2011-05-04 06:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-01-26 14:51 - 2011-05-04 06:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-01-26 14:51 - 2011-05-04 06:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-01-26 14:51 - 2011-05-04 05:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-01-26 14:51 - 2011-05-04 05:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-01-26 14:51 - 2011-05-04 05:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-01-26 14:51 - 2011-05-04 05:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-01-26 14:51 - 2011-05-04 05:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-01-26 14:51 - 2011-03-11 07:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-01-26 14:51 - 2011-03-11 07:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-01-26 14:51 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-01-26 14:51 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-01-26 14:50 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-26 14:50 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-01-26 14:50 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-26 14:50 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-01-26 14:50 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-01-26 14:50 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-01-26 14:50 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-01-26 14:50 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-01-26 14:50 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-01-26 14:50 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-01-26 14:50 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-01-26 14:50 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-01-26 14:50 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-01-26 14:50 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-01-26 14:50 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-01-26 14:50 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-01-26 14:50 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-01-26 14:50 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-01-26 14:50 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-01-26 14:50 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-01-26 14:50 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-01-26 14:50 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-01-26 14:50 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-01-26 14:50 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2015-01-26 14:50 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-01-26 14:50 - 2012-05-14 06:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-01-26 14:50 - 2012-03-17 08:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-01-26 14:50 - 2011-12-16 09:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-01-26 14:50 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2015-01-26 14:50 - 2011-08-27 06:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-01-26 14:50 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2015-01-26 14:50 - 2011-07-09 03:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-01-26 14:50 - 2011-05-03 06:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-01-26 14:50 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-01-26 14:50 - 2011-04-27 03:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-01-26 14:50 - 2011-04-27 03:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-01-26 14:50 - 2011-02-23 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-01-26 14:50 - 2011-02-18 11:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-01-26 14:50 - 2011-02-18 06:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-01-26 14:50 - 2011-02-12 12:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-01-26 14:50 - 2011-02-05 18:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-01-26 14:50 - 2011-02-05 18:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2015-01-26 14:50 - 2011-02-05 18:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-01-26 14:50 - 2011-02-05 18:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2015-01-26 14:50 - 2011-02-05 18:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-01-26 14:50 - 2011-02-05 18:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-01-26 14:50 - 2011-02-05 18:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-01-26 14:41 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-01-26 14:41 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-01-26 14:41 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-01-26 14:41 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-01-26 14:41 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-01-26 14:40 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-01-26 14:40 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-01-26 14:28 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-01-26 14:11 - 2015-01-27 17:57 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\DMCache
2015-01-26 14:11 - 2015-01-27 17:16 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\IDM
2015-01-26 14:11 - 2015-01-27 16:23 - 00000000 ____D () C:\Users\Chris\Downloads\Compressed
2015-01-26 14:11 - 2015-01-26 14:11 - 00001009 _____ () C:\Users\Chris\Desktop\Internet Download Manager.lnk
2015-01-26 14:11 - 2015-01-26 14:11 - 00000000 ____D () C:\Users\Chris\Downloads\Video
2015-01-26 14:11 - 2015-01-26 14:11 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-26 14:11 - 2015-01-26 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-01-26 14:11 - 2015-01-26 14:11 - 00000000 ____D () C:\ProgramData\IDM
2015-01-26 14:10 - 2015-01-26 14:11 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-01-26 13:36 - 2015-01-26 13:36 - 02347384 _____ (ESET) C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe
2015-01-26 13:25 - 2015-01-26 13:25 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-01-26 13:25 - 2015-01-26 13:25 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-01-26 13:20 - 2015-01-27 20:40 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 13:20 - 2015-01-27 18:07 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-26 13:20 - 2015-01-27 13:27 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-26 13:20 - 2015-01-26 13:20 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-26 13:20 - 2015-01-26 13:20 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\Users\Chris\AppData\Local\Deployment
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\Users\Chris\AppData\Local\Apps\2.0
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-26 13:20 - 2015-01-26 13:20 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-26 12:56 - 2015-01-26 12:56 - 00527147 _____ () C:\ProgramData\1422273176.bdinstall.bin
2015-01-26 12:56 - 2015-01-26 12:56 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2015-01-26 12:56 - 2015-01-26 12:56 - 00000385 _____ () C:\Users\Chris\AppData\Roaminguser_gensett.xml
2015-01-26 12:55 - 2015-01-26 13:15 - 00000000 ____D () C:\ProgramData\BDLogging
2015-01-26 12:55 - 2015-01-26 12:55 - 00002122 _____ () C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2015-01-26 12:55 - 2015-01-26 12:55 - 00000684 ____H () C:\bdr-cf01
2015-01-26 12:55 - 2015-01-26 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-01-26 12:55 - 2014-12-02 16:40 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-01-26 12:55 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-01-26 12:55 - 2014-09-25 15:57 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-01-26 12:55 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-01-26 12:55 - 2013-11-13 15:41 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2015-01-26 12:55 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-01-26 12:55 - 2009-07-14 14:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-01-26 12:55 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-01-26 12:54 - 2015-01-26 13:01 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Bitdefender
2015-01-26 12:54 - 2015-01-26 12:55 - 00253404 ____H () C:\bdr-ld01
2015-01-26 12:54 - 2015-01-26 12:55 - 00009216 ____H () C:\bdr-ld01.mbr
2015-01-26 12:54 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2015-01-26 12:54 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2015-01-26 12:53 - 2015-01-26 12:55 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-01-26 12:53 - 2015-01-26 12:54 - 00000000 ____D () C:\Program Files\Bitdefender
2015-01-26 12:53 - 2014-12-02 16:37 - 00084336 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2015-01-26 12:53 - 2014-12-02 13:37 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2015-01-26 12:53 - 2014-10-22 09:29 - 00155912 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-01-26 12:53 - 2014-10-15 16:14 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-01-26 12:52 - 2015-01-26 16:13 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\QuickScan
2015-01-26 12:52 - 2015-01-26 12:53 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-01-26 12:42 - 2015-01-26 12:42 - 00000000 ____D () C:\Users\Chris\Documents\1Password
2015-01-26 12:42 - 2015-01-26 12:42 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\AgileBits
2015-01-26 12:29 - 2015-01-26 12:30 - 00000000 ____D () C:\Program Files (x86)\1Password 4
2015-01-26 12:29 - 2015-01-26 12:29 - 00001033 _____ () C:\Users\Public\Desktop\1Password 4.lnk
2015-01-26 12:29 - 2015-01-26 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Password
2015-01-26 12:29 - 2014-04-22 11:30 - 02081792 _____ (Chilkat Software, Inc.) C:\Windows\SysWOW64\ChilkatSocket.dll
2015-01-26 12:29 - 2014-04-22 11:30 - 01972736 _____ (Chilkat Software, Inc.) C:\Windows\SysWOW64\ChilkatCrypt2.dll
2015-01-26 12:29 - 2014-04-22 11:30 - 01795072 _____ (Chilkat Software, Inc.) C:\Windows\SysWOW64\ChilkatCert.dll
2015-01-26 12:29 - 2014-04-22 11:30 - 01682432 _____ (Chilkat Software, Inc.) C:\Windows\SysWOW64\ChilkatZip2.dll
2015-01-26 12:28 - 2015-01-27 18:08 - 00000000 ___RD () C:\Users\Chris\Dropbox
2015-01-26 12:28 - 2015-01-26 12:28 - 00001125 _____ () C:\Users\Chris\Desktop\Dropbox.lnk
2015-01-26 12:26 - 2015-01-26 12:26 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-01-26 12:25 - 2015-01-27 18:08 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Dropbox
2015-01-26 12:14 - 2015-01-26 18:03 - 00000769 _____ () C:\Users\Chris\AppData\Local\RT2870_{0DD9E132-1716-4B2C-A232-EE22E71989DF}_sta
2015-01-26 12:13 - 2015-01-26 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-26 12:10 - 2015-01-27 18:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-26 12:10 - 2015-01-26 12:10 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2015-01-26 12:10 - 2014-07-02 19:55 - 06783776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-01-26 12:10 - 2014-07-02 19:55 - 03522392 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-01-26 12:10 - 2014-07-02 19:55 - 02559960 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-01-26 12:10 - 2014-07-02 19:55 - 00935368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-01-26 12:10 - 2014-07-02 19:55 - 00386520 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-01-26 12:10 - 2014-07-02 19:55 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-01-26 12:10 - 2014-07-02 11:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-26 12:10 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-26 12:10 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-26 12:09 - 2015-01-27 02:10 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-26 12:09 - 2015-01-27 02:10 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-26 12:09 - 2015-01-26 12:09 - 00000000 ____D () C:\temp
2015-01-26 12:09 - 2014-08-19 22:15 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-01-26 12:09 - 2014-08-19 22:15 - 00061912 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-01-26 12:09 - 2014-08-19 22:14 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2015-01-26 12:09 - 2012-08-30 20:14 - 01760104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco64.dll
