Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My PC is infected


  • This topic is locked This topic is locked
7 replies to this topic

#1 Patfisc

Patfisc

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:22 PM

Posted 17 February 2015 - 07:40 AM

Mod Edit: Moved to proper forum for HJT logs ~~ boopme


My browsers open false survey pages.
What should I do to get rid of the infection?
 
Here is the StartupList generated by HijackThis:
 

StartupList report, 17/02/2015, 12:31:26
StartupList version: 1.52.2
Started from : C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.EXE
Detected: Windows 7 SP1 (WinNT 6.00.3505)
Detected: Internet Explorer v11.0 (11.00.9600.17631)
* Using default options
==================================================
 
Running processes:
 
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAC8SWK.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
 
--------------------------------------------------
 
Checking Windows NT UserInit:
 
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = userinit.exe
 
--------------------------------------------------
 
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
 
(Default) = 
Acrobat Assistant 8.0 = "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
QuickTime Task = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
EaseUS EPM tray = C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
HDD Regenerator = "C:\Program Files (x86)\HDD Regenerator\Shell.exe" /1
 
--------------------------------------------------
 
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
 
GoogleChromeAutoLaunch_133FC10A42EC311A0885C7B36F719938 = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
Skype = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
CAHeadless = C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
 
--------------------------------------------------
 
File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command
 
(Default) = C:\Windows\SysWOW64\mshta.exe "%1" %*
 
--------------------------------------------------
 
Shell & screensaver key from C:\Windows\SYSTEM.INI:
 
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
 
Shell & screensaver key from Registry:
 
Shell=explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*
 
Policies Shell key:
 
HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*
 
--------------------------------------------------
 
 
Enumerating Browser Helper Objects:
 
ContentBlockerBrowserHelperObject - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll - {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358}
Lync Click to Call BHO - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
IESpeakDoc - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}
(no name) - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll - {AE7CD045-E861-484f-8273-0445EE161910}
URLRedirectionBHO - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL - {B4F3A835-0E21-4959-BA22-42B3008E02FF}
VirtualKeyboardBrowserHelperObject - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll - {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8}
(no name) - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll - {E3D96E85-529D-4269-AC6A-97CF9E2221E3}
SmartSelect - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll - {F4971EE7-DAA0-4053-9964-665D8EE6A077}
 
--------------------------------------------------
 
Enumerating Task Scheduler jobs:
 
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
 
--------------------------------------------------
 
Enumerating Winsock LSP files:
 
NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #2: C:\Windows\system32\napinsp.dll
NameSpace #3: C:\Windows\system32\pnrpnsp.dll
NameSpace #4: C:\Windows\system32\pnrpnsp.dll
NameSpace #7: C:\Windows\system32\wshbth.dll
NameSpace #8: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
 
--------------------------------------------------
 
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
 
Windows NT checkdisk command:
BootExecute = autocheck autochk *
 
Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\Users\Patrick\AppData\Local\Temp\{6833623C-131C-403A-939A-8430366F18D6}.exe
 
 
--------------------------------------------------
 
Enumerating ShellServiceObjectDelayLoad items:
 
WebCheck: *Registry key not found*
 
--------------------------------------------------
End of report, 6 404 bytes
Report generated in 0,000 seconds
 
Command line options:
   /verbose  - to add additional info on each section
   /complete - to include empty sections and unsuspicious data
   /full     - to include several rarely-important sections
   /force9x  - to include Win9x-only startups even if running on WinNT
   /forcent  - to include WinNT-only startups even if running on Win9x
   /forceall - to include all Win9x and WinNT startups, regardless of platform
   /history  - to list version history only
 
 
And the hijackthis log :
 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:25:51, on 17/02/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAC8SWK.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ContentBlockerBrowserHelperObject - {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: VirtualKeyboardBrowserHelperObject - {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Safe Money Plugin - {E3D96E85-529D-4269-AC6A-97CF9E2221E3} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
O4 - HKLM\..\Run: [HDD Regenerator] "C:\Program Files (x86)\HDD Regenerator\Shell.exe" /1
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_133FC10A42EC311A0885C7B36F719938] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O9 - Extra button: Clavier virtuel - {09A10376-994C-4BBF-9121-F50CF7BA237E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Cliquer pour appeler Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Cliquer pour appeler Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Kaspersky Anti-Virus Service 15.0.1 (AVP15.0.1) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Agent EaseUS (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
 
--
End of file - 26375 bytes
 
 
Thank you for your help.

Edited by boopme, 17 February 2015 - 10:25 AM.


BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:22 AM

Posted 21 February 2015 - 10:24 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.

#3 Patfisc

Patfisc
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:22 PM

Posted 21 February 2015 - 12:32 PM

Dear Nasdaq
Thank you for your response.
Please find all the log files as attachments applications that you asked me to execute.
In anticipation of your new instructions,
Yours remeciements.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015
Ran by Patrick (administrator) on DESQTOP-PC on 21-02-2015 18:12:10
Running from G:\Téléchargements
Loaded Profiles: Patrick (Available profiles: Patrick)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAC8SWK.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
() C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe
() C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\wmi64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [406944 2007-09-05] (CANON INC.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] (Qualcomm®Atheros®)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe [2089056 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [HDD Regenerator] => C:\Program Files (x86)\HDD Regenerator\Shell.exe [90336 2013-05-08] ()
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-602654425-3526979067-2857855575-1000\...\Run: [GoogleChromeAutoLaunch_133FC10A42EC311A0885C7B36F719938] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-602654425-3526979067-2857855575-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-602654425-3526979067-2857855575-1000\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [835224 2011-09-01] (Adobe Systems Incorporated)
HKU\S-1-5-21-602654425-3526979067-2857855575-1000\...\Policies\Explorer: [RestrictRun] 0

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 91.121.161.184 188.165.197.144

FireFox:
========
FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\bh93f09s.default
FF DefaultSearchEngine: Startpage (SSL)
FF Homepage: https://startpage.com/fra/?
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\bh93f09s.default\searchplugins\startpage-ssl.xml
FF Extension: DownloadHelper - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\bh93f09s.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-02-05]
FF Extension: CSHelper - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\bh93f09s.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2015-02-05]
FF Extension: enstreaming.com - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\bh93f09s.default\Extensions\jid0-k1U0GTbhnQEGmILMsh58htxtJsI@jetpack.xpi [2015-02-05]
FF Extension: TV-replay - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\bh93f09s.default\Extensions\jid0-lmIsXALI3c9rxMVACyXQltd4m2E@jetpack.xpi [2015-02-05]
FF Extension: Adblock Plus - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\bh93f09s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-02-07]

Chrome:
=======
CHR HomePage: Default -> https://startpage.com/
CHR StartupUrls: Default -> "hxxp://vosteran.com/?f=7&a=vst_ir_15_05&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEyDtDyB0CtBtCyCyCzzyCtN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0A0BzyyCtC0DyBtGyD0D0A0CtGyByB0AyDtG0C0D0F0FtGyDtB0D0EyByD0D0D0E0CtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0EtD0CtBzz0BtBtGtB0AyC0CtGyEtCzzzytGzz0F0E0BtGtB0C0ByB0Czyzz0D0ByE0E0B2Q&cr=1349969253&ir="
CHR DefaultSearchKeyword: Default -> startpage
CHR DefaultSearchURL: Default -> https://startpage.com/do/search?query={searchTerms}&cat=web&pl=chrome&language=francais
CHR DefaultSuggestURL: Default -> https://startpage.com/cgi-bin/csuggest?output=json&pl=chrome&lang=francais&query={searchTerms}
CHR Profile: C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Google Docs) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-05]
CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-05]
CHR Extension: (Google Search) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-05]
CHR Extension: (Kaspersky Protection) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-02-05]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-02-08]
CHR Extension: (Enstreaming - Add-On) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehphnckimbioadppkoaebcipibnfopco [2015-02-05]
CHR Extension: (Google Sheets) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (AdBlock) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-05]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlnambgcbojdeagknjljhiafpjaiacad [2015-02-05]
CHR Extension: (Google Wallet) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-05]
CHR Extension: (Gmail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-05]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-12-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed]
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-05-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BTATH_HID; C:\Windows\System32\DRIVERS\btath_hid.sys [223432 2013-12-24] (Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\System32\drivers\btath_vdp.sys [428488 2013-12-24] (Qualcomm Atheros)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-12-05] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [818888 2014-12-05] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-12-05] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R0 Si3124r5; C:\Windows\System32\DRIVERS\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22832 2011-02-28] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [16936 2010-04-13] (Silicon Image, Inc.)
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-21 18:11 - 2015-02-21 18:12 - 00000000 ___DC () C:\FRST
2015-02-21 18:09 - 2015-02-21 18:09 - 00000000 __RDC () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-02-21 17:51 - 2015-02-21 17:51 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-21 17:51 - 2015-02-21 17:51 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-21 17:51 - 2014-11-21 06:14 - 00063704 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-21 17:51 - 2014-11-21 06:14 - 00025816 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-20 09:32 - 2015-02-20 09:32 - 00001753 ____C () C:\Users\Public\Desktop\iTunes.lnk
2015-02-20 09:32 - 2015-02-20 09:32 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-20 09:32 - 2015-02-20 09:32 - 00000000 ___DC () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-20 09:32 - 2015-02-20 09:32 - 00000000 ___DC () C:\Program Files\iTunes
2015-02-20 09:32 - 2015-02-20 09:32 - 00000000 ___DC () C:\Program Files\iPod
2015-02-20 09:32 - 2015-02-20 09:32 - 00000000 ___DC () C:\Program Files (x86)\iTunes
2015-02-19 10:54 - 2015-02-21 15:30 - 00000000 ___DC () C:\Program Files\Recuva
2015-02-19 10:54 - 2015-02-19 10:54 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2015-02-19 10:43 - 2015-02-20 14:02 - 00000000 ___DC () C:\Program Files (x86)\Runtime Software
2015-02-19 09:44 - 2015-02-19 09:45 - 00000163 ____C () C:\Users\Patrick\Desktop\Comment activer toutes les versions de Windows et d'Office.url
2015-02-18 17:11 - 2015-02-18 17:11 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-18 17:10 - 2015-02-18 17:10 - 00000000 ___DC () C:\Program Files\Microsoft Silverlight
2015-02-18 17:10 - 2015-02-18 17:10 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Silverlight
2015-02-18 17:07 - 2015-02-18 17:07 - 00000000 ___DC () C:\Program Files (x86)\Microsoft ASP.NET
2015-02-18 17:04 - 2015-02-18 17:04 - 00000480 _RSHC () C:\ProgramData\ntuser.pol
2015-02-18 12:49 - 2015-02-20 18:13 - 00000000 ___DC () C:\Program Files (x86)\HDD Regenerator
2015-02-18 12:49 - 2015-02-18 12:49 - 00001975 ____C () C:\Users\Public\Desktop\HDD Regenerator.lnk
2015-02-18 12:49 - 2015-02-18 12:49 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator
2015-02-18 11:40 - 2015-02-18 11:40 - 00000000 ___DC () C:\Users\Patrick\Downloads\HDD Regenerator 2011 Incl Crack [TorDigger]
2015-02-18 11:39 - 2015-02-18 11:39 - 00000795 ____C () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-02-18 11:37 - 2015-02-18 12:10 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\uTorrent
2015-02-17 11:16 - 2015-02-17 11:16 - 00388608 ____C (Trend Micro Inc.) C:\Users\Patrick\Downloads\HijackThis.exe
2015-02-17 11:09 - 2015-02-17 11:09 - 00002985 ____C () C:\Users\Patrick\Desktop\HiJackThis.lnk
2015-02-17 11:09 - 2015-02-17 11:09 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2015-02-17 11:09 - 2015-02-17 11:09 - 00000000 ___DC () C:\Program Files (x86)\Trend Micro
2015-02-15 10:45 - 2015-02-15 10:46 - 00003450 ____C () C:\Users\Patrick\Desktop\Rkill.txt
2015-02-15 10:20 - 2015-02-15 10:20 - 00000627 ____C () C:\Users\Patrick\Desktop\JRT.txt
2015-02-15 10:16 - 2015-02-15 10:16 - 00000000 ___DC () C:\32788R22FWJFW
2015-02-14 19:01 - 2015-02-14 19:01 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 8.6
2015-02-14 19:01 - 2015-02-14 19:01 - 00000000 ___DC () C:\Program Files\EaseUS
2015-02-14 18:57 - 2015-02-14 18:57 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 8.0
2015-02-14 18:56 - 2014-12-15 01:03 - 00024104 ____C (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\fbnative.exe
2015-02-14 18:50 - 2014-12-15 00:59 - 00192040 ____C (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EuFdDisk.sys
2015-02-14 18:50 - 2014-12-15 00:59 - 00060968 ____C (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eubakup.sys
2015-02-14 18:50 - 2014-12-15 00:59 - 00048168 ____C () C:\Windows\system32\Drivers\EUBKMON.sys
2015-02-14 18:50 - 2014-12-15 00:59 - 00018472 ____C (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eudskacs.sys
2015-02-14 18:47 - 2015-02-14 18:48 - 00000000 ___DC () C:\Program Files (x86)\EaseUS
2015-02-14 18:47 - 2015-02-14 18:47 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.2
2015-02-14 18:47 - 2014-11-18 14:46 - 03384928 ____C () C:\Windows\system32\BootMan.exe
2015-02-14 18:47 - 2014-11-18 14:46 - 02502240 ____C () C:\Windows\SysWOW64\BootMan.exe
2015-02-14 18:47 - 2014-11-18 14:46 - 00021088 ____C () C:\Windows\SysWOW64\EuEpmGdi.dll
2015-02-14 18:47 - 2014-11-18 14:46 - 00017504 ____C () C:\Windows\system32\EuEpmGdi.dll
2015-02-14 18:47 - 2014-11-18 14:39 - 00018528 ____C () C:\Windows\system32\epmntdrv.sys
2015-02-14 18:47 - 2014-11-18 14:39 - 00014944 ____C () C:\Windows\SysWOW64\epmntdrv.sys
2015-02-14 18:47 - 2014-11-18 14:39 - 00010848 ____C () C:\Windows\system32\EuGdiDrv.sys
2015-02-14 18:47 - 2014-11-18 14:39 - 00010208 ____C () C:\Windows\SysWOW64\EuGdiDrv.sys
2015-02-14 18:47 - 2014-11-18 14:38 - 00101984 ____C () C:\Windows\system32\setupempdrvx64.exe
2015-02-14 18:47 - 2014-11-18 14:38 - 00088160 ____C () C:\Windows\SysWOW64\setupempdrv03.exe
2015-02-13 22:48 - 2011-07-15 04:39 - 00091648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-02-13 22:41 - 2015-02-21 18:12 - 00000000 ___DC () C:\ProgramData\TEMP
2015-02-13 18:56 - 2015-02-13 18:56 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-02-13 18:56 - 2015-02-12 16:54 - 00921144 ____C (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-02-13 18:56 - 2015-02-12 16:53 - 00128592 ____C (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-02-13 09:36 - 2015-02-13 09:36 - 00001448 ____C () C:\Users\Patrick\Desktop\Windows 10 x32b.lnk
2015-02-13 09:29 - 2015-02-13 09:29 - 00003190 ____C () C:\Windows\System32\Tasks\{282E1D5F-F019-4AE6-8503-3E69A518DD51}
2015-02-12 16:53 - 2015-02-12 16:53 - 00204264 ____C (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2015-02-12 16:53 - 2015-02-12 16:53 - 00156360 ____C (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2015-02-12 16:53 - 2015-02-12 16:53 - 00141440 ____C (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2015-02-12 13:54 - 2015-02-12 13:54 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-02-12 13:53 - 2015-02-12 13:53 - 00001845 ____C () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-02-12 13:53 - 2015-02-12 13:53 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-02-12 13:53 - 2015-02-12 13:53 - 00000000 ___DC () C:\Program Files (x86)\QuickTime
2015-02-11 22:56 - 2015-02-11 22:56 - 01402880 ____C () C:\Users\Patrick\Downloads\HiJackThis.msi
2015-02-11 22:53 - 2015-02-11 22:53 - 04197016 ____C (Kaspersky Lab ZAO) C:\Users\Patrick\Downloads\tdsskiller.exe
2015-02-11 22:53 - 2015-02-11 22:53 - 01943800 ____C (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\rkill.exe
2015-02-11 22:52 - 2015-02-11 22:52 - 02112512 ____C () C:\Users\Patrick\Downloads\AdwCleaner.exe
2015-02-11 22:52 - 2015-02-11 22:52 - 01388274 ____C (Thisisu) C:\Users\Patrick\Downloads\JRT.exe
2015-02-11 22:51 - 2015-02-21 18:09 - 00129752 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-11 22:51 - 2015-02-21 17:51 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2015-02-11 22:51 - 2015-02-17 11:08 - 00000000 ___DC () C:\Users\Patrick\Desktop\mbar
2015-02-11 22:51 - 2015-02-17 11:08 - 00000000 ___DC () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-11 22:51 - 2015-02-11 22:51 - 16466552 ____C (Malwarebytes Corp.) C:\Users\Patrick\Downloads\mbar-1.08.3.1004.exe
2015-02-11 22:51 - 2014-11-21 06:14 - 00093400 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-11 16:11 - 2015-02-20 09:32 - 00000000 ___DC () C:\ProgramData\Apple Computer
2015-02-11 16:11 - 2015-02-16 08:43 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\Apple Computer
2015-02-11 16:11 - 2015-02-15 23:47 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Apple Computer
2015-02-11 16:11 - 2012-10-03 16:14 - 00033240 ____C (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-02-11 16:09 - 2015-02-11 16:09 - 00002519 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-02-11 16:09 - 2015-02-11 16:09 - 00000000 ___DC () C:\Windows\System32\Tasks\Apple
2015-02-11 16:09 - 2015-02-11 16:09 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Apple
2015-02-11 16:09 - 2015-02-11 16:09 - 00000000 ___DC () C:\Program Files\Bonjour
2015-02-11 16:09 - 2015-02-11 16:09 - 00000000 ___DC () C:\Program Files (x86)\Bonjour
2015-02-11 16:09 - 2015-02-11 16:09 - 00000000 ___DC () C:\Program Files (x86)\Apple Software Update
2015-02-11 16:08 - 2015-02-20 09:32 - 00000000 ___DC () C:\Program Files\Common Files\Apple
2015-02-11 16:08 - 2015-02-11 16:09 - 00000000 ___DC () C:\ProgramData\Apple
2015-02-11 15:25 - 2015-02-11 15:26 - 152439600 ____C (Apple Inc.) C:\Users\Patrick\Documents\itunes6464setup.exe
2015-02-11 14:34 - 2015-02-11 14:34 - 00000000 ___DC () C:\Users\Patrick\Documents\NewBlueFX
2015-02-11 14:34 - 2015-02-11 14:34 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\NVIDIA
2015-02-11 13:47 - 2015-02-11 13:48 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 13:47 - 2015-02-11 13:48 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 13:47 - 2015-02-11 13:48 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-11 13:47 - 2015-02-11 13:48 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-11 12:22 - 2015-02-11 12:22 - 00002237 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 10.lnk