2015-01-26 12:09 - 2012-08-30 20:14 - 01482600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco64.dll
2015-01-26 12:08 - 2015-01-27 02:10 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-26 12:08 - 2014-08-19 22:15 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-26 12:08 - 2014-08-19 22:14 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-01-26 12:05 - 2015-01-26 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEC Electronics
2015-01-26 12:05 - 2015-01-26 12:05 - 00000000 ____D () C:\Program Files (x86)\NEC Electronics
2015-01-26 12:04 - 2015-01-26 12:04 - 00005070 _____ () C:\Windows\Ascd_tmp.ini
2015-01-26 12:04 - 2015-01-26 12:04 - 00001769 _____ () C:\Windows\Language_trs.ini
2015-01-26 12:04 - 2015-01-26 12:04 - 00000000 ____D () C:\Users\Chris\AppData\Local\Downloaded Installations
2015-01-26 12:01 - 2015-01-26 18:03 - 00000778 _____ () C:\Users\Chris\AppData\Local\RT2870_{0DD9E132-1716-4B2C-A232-EE22E71989DF}_prof
2015-01-26 12:00 - 2015-01-26 12:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-26 12:00 - 2015-01-26 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hama Wireless LAN
2015-01-26 12:00 - 2015-01-26 12:00 - 00000000 ____D () C:\Program Files (x86)\Hama
2015-01-26 11:22 - 2015-01-27 19:33 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-26 11:22 - 2015-01-26 11:22 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-26 11:22 - 2015-01-26 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-26 11:22 - 2015-01-26 11:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-26 11:22 - 2015-01-26 11:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-26 11:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-26 11:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-26 11:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-26 11:17 - 2015-01-27 20:45 - 00000000 ____D () C:\FRST
2015-01-26 11:16 - 2015-01-26 11:16 - 02129920 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe
2015-01-26 11:07 - 2015-01-26 11:07 - 00057560 _____ () C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-26 11:04 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-26 11:04 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-26 11:04 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-01-26 11:04 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-26 11:02 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-26 11:02 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-26 11:02 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-01-26 11:02 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-01-26 11:02 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-26 11:02 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-26 11:02 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-26 11:02 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-26 11:02 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-26 11:02 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-26 11:01 - 2015-01-26 17:55 - 00001413 _____ () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-26 11:01 - 2015-01-26 12:28 - 00000000 ____D () C:\Users\Chris
2015-01-26 11:01 - 2015-01-26 11:01 - 00000020 ___SH () C:\Users\Chris\ntuser.ini
2015-01-26 11:01 - 2015-01-26 11:01 - 00000000 __SHD () C:\Recovery
2015-01-26 11:01 - 2015-01-26 11:01 - 00000000 ____D () C:\Users\Chris\AppData\Local\VirtualStore
2015-01-26 11:01 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-26 11:01 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-26 10:51 - 2015-01-27 20:41 - 01153397 _____ () C:\Windows\WindowsUpdate.log
2015-01-26 10:46 - 2015-01-26 10:46 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-01-26 10:46 - 2015-01-26 10:46 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-01-26 10:45 - 2015-01-26 10:45 - 00001355 _____ () C:\Windows\TSSysprep.log
2015-01-13 13:36 - 2014-11-29 01:37 - 00180648 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 20:09 - 2009-07-14 05:45 - 00020832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-27 20:09 - 2009-07-14 05:45 - 00020832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-27 18:13 - 2009-07-14 06:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 18:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-27 18:07 - 2009-07-14 05:51 - 00023272 _____ () C:\Windows\setupact.log
2015-01-27 14:54 - 2010-11-21 04:47 - 00012010 _____ () C:\Windows\PFRO.log
2015-01-27 14:54 - 2009-07-14 05:45 - 00267816 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-27 13:09 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-27 02:20 - 2011-04-12 09:28 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-27 02:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-27 02:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-27 01:30 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-01-26 19:41 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-26 19:41 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-01-26 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-26 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-26 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-26 13:15 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2015-01-26 12:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-26 12:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-26 12:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-01-26 11:04 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-26 11:02 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2015-01-26 11:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2015-01-26 10:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-26 10:46 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-26 10:45 - 2009-07-14 05:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2015-01-26 10:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-01-26 10:43 - 2011-04-12 09:28 - 00000000 ____D () C:\Windows\CSC

==================== Files in the root of some directories =======

2015-01-26 16:47 - 2015-01-26 16:47 - 0007605 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2015-01-26 12:01 - 2015-01-26 18:03 - 0000778 _____ () C:\Users\Chris\AppData\Local\RT2870_{0DD9E132-1716-4B2C-A232-EE22E71989DF}_prof
2015-01-26 12:14 - 2015-01-26 18:03 - 0000769 _____ () C:\Users\Chris\AppData\Local\RT2870_{0DD9E132-1716-4B2C-A232-EE22E71989DF}_sta
2015-01-26 12:56 - 2015-01-26 12:56 - 0527147 _____ () C:\ProgramData\1422273176.bdinstall.bin

Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\130667668433770712.exe
C:\Users\Chris\AppData\Local\Temp\13066766855418022401.exe
C:\Users\Chris\AppData\Local\Temp\130667669105233290.exe
C:\Users\Chris\AppData\Local\Temp\13066766913009471234.exe
C:\Users\Chris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzxrmfv.dll
C:\Users\Chris\AppData\Local\Temp\ICReinstall_13066766855418022401.exe
C:\Users\Chris\AppData\Local\Temp\proxy_vole5875133703648682317.dll
C:\Users\Chris\AppData\Local\Temp\Quarantine.exe
C:\Users\Chris\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {ecba0a09-a58a-11e4-b133-81809b18fb3a}
displayorder            {current}
toolsdisplayorder       {bdbdbd00-6057-11e0-a7f3-ce9adfd72001}
                        {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {ecba0a0b-a58a-11e4-b133-81809b18fb3a}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {ecba0a09-a58a-11e4-b133-81809b18fb3a}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {ecba0a0b-a58a-11e4-b133-81809b18fb3a}
device                  ramdisk=[C:]\Recovery\ecba0a0b-a58a-11e4-b133-81809b18fb3a\Winre.wim,{ecba0a0c-a58a-11e4-b133-81809b18fb3a}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\ecba0a0b-a58a-11e4-b133-81809b18fb3a\Winre.wim,{ecba0a0c-a58a-11e4-b133-81809b18fb3a}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {ecba0a09-a58a-11e4-b133-81809b18fb3a}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

Real-mode Boot Sector
---------------------
identifier              {bdbdbd00-6057-11e0-a7f3-ce9adfd72001}
device                  partition=C:
path                    \bdr-ld01.mbr
description             Bitdefender Rescue Mode - Windows 7 Ultimate SP 1 (x64)

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {ecba0a0c-a58a-11e4-b133-81809b18fb3a}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\ecba0a0b-a58a-11e4-b133-81809b18fb3a\boot.sdi



LastRegBack: 2015-01-26 10:42

==================== End Of Log ============================

 

Attached File  FRST (part1).txt   76.37KB   0 downloads


Edited by ChrisCGN, 27 January 2015 - 03:04 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users