2015-02-11 12:22 - 2015-02-11 12:22 - 00001217 ____C () C:\Users\Public\Desktop\Adobe Premiere Elements 10.lnk
2015-02-11 12:21 - 2015-02-11 12:21 - 00000000 ___DC () C:\Windows\SysWOW64\Macromed
2015-02-11 12:21 - 2010-03-19 03:00 - 00055856 ____C (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys
2015-02-11 12:21 - 2009-10-20 03:00 - 00010224 ____C (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2015-02-11 12:21 - 2009-10-20 03:00 - 00010224 ____C (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2015-02-11 12:20 - 2015-02-11 12:20 - 00000000 ___DC () C:\Program Files\Adobe
2015-02-11 12:18 - 2015-02-11 12:28 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 12:18 - 2015-02-11 12:28 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 12:18 - 2015-02-11 12:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 12:18 - 2015-02-11 12:27 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-11 12:18 - 2015-02-11 12:27 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-11 12:18 - 2015-02-11 12:27 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-11 12:18 - 2015-02-11 12:27 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 12:17 - 2015-02-11 12:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 12:17 - 2015-02-11 12:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 12:17 - 2015-02-11 12:27 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 12:17 - 2015-02-11 12:27 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 12:17 - 2015-02-11 12:27 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 12:17 - 2015-02-11 12:27 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 12:17 - 2015-02-11 12:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 12:17 - 2015-02-11 12:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 12:17 - 2015-02-11 12:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 12:17 - 2015-02-11 12:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 12:16 - 2015-02-11 12:27 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 12:16 - 2015-02-11 12:27 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 12:16 - 2015-02-11 12:27 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 12:16 - 2015-02-11 12:27 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 12:16 - 2015-02-11 12:27 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 12:16 - 2015-02-11 12:27 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 12:15 - 2015-02-11 12:27 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 12:15 - 2015-02-11 12:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 12:15 - 2015-02-11 12:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 12:15 - 2015-02-11 12:27 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 12:15 - 2015-02-11 12:27 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 12:15 - 2015-02-11 12:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 12:15 - 2015-02-11 12:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 12:15 - 2015-02-11 12:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 12:15 - 2015-02-11 12:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 12:15 - 2015-02-11 12:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 12:15 - 2015-02-11 12:27 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 12:15 - 2015-02-11 12:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 12:15 - 2015-02-11 12:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 12:15 - 2015-02-11 12:27 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 12:15 - 2015-02-11 12:25 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 12:15 - 2015-02-11 12:25 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 12:15 - 2015-02-11 12:25 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 12:15 - 2015-02-11 12:25 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 12:15 - 2015-02-11 12:25 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 12:15 - 2015-02-11 12:25 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 12:15 - 2015-02-11 12:25 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 12:15 - 2015-02-11 12:25 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 12:15 - 2015-02-11 12:25 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 12:15 - 2015-02-11 12:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 12:15 - 2015-02-11 12:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 12:15 - 2015-02-11 12:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 12:15 - 2015-02-11 12:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 12:15 - 2015-02-11 12:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 12:15 - 2015-01-14 07:09 - 05554112 ____C (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 12:15 - 2015-01-14 06:44 - 03972544 ____C (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 12:15 - 2015-01-14 06:44 - 03917760 ____C (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 12:14 - 2015-02-11 12:19 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 12:14 - 2015-02-11 12:14 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\No Company Name
2015-02-11 12:10 - 2015-02-11 12:10 - 00003886 ____C () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-02-11 12:10 - 2015-02-11 12:10 - 00000000 ___DC () C:\Users\Patrick\Documents\Adobe
2015-02-10 19:14 - 2015-02-10 19:14 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartSound
2015-02-10 19:13 - 2015-02-10 19:14 - 00000000 ___DC () C:\ProgramData\SmartSound Software Inc
2015-02-10 19:13 - 2015-02-10 19:14 - 00000000 ___DC () C:\Program Files (x86)\SmartSound Software
2015-02-10 19:11 - 2015-02-10 19:11 - 00000997 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-02-10 19:11 - 2015-02-10 19:11 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\Macromedia
2015-02-10 19:11 - 2015-02-10 19:11 - 00000000 ___DC () C:\Users\Default\AppData\Roaming\Macromedia
2015-02-10 19:11 - 2015-02-10 19:11 - 00000000 ___DC () C:\Users\Default User\AppData\Roaming\Macromedia
2015-02-10 19:05 - 2015-02-11 12:26 - 00000000 ___DC () C:\Program Files\Common Files\Adobe
2015-02-08 18:12 - 2015-02-08 18:12 - 00000000 ___DC () C:\Users\Patrick\Documents\Fax
2015-02-08 15:33 - 2015-02-08 15:33 - 00000000 ___HC () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-02-07 18:48 - 2015-02-07 18:49 - 00000349 ____C () C:\Users\Public\Documents\PCLECHAL.INI
2015-02-07 18:23 - 2015-02-13 11:04 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Downloaded Installations
2015-02-07 18:23 - 2015-02-07 18:48 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Pinnacle
2015-02-07 18:23 - 2015-02-07 18:23 - 00000000 ___DC () C:\ProgramData\Pinnacle
2015-02-07 18:23 - 2015-02-07 18:23 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 18
2015-02-07 18:23 - 2015-02-07 18:23 - 00000000 ___DC () C:\Program Files\Pinnacle
2015-02-07 18:21 - 2015-02-07 18:45 - 00000000 ___DC () C:\Users\Patrick\Desktop\PinnacleStudioSetup
2015-02-07 17:15 - 2015-02-07 17:16 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\IcoFX
2015-02-07 17:15 - 2015-02-07 17:15 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IcoFX 1.6
2015-02-07 17:15 - 2015-02-07 17:15 - 00000000 ___DC () C:\Program Files (x86)\IcoFX 1.6
2015-02-07 15:14 - 2011-02-28 02:41 - 00022832 ____C (Silicon Image, Inc.) C:\Windows\system32\Drivers\SiWinAcc.sys
2015-02-07 14:25 - 2015-02-11 14:34 - 00000000 ___DC () C:\ProgramData\regid.1986-12.com.adobe
2015-02-07 14:25 - 2015-02-11 12:12 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Adobe
2015-02-07 14:24 - 2015-02-07 14:28 - 00002453 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-02-07 14:24 - 2015-02-07 14:28 - 00002210 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-02-07 14:24 - 2015-02-07 14:28 - 00002049 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-02-07 14:24 - 2015-02-07 14:24 - 00002140 ____C () C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2015-02-07 14:24 - 2015-02-07 14:24 - 00002026 ____C () C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2015-02-07 14:22 - 2015-02-11 14:34 - 00000000 ___DC () C:\ProgramData\Adobe
2015-02-07 14:22 - 2015-02-11 13:40 - 00000000 ___DC () C:\Program Files (x86)\Adobe
2015-02-07 10:50 - 2015-02-15 10:18 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\CrashDumps
2015-02-06 20:03 - 2015-02-06 20:07 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Microsoft Games
2015-02-06 19:09 - 2015-02-06 19:09 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\BMExplorer
2015-02-06 19:09 - 2015-02-06 19:09 - 00000000 ___DC () C:\ProgramData\Atheros
2015-02-06 19:08 - 2015-02-06 19:08 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\Atheros
2015-02-06 19:02 - 2015-02-06 19:02 - 00000000 ___DC () C:\Windows\Intel Chipset ver9301019
2015-02-06 19:02 - 2011-02-25 07:25 - 00296320 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-02-06 18:56 - 2015-02-06 18:56 - 00000000 ___DC () C:\ProgramData\Package Cache
2015-02-06 18:33 - 2015-02-06 18:33 - 00000000 ___HC () C:\Windows\system32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf
2015-02-06 18:28 - 2015-02-18 13:27 - 00000000 ___DC () C:\Users\Patrick\Documents\Bluetooth Folder
2015-02-06 18:28 - 2015-02-06 19:13 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2015-02-06 18:28 - 2015-02-06 19:13 - 00000000 ___DC () C:\Program Files (x86)\Bluetooth Suite
2015-02-06 18:28 - 2015-02-06 18:28 - 00000000 ___DC () C:\Program Files\Common Files\QCA_Bluetooth
2015-02-06 17:43 - 2015-02-21 18:10 - 00005072 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Desqtop-PC-Patrick Desqtop-PC
2015-02-06 17:38 - 2015-02-07 14:21 - 00000000 ___DC () C:\Users\Patrick\Desktop\Adobe Acrobat XI
2015-02-06 17:34 - 2015-02-21 17:38 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\vlc
2015-02-06 17:30 - 2015-02-06 17:30 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-02-06 17:30 - 2015-02-06 17:30 - 00000000 ___DC () C:\Program Files (x86)\VideoLAN
2015-02-06 17:17 - 2015-02-06 17:17 - 00001159 ____C () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-02-06 17:17 - 2015-02-06 17:17 - 00001105 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-02-06 17:17 - 2015-02-06 17:17 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\Canneverbe Limited
2015-02-06 17:17 - 2015-02-06 17:17 - 00000000 ___DC () C:\ProgramData\Canneverbe Limited
2015-02-06 17:17 - 2015-02-06 17:17 - 00000000 ___DC () C:\Program Files (x86)\CDBurnerXP
2015-02-06 17:05 - 2015-02-06 17:05 - 00000000 ___DC () C:\Windows\system32\appmgmt
2015-02-06 17:05 - 2015-02-06 17:05 - 00000000 ___DC () C:\Program Files\Oracle
2015-02-06 17:04 - 2015-02-21 10:35 - 00000000 ___DC () C:\Users\Patrick\.VirtualBox
2015-02-06 14:34 - 2015-02-21 18:09 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\Skype
2015-02-06 14:34 - 2015-02-06 17:13 - 00002697 ____C () C:\Users\Public\Desktop\Skype.lnk
2015-02-06 14:34 - 2015-02-06 17:13 - 00000000 ___DC () C:\ProgramData\Skype
2015-02-06 14:34 - 2015-02-06 17:13 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-06 14:34 - 2015-02-06 14:34 - 00000000 __RDC () C:\Program Files (x86)\Skype
2015-02-06 14:34 - 2015-02-06 14:34 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Skype
2015-02-06 14:31 - 2015-02-06 14:31 - 00003134 _____ () C:\Windows\System32\Tasks\{FB94C7AD-2A68-4DE1-842F-D03369B5E2B6}
2015-02-06 09:26 - 2015-02-06 09:26 - 00001205 ____C () C:\Users\Patrick\Desktop\cmd.lnk
2015-02-06 09:20 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-02-06 09:20 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-02-06 09:19 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-06 09:19 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-06 09:19 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-06 09:19 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-02-06 09:19 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-02-06 09:19 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-02-06 09:19 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-02-06 09:19 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-02-06 09:19 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-02-06 09:19 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-02-06 09:19 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-02-06 09:19 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-02-06 09:19 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-02-06 09:19 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-02-06 09:19 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-02-06 09:19 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-06 09:19 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-06 09:19 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-02-06 09:19 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-02-06 09:19 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-02-06 09:19 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-02-06 09:19 - 2012-07-06 21:07 - 00552960 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-02-06 09:19 - 2012-02-11 07:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-02-06 09:19 - 2012-02-11 07:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-02-06 09:19 - 2011-04-28 04:54 - 00080384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-02-06 09:19 - 2011-03-11 07:41 - 00410496 ____C (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-02-06 09:19 - 2011-03-11 07:41 - 00166272 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-02-06 09:19 - 2011-03-11 07:41 - 00148352 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-02-06 09:19 - 2011-03-11 07:41 - 00107904 ____C (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-02-06 09:19 - 2011-03-11 07:41 - 00027008 ____C (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-02-06 09:19 - 2011-03-11 07:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-02-06 09:19 - 2011-03-11 07:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-02-06 09:19 - 2011-03-11 06:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-02-06 09:19 - 2011-03-11 06:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2015-02-06 09:19 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-02-06 09:19 - 2011-02-25 06:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-02-06 09:18 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-02-06 09:18 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-02-05 20:42 - 2015-02-05 20:42 - 00262144 _____ () C:\Windows\system32\config\elam
2015-02-05 20:40 - 2015-02-05 20:42 - 00000000 ___DC () C:\Windows\AutoKMS
2015-02-05 20:40 - 2015-02-05 20:40 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Microsoft Toolkit
2015-02-05 19:36 - 2015-02-18 17:17 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-05 19:36 - 2015-02-05 19:36 - 00000000 ___DC () C:\Windows\PCHEALTH
2015-02-05 19:36 - 2015-02-05 19:36 - 00000000 ___DC () C:\Program Files\Microsoft SQL Server
2015-02-05 19:36 - 2015-02-05 19:36 - 00000000 ___DC () C:\Program Files\Common Files\DESIGNER
2015-02-05 19:36 - 2015-02-05 19:36 - 00000000 ___DC () C:\Program Files (x86)\Microsoft SQL Server
2015-02-05 19:36 - 2015-02-05 19:36 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-02-05 19:33 - 2015-02-18 17:17 - 00000000 ___DC () C:\ProgramData\Microsoft Help
2015-02-05 19:33 - 2015-02-05 19:36 - 00000000 ___DC () C:\Program Files\Microsoft Office
2015-02-05 19:33 - 2015-02-05 19:33 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Microsoft Help
2015-02-05 19:33 - 2015-02-05 19:33 - 00000000 ___DC () C:\Program Files\Microsoft Analysis Services
2015-02-05 19:33 - 2015-02-05 19:33 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Office
2015-02-05 19:33 - 2015-02-05 19:33 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Analysis Services
2015-02-05 18:48 - 2015-02-05 18:48 - 00000000 ___DC () C:\Program Files\Canon
2015-02-05 18:48 - 2008-09-29 15:00 - 00566784 _____ (CANON INC.) C:\Windows\system32\CNAC8EMD.DLL
2015-02-05 18:48 - 2008-09-25 15:00 - 00309248 _____ (CANON INC.) C:\Windows\system32\CNAP2LMD.DLL
2015-02-05 18:48 - 2007-12-17 22:41 - 01257472 ____C (CANON INC.) C:\Windows\system32\CNAP1NSD.DLL
2015-02-05 18:44 - 2015-02-05 18:44 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\WinRAR
2015-02-05 18:43 - 2015-02-05 20:47 - 00000000 ____D () C:\Windows\System32\Tasks\Update
2015-02-05 18:43 - 2015-02-05 18:43 - 00000981 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2015-02-05 18:43 - 2015-02-05 18:43 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-05 18:43 - 2015-02-05 18:43 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-05 18:42 - 2015-02-05 18:43 - 00000000 ___DC () C:\Program Files\WinRAR
2015-02-05 17:56 - 2015-02-05 17:56 - 00000172 ____C () C:\Windows\msdlibmodule22app.dat
2015-02-05 17:13 - 2015-02-05 19:36 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2015-02-05 17:13 - 2015-02-05 17:13 - 00001159 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-05 17:13 - 2015-02-05 17:13 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\Mozilla
2015-02-05 17:13 - 2015-02-05 17:13 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Mozilla
2015-02-05 17:13 - 2015-02-05 17:13 - 00000000 ___DC () C:\ProgramData\Mozilla
2015-02-05 17:13 - 2015-02-05 17:13 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-05 16:56 - 2015-02-05 16:56 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-05 16:55 - 2015-02-21 18:09 - 00001066 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-05 16:55 - 2015-02-21 18:06 - 00001070 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-05 16:55 - 2015-02-05 17:01 - 00004066 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 16:55 - 2015-02-05 17:01 - 00003814 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 16:55 - 2015-02-05 16:56 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Google
2015-02-05 16:55 - 2015-02-05 16:55 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Deployment
2015-02-05 16:55 - 2015-02-05 16:55 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\Apps\2.0
2015-02-05 16:55 - 2015-02-05 16:55 - 00000000 ___DC () C:\Program Files (x86)\Google
2015-02-05 16:41 - 2015-02-18 19:42 - 00112992 ____C () C:\Users\Patrick\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-05 16:41 - 2015-02-05 16:41 - 00002330 ____C () C:\Users\Patrick\Desktop\Protection bancaire.lnk
2015-02-05 16:38 - 2015-02-21 18:08 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-05 16:38 - 2015-02-05 16:38 - 00002138 ____C () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-02-05 16:38 - 2015-02-05 16:38 - 00000000 ___DC () C:\Windows\ELAMBKUP
2015-02-05 16:38 - 2015-02-05 16:38 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-02-05 16:38 - 2015-02-05 16:38 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-02-05 16:38 - 2014-12-05 00:10 - 00818888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-02-05 16:38 - 2014-12-05 00:10 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-02-05 16:38 - 2014-08-12 17:33 - 00246456 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-02-05 16:38 - 2013-05-06 08:13 - 00110176 ____C (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-02-05 16:22 - 2015-02-05 16:22 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\NVIDIA Corporation
2015-02-05 16:21 - 2014-12-13 01:11 - 02824504 ____C (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-02-05 16:21 - 2014-12-13 01:11 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-02-05 16:21 - 2014-12-13 01:11 - 01715224 ____C (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-02-05 16:21 - 2014-12-13 01:11 - 01291464 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-02-05 16:21 - 2010-05-26 11:41 - 02401112 ____C (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-02-05 16:21 - 2010-05-26 11:41 - 01998168 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-02-05 16:21 - 2010-05-26 11:41 - 00511328 ____C (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-02-05 16:21 - 2010-05-26 11:41 - 00470880 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-02-05 16:21 - 2010-05-26 11:41 - 00276832 ____C (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-02-05 16:21 - 2010-05-26 11:41 - 00248672 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-02-05 16:20 - 2015-02-05 16:21 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-05 16:20 - 2015-02-05 16:20 - 00000000 ___DC () C:\Program Files (x86)\AGEIA Technologies
2015-02-05 16:20 - 2015-01-09 23:27 - 00621200 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-05 16:19 - 2015-02-06 09:23 - 01641696 ____C () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-05 16:17 - 2015-01-13 05:15 - 00195728 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-02-05 16:17 - 2015-01-13 05:15 - 00030536 ____C (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 32102544 ____C (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 25459856 ____C (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 24765584 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 20465296 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 18566296 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 17250776 ____C (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 13295552 ____C (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 13210248 ____C (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 10774544 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 10714488 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 10274448 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-05 16:17 - 2015-01-10 09:07 - 03607184 ____C (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 03298816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 03245712 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 02902456 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 01895240 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 01556808 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 00994712 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 00969360 ____C (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 00942736 ____C (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 00929424 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 00906384 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 00877488 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 00353040 ____C (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 00305320 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 00177624 ____C (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-05 16:17 - 2015-01-10 09:07 - 00164568 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-05 16:17 - 2014-11-22 11:46 - 00038032 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-02-05 16:17 - 2014-11-22 11:46 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-02-05 16:17 - 2014-11-22 11:46 - 00032400 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-02-05 16:08 - 2015-02-05 16:08 - 00000000 _SHDC () C:\Users\Patrick\AppData\Local\EmieUserList
2015-02-05 16:08 - 2015-02-05 16:08 - 00000000 _SHDC () C:\Users\Patrick\AppData\Local\EmieSiteList
2015-02-05 16:08 - 2015-02-05 16:08 - 00000000 _SHDC () C:\Users\Patrick\AppData\Local\EmieBrowserModeList
2015-02-05 16:06 - 2015-02-12 16:59 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\Adobe
2015-02-05 16:06 - 2015-02-05 16:22 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\NVIDIA
2015-02-05 15:52 - 2015-02-11 12:28 - 00000000 __SDC () C:\Windows\system32\CompatTel
2015-02-05 15:52 - 2015-02-11 12:28 - 00000000 ___DC () C:\Windows\system32\appraiser
2015-02-05 15:46 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-02-05 15:46 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-02-05 15:46 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-02-05 15:46 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-02-05 15:38 - 2013-10-14 18:00 - 00028368 ____C (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-02-05 15:34 - 2015-02-05 15:34 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-02-05 15:34 - 2015-02-05 15:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-02-05 15:34 - 2015-02-05 15:34 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-05 15:34 - 2015-02-05 15:34 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-02-05 15:34 - 2015-02-05 15:34 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-02-05 15:34 - 2015-02-05 15:34 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-02-05 15:34 - 2015-02-05 15:34 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-02-05 15:34 - 2015-02-05 15:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-02-05 15:34 - 2015-02-05 15:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-02-05 15:34 - 2015-02-05 15:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-02-05 15:34 - 2015-02-05 15:34 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-02-05 15:34 - 2015-02-05 15:34 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-02-05 15:34 - 2015-02-05 15:34 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-02-05 15:34 - 2015-02-05 15:34 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-02-05 15:34 - 2015-02-05 15:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-02-05 15:34 - 2015-02-05 15:34 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-02-05 15:34 - 2015-02-05 15:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-02-05 15:34 - 2015-02-05 15:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-02-05 15:34 - 2015-02-05 15:34 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-02-05 15:31 - 2015-02-05 15:38 - 00015343 ____C () C:\Windows\IE11_main.log
2015-02-05 15:30 - 2015-02-21 18:08 - 00000000 ___DC () C:\ProgramData\NVIDIA
2015-02-05 15:29 - 2015-02-05 16:22 - 00000000 ___DC () C:\ProgramData\NVIDIA Corporation
2015-02-05 15:29 - 2015-02-05 16:21 - 00000000 ___DC () C:\Program Files\NVIDIA Corporation
2015-02-05 15:29 - 2015-02-05 16:21 - 00000000 ___DC () C:\Program Files (x86)\NVIDIA Corporation
2015-02-05 15:29 - 2015-01-10 09:07 - 00073872 ____C (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-02-05 15:29 - 2015-01-10 09:07 - 00060744 ____C (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-02-05 15:29 - 2015-01-10 00:30 - 06860432 ____C (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-05 15:29 - 2015-01-10 00:30 - 03517256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-05 15:29 - 2015-01-10 00:29 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-05 15:29 - 2015-01-10 00:29 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-05 15:29 - 2015-01-10 00:29 - 00385352 ____C (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-05 15:29 - 2015-01-10 00:29 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-05 15:29 - 2015-01-09 20:47 - 04173527 ____C () C:\Windows\system32\nvcoproc.bin
2015-02-05 15:24 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-02-05 15:24 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-05 15:24 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-05 15:24 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-02-05 15:24 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-02-05 15:24 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-02-05 15:24 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-05 15:24 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-02-05 15:24 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-02-05 15:24 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-02-05 15:24 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-02-05 15:24 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-02-05 15:24 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-02-05 15:24 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-02-05 15:24 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-02-05 15:09 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-02-05 15:09 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-02-05 15:09 - 2012-08-23 15:08 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-02-05 15:09 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-02-05 15:09 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-02-05 15:07 - 2015-02-05 15:47 - 00009014 ____C () C:\Windows\system32\lvcoinst.log
2015-02-05 15:07 - 2015-02-05 15:47 - 00000000 ___DC () C:\Program Files\Common Files\logishrd
2015-02-05 15:07 - 2015-02-05 15:07 - 00000000 ___DC () C:\Program Files\LSI SoftModem
2015-02-05 15:05 - 2015-02-05 15:05 - 00000000 __HDC () C:\Windows\system32\CanonIJ Uninstaller Information
2015-02-05 15:05 - 2015-02-05 15:05 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210
2015-02-05 15:05 - 2010-12-17 14:47 - 00515584 _____ (CANON INC.) C:\Windows\system32\CNQ4809L.dll
2015-02-05 15:05 - 2010-12-17 14:47 - 00438272 ____C (CANON INC.) C:\Windows\SysWOW64\CNQ4809L.dll
2015-02-05 15:05 - 2010-03-19 13:55 - 00393256 ____C () C:\Windows\SysWOW64\CNQ4809N.DAT
2015-02-05 15:05 - 2010-03-19 13:55 - 00393256 ____C () C:\Windows\system32\CNQ4809N.DAT
2015-02-05 15:05 - 2010-03-18 17:13 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNQ4809C.dll
2015-02-05 15:05 - 2010-03-18 17:13 - 00112128 ____C (CANON INC.) C:\Windows\system32\CNQ4809I.dll
2015-02-05 15:05 - 2010-03-18 17:11 - 00106496 ____C (CANON INC.) C:\Windows\SysWOW64\CNQ4809U.dll
2015-02-05 15:05 - 2008-08-25 18:02 - 00017920 ____C (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2015-02-05 15:05 - 2008-08-25 18:02 - 00015872 ____C (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2015-02-05 14:57 - 2013-01-13 22:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 22:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 22:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-02-05 14:57 - 2013-01-13 22:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-02-05 14:57 - 2013-01-13 22:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 21:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 21:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 21:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 21:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-02-05 14:57 - 2013-01-13 21:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-02-05 14:57 - 2013-01-13 21:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-02-05 14:57 - 2013-01-13 21:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 21:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 21:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 21:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-02-05 14:57 - 2013-01-13 21:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-02-05 14:57 - 2013-01-13 21:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-02-05 14:57 - 2013-01-13 21:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-02-05 14:57 - 2013-01-13 20:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-02-05 14:57 - 2013-01-13 20:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-02-05 14:57 - 2013-01-13 20:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-02-05 14:57 - 2013-01-13 20:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-02-05 14:57 - 2013-01-13 20:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-02-05 14:57 - 2013-01-13 20:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-02-05 14:57 - 2013-01-13 20:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-02-05 14:57 - 2013-01-13 20:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-02-05 14:57 - 2013-01-13 20:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-02-05 14:57 - 2013-01-13 20:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-02-05 14:57 - 2013-01-13 20:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-02-05 14:57 - 2013-01-13 20:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-02-05 14:57 - 2013-01-13 20:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-02-05 14:57 - 2013-01-13 20:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-02-05 14:57 - 2013-01-13 20:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-02-05 14:57 - 2013-01-13 19:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-02-05 14:57 - 2013-01-13 19:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-02-05 14:57 - 2013-01-13 18:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-02-05 14:57 - 2013-01-13 18:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-02-05 14:55 - 2015-02-11 12:25 - 00000000 ___DC () C:\Windows\system32\MRT
2015-02-05 14:55 - 2015-02-11 12:19 - 116773704 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-05 14:54 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-02-05 14:54 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-02-05 14:54 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-02-05 14:54 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-02-05 14:54 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-02-05 14:54 - 2011-03-03 07:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-02-05 14:54 - 2011-03-03 07:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-02-05 14:54 - 2011-03-03 07:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-02-05 14:54 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-02-05 14:54 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2015-02-05 14:54 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-02-05 14:53 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-05 14:53 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-02-05 14:53 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-02-05 14:53 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-02-05 14:53 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-02-05 14:53 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-02-05 14:53 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-02-05 14:53 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-02-05 14:53 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-02-05 14:53 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-02-05 14:53 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-02-05 14:53 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-02-05 14:53 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-02-05 14:53 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-02-05 14:53 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-02-05 14:53 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-02-05 14:53 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-02-05 14:53 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-02-05 14:53 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-02-05 14:53 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-02-05 14:53 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-02-05 14:53 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-02-05 14:53 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-02-05 14:53 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-02-05 14:53 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-02-05 14:53 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-02-05 14:53 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-02-05 14:53 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-02-05 14:53 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-02-05 14:53 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-02-05 14:53 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-02-05 14:53 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-02-05 14:53 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-02-05 14:53 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-02-05 14:53 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-02-05 14:53 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-02-05 14:53 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-02-05 14:53 - 2012-11-28 23:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-02-05 14:53 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-02-05 14:53 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-02-05 14:53 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-02-05 14:53 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-02-05 14:53 - 2012-01-04 11:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-02-05 14:53 - 2012-01-04 09:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-02-05 14:53 - 2011-11-17 07:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-02-05 14:53 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2015-02-05 14:53 - 2011-07-09 03:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-02-05 14:53 - 2011-05-04 06:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-02-05 14:53 - 2011-05-04 06:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-02-05 14:53 - 2011-05-04 06:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-02-05 14:53 - 2011-05-04 06:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-02-05 14:53 - 2011-05-04 06:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-02-05 14:53 - 2011-05-04 06:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-02-05 14:53 - 2011-05-04 06:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-02-05 14:53 - 2011-05-04 06:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-02-05 14:53 - 2011-05-04 06:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-02-05 14:53 - 2011-05-04 05:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-02-05 14:53 - 2011-05-04 05:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-02-05 14:53 - 2011-05-04 05:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-02-05 14:53 - 2011-05-04 05:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-02-05 14:53 - 2011-05-04 05:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-02-05 14:53 - 2011-05-04 05:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-02-05 14:53 - 2011-05-04 05:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-02-05 14:53 - 2011-05-04 05:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-02-05 14:53 - 2011-05-04 05:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-02-05 14:53 - 2011-04-27 03:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-02-05 14:53 - 2011-04-27 03:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-02-05 14:52 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-02-05 14:52 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-02-05 14:52 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-02-05 14:52 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-02-05 14:52 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-02-05 14:52 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-02-05 14:52 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-02-05 14:52 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-02-05 14:52 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-02-05 14:52 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-02-05 14:52 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-02-05 14:52 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-02-05 14:52 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-02-05 14:52 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-02-05 14:52 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-02-05 14:52 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-02-05 14:52 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-02-05 14:52 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-02-05 14:52 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-02-05 14:52 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-02-05 14:52 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-02-05 14:52 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-02-05 14:52 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-02-05 14:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-02-05 14:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-02-05 14:52 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-02-05 14:52 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-02-05 14:52 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-02-05 14:52 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-02-05 14:52 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-02-05 14:52 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-02-05 14:52 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-02-05 14:52 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-02-05 14:52 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-02-05 14:52 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-02-05 14:52 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-02-05 14:52 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-02-05 14:52 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-02-05 14:52 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-02-05 14:52 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-02-05 14:52 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-02-05 14:52 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-02-05 14:52 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-02-05 14:52 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-02-05 14:52 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-02-05 14:52 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-02-05 14:52 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-02-05 14:52 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-02-05 14:52 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-02-05 14:52 - 2011-03-11 07:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-02-05 14:52 - 2011-03-11 07:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-02-05 14:52 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-02-05 14:52 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-02-05 14:52 - 2010-12-23 11:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-02-05 14:52 - 2010-12-23 11:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-02-05 14:52 - 2010-12-23 11:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-02-05 14:52 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2015-02-05 14:52 - 2010-12-23 06:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2015-02-05 14:52 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2015-02-05 14:51 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-05 14:51 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-05 14:51 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-02-05 14:51 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-02-05 14:51 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-02-05 14:51 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-02-05 14:51 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-02-05 14:51 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-02-05 14:51 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-02-05 14:51 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-02-05 14:51 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-02-05 14:51 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-02-05 14:51 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-02-05 14:51 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-02-05 14:51 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-02-05 14:51 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-02-05 14:51 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-02-05 14:51 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-02-05 14:51 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-02-05 14:51 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-02-05 14:51 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-02-05 14:51 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-02-05 14:51 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-02-05 14:51 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-02-05 14:51 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-02-05 14:51 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-02-05 14:51 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-02-05 14:51 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-05 14:51 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-02-05 14:51 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-02-05 14:51 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-05 14:51 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-02-05 14:51 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-02-05 14:51 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-02-05 14:51 - 2013-07-12 11:41 - 00100864 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-02-05 14:51 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2015-02-05 14:51 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-02-05 14:51 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-02-05 14:51 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-02-05 14:51 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-02-05 14:51 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-02-05 14:51 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-02-05 14:51 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-02-05 14:51 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-02-05 14:51 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-02-05 14:51 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-02-05 14:51 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-02-05 14:51 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-02-05 14:51 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-02-05 14:51 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-02-05 14:51 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-02-05 14:51 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-02-05 14:51 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-02-05 14:51 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-02-05 14:51 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-02-05 14:51 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-02-05 14:51 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-02-05 14:51 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-02-05 14:51 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-02-05 14:51 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-02-05 14:51 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-02-05 14:51 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-02-05 14:51 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-02-05 14:51 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-02-05 14:51 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-02-05 14:51 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-02-05 14:51 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-02-05 14:51 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-02-05 14:51 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-02-05 14:51 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-02-05 14:51 - 2012-04-26 06:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-02-05 14:51 - 2012-04-26 06:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-02-05 14:51 - 2011-12-30 07:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-02-05 14:51 - 2011-12-30 06:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-02-05 14:51 - 2011-10-26 06:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-02-05 14:51 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-02-05 14:51 - 2011-06-16 06:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-02-05 14:51 - 2011-06-16 05:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-02-05 14:51 - 2011-06-15 11:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-02-05 14:51 - 2011-06-15 11:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-02-05 14:51 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-02-05 14:51 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-02-05 14:51 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2015-02-05 14:51 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2015-02-05 14:51 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2015-02-05 14:51 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2015-02-05 14:51 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2015-02-05 14:50 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-02-05 14:50 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-02-05 14:50 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-05 14:50 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-05 14:50 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-05 14:50 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-05 14:50 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-02-05 14:50 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-05 14:50 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-05 14:50 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-05 14:50 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-05 14:50 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-02-05 14:50 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-02-05 14:50 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-02-05 14:50 - 2013-07-03 05:40 - 00042496 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2015-02-05 14:50 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-02-05 14:50 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-02-05 14:50 - 2011-08-17 06:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-02-05 14:50 - 2011-08-17 06:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-02-05 14:50 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2015-02-05 14:50 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2015-02-05 14:49 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-02-05 14:49 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-02-05 14:49 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-02-05 14:49 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-02-05 14:49 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-02-05 14:49 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-02-05 14:49 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-02-05 14:49 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-02-05 14:49 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-02-05 14:49 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-02-05 14:49 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-02-05 14:49 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-02-05 14:49 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-02-05 14:49 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-02-05 14:49 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-02-05 14:49 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-02-05 14:49 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-02-05 14:49 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-02-05 14:49 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-02-05 14:49 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-02-05 14:49 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-02-05 14:49 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-02-05 14:49 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-02-05 14:49 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-02-05 14:49 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-02-05 14:49 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-02-05 14:49 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-02-05 14:49 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2015-02-05 14:49 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-02-05 14:49 - 2012-03-17 08:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-02-05 14:49 - 2011-02-05 18:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-02-05 14:49 - 2011-02-05 18:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2015-02-05 14:49 - 2011-02-05 18:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-02-05 14:49 - 2011-02-05 18:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2015-02-05 14:49 - 2011-02-05 18:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-02-05 14:49 - 2011-02-05 18:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-02-05 14:49 - 2011-02-05 18:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-02-05 14:48 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-02-05 14:48 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-02-05 14:48 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-02-05 14:48 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-02-05 14:48 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-02-05 14:48 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-02-05 14:48 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-02-05 14:48 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-02-05 14:47 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-02-05 14:47 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-02-05 14:47 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-02-05 14:47 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-02-05 14:47 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-02-05 14:47 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-02-05 14:47 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-02-05 14:47 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-02-05 14:47 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-02-05 14:47 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-02-05 14:47 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-02-05 14:47 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-02-05 14:47 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-02-05 14:47 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-02-05 14:47 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-05 14:47 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-05 14:47 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-02-05 14:47 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-02-05 14:47 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-02-05 14:47 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-02-05 14:47 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-02-05 14:47 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-02-05 14:47 - 2011-05-24 12:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-02-05 14:47 - 2011-05-24 11:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2015-02-05 14:47 - 2011-05-24 11:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2015-02-05 14:47 - 2011-05-24 11:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2015-02-05 14:47 - 2011-05-24 11:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-02-05 14:47 - 2011-04-29 04:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-02-05 14:47 - 2011-04-29 04:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-02-05 14:47 - 2011-04-29 04:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-02-05 14:47 - 2011-02-18 11:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-02-05 14:47 - 2011-02-18 06:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-02-05 14:46 - 2015-02-05 14:46 - 00000000 ___DC () C:\Program Files\Microsoft Games
2015-02-05 14:45 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-02-05 14:45 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-02-05 14:45 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-02-05 14:45 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-02-05 14:45 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-02-05 14:45 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-02-05 14:45 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-02-05 14:45 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-02-05 14:45 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-02-05 14:45 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-02-05 14:45 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-02-05 14:45 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-02-05 14:45 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-02-05 14:45 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-02-05 14:45 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-02-05 14:45 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-02-05 14:45 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-02-05 14:45 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-02-05 14:45 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-02-05 14:45 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-02-05 14:45 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-02-05 14:45 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-02-05 14:45 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-02-05 14:45 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-02-05 14:45 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-02-05 14:45 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-02-05 14:45 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-02-05 14:45 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-02-05 14:45 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-02-05 14:45 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-02-05 14:45 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-02-05 14:45 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-02-05 14:45 - 2012-07-04 23:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-02-05 14:45 - 2012-07-04 23:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-02-05 14:45 - 2012-07-04 23:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-02-05 14:45 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2015-02-05 14:45 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2015-02-05 14:45 - 2012-06-06 07:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-02-05 14:45 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-02-05 14:45 - 2012-05-14 06:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-02-05 14:45 - 2011-12-16 09:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-02-05 14:45 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2015-02-05 14:45 - 2011-10-15 07:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-02-05 14:45 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2015-02-05 14:45 - 2011-08-27 06:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-02-05 14:45 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2015-02-05 14:45 - 2011-05-03 06:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-05 14:45 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-05 14:45 - 2011-02-23 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-02-05 14:45 - 2011-02-12 12:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-02-05 14:39 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-02-05 14:39 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-02-05 14:39 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-02-05 14:39 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-02-05 14:39 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-02-05 14:39 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-02-05 14:39 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-02-05 14:39 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-02-05 14:39 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-02-05 14:39 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-02-05 14:39 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-02-05 14:39 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-02-05 14:39 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-02-05 14:39 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-02-05 14:39 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-02-05 14:39 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-02-05 14:39 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-02-05 14:39 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-02-05 14:38 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-02-05 14:38 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-02-05 14:38 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-02-05 14:38 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-02-05 14:38 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-02-05 14:38 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-02-05 14:38 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-02-05 14:38 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-02-05 14:38 - 2012-03-01 07:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-02-05 14:38 - 2012-03-01 07:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-02-05 14:38 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-02-05 14:34 - 2012-02-17 07:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-02-05 14:34 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-02-05 14:34 - 2012-02-17 05:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-02-05 14:33 - 2015-02-05 14:33 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
2015-02-05 14:33 - 2015-02-05 14:33 - 00000000 ___DC () C:\Program Files (x86)\Marvell
2015-02-05 14:30 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-02-05 14:30 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-02-05 14:30 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-02-05 14:30 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-02-05 14:30 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-02-05 14:30 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-02-05 14:30 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-02-05 14:30 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-02-05 14:30 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-02-05 14:30 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-02-05 14:30 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-02-05 14:30 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-02-05 14:30 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-02-05 14:30 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-02-05 14:29 - 2015-02-05 14:29 - 00000000 ___DC () C:\Program Files (x86)\ASM106xSATA
2015-02-04 20:16 - 2015-02-04 20:16 - 00000000 ___DC () C:\ProgramData\Intel
2015-02-04 20:16 - 2012-02-07 17:40 - 00015128 ____C () C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-02-04 20:15 - 2015-02-06 18:56 - 00000000 ___DC () C:\Program Files\Intel
2015-02-04 20:15 - 2015-02-04 20:16 - 00000000 ___DC () C:\Program Files (x86)\Intel
2015-02-04 20:15 - 2015-02-04 20:15 - 00000000 ___DC () C:\Users\Patrick\AppData\Roaming\InstallShield
2015-02-04 20:15 - 2011-11-10 01:04 - 00060184 ____C (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2015-02-04 20:13 - 2011-06-10 06:34 - 00107552 ____C (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-02-04 20:12 - 2015-02-10 19:14 - 00000000 __HDC () C:\Program Files (x86)\InstallShield Installation Information
2015-02-04 20:12 - 2015-02-05 14:29 - 00012792 ____C () C:\Windows\DPINST.LOG
2015-02-04 20:12 - 2015-02-05 14:29 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
2015-02-04 20:12 - 2015-02-04 20:13 - 00001769 ____C () C:\Windows\Language_trs.ini
2015-02-04 20:12 - 2015-02-04 20:13 - 00000000 ___DC () C:\Program Files (x86)\Realtek
2015-02-04 20:12 - 2015-02-04 20:12 - 00016896 ____C (ASUS) C:\Windows\AsTaskSched.dll
2015-02-04 20:12 - 2015-02-04 20:12 - 00000000 __HDC () C:\Program Files (x86)\Temp
2015-02-04 20:12 - 2015-02-04 20:12 - 00000000 ___DC () C:\Windows\SysWOW64\RTCOM
2015-02-04 20:12 - 2015-02-04 20:12 - 00000000 ___DC () C:\Program Files\Realtek
2015-02-04 20:12 - 2015-02-04 20:12 - 00000000 ___DC () C:\Program Files (x86)\ASM104xUSB3
2015-02-04 20:12 - 2010-11-02 19:33 - 02654824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-02-04 20:12 - 2010-11-02 19:33 - 02536040 ____C (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-02-04 20:12 - 2010-11-02 19:33 - 02096232 ____C (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-02-04 20:12 - 2010-11-02 19:33 - 01146984 ____C (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-02-04 20:12 - 2010-11-02 19:33 - 00618600 ____C (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-02-04 20:12 - 2010-11-02 19:33 - 00332392 ____C (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-02-04 20:12 - 2010-11-02 19:33 - 00149608 ____C (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 01327208 ____C (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 01242728 ____C (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 01179752 ____C (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 01111656 ____C (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 00561256 ____C (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-02-04 20:12 - 2010-11-02 19:32 - 00504936 ____C (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 00491112 ____C (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 00475752 ____C (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 00317032 ____C (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 00269928 ____C (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 00266856 ____C (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 00126056 ____C (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 00125544 ____C (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 00125032 ____C (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-02-04 20:12 - 2010-11-02 19:32 - 00082024 ____C (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2015-02-04 20:12 - 2010-10-29 10:05 - 00118464 ____C (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-02-04 20:12 - 2010-10-28 10:46 - 01251944 ___RC (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-02-04 20:12 - 2010-10-26 13:03 - 01937312 ____C (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-02-04 20:12 - 2010-10-26 09:16 - 01716368 ____C (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-02-04 20:12 - 2010-10-26 09:15 - 00419472 ____C (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-02-04 20:12 - 2010-10-26 09:15 - 00125584 ____C (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-02-04 20:12 - 2010-10-26 09:15 - 00106640 ____C (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-02-04 20:12 - 2010-10-26 09:15 - 00072336 ____C (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-02-04 20:12 - 2010-10-04 16:12 - 02580824 ____C (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2015-02-04 20:12 - 2010-10-04 16:12 - 01770328 ____C (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2015-02-04 20:12 - 2010-10-03 13:46 - 00341336 ____C (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-02-04 20:12 - 2010-09-27 09:34 - 00318808 ____C (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-02-04 20:12 - 2010-07-22 16:48 - 00220496 ____C (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFNHK64.dll
2015-02-04 20:12 - 2010-07-22 16:48 - 00081232 ____C (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFCOM64.dll
2015-02-04 20:12 - 2010-07-22 16:48 - 00078160 ____C (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFAPO64.dll
2015-02-04 20:12 - 2010-07-22 16:48 - 00074064 ____C (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-02-04 20:12 - 2010-07-22 16:37 - 00200800 ____C (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-02-04 20:12 - 2010-05-06 17:34 - 00334680 ____C (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-02-04 20:12 - 2009-12-15 18:26 - 00372936 ____C (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-02-04 20:12 - 2009-12-15 18:26 - 00201928 ____C (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-02-04 20:12 - 2009-12-15 18:26 - 00099016 ____C (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-02-04 20:12 - 2009-12-15 18:26 - 00076488 ____C (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-02-04 20:12 - 2009-12-11 09:55 - 00307920 ____C (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-02-04 20:12 - 2009-12-11 09:55 - 00307920 ____C (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-02-04 20:12 - 2009-11-24 09:55 - 00518896 ____C (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-02-04 20:12 - 2009-11-24 09:55 - 00211184 ____C (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-02-04 20:12 - 2009-11-24 09:55 - 00198896 ____C (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-02-04 20:12 - 2009-11-24 09:55 - 00155888 ____C (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-02-04 20:12 - 2009-11-18 18:42 - 02197264 ____C (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-02-04 20:12 - 2009-11-17 18:12 - 00108960 ____C (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-02-04 20:11 - 2010-04-13 15:08 - 00340008 ____C (Silicon Image, Inc) C:\Windows\system32\Drivers\Si3124r5.sys
2015-02-04 20:11 - 2010-04-13 15:08 - 00016936 ____C (Silicon Image, Inc.) C:\Windows\system32\Drivers\SiRemFil.sys
2015-02-04 19:12 - 2015-02-05 16:06 - 00001429 ____C () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-04 19:11 - 2015-02-21 18:12 - 01879272 ____C () C:\Windows\WindowsUpdate.log
2015-02-04 19:11 - 2015-02-17 11:10 - 00000000 ___DC () C:\Users\Patrick\AppData\Local\VirtualStore
2015-02-04 19:11 - 2015-02-06 17:09 - 00000000 ___DC () C:\Users\Patrick
2015-02-04 19:11 - 2015-02-04 19:11 - 00000020 __SHC () C:\Users\Patrick\ntuser.ini
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Public\Documents\Mes vidéos
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Public\Documents\Mes images
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Public\Documents\Ma musique
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Patrick\Voisinage réseau
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Patrick\Voisinage d'impression
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Patrick\Modèles
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Patrick\Menu Démarrer
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Patrick\Documents\Mes vidéos
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Patrick\Documents\Mes images
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Patrick\Documents\Ma musique
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Patrick\AppData\Local\Historique
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default\Voisinage réseau
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default\Voisinage d'impression
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default\Modèles
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default\Menu Démarrer
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default\Documents\Mes vidéos
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default\Documents\Mes images
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default\Documents\Ma musique
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historique
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default User\Documents\Mes vidéos
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default User\Documents\Mes images
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default User\Documents\Ma musique
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Historique
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\ProgramData\Modèles
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\ProgramData\Menu Démarrer
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\ProgramData\Favoris
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\ProgramData\Bureau
2015-02-04 19:11 - 2015-02-04 19:11 - 00000000 _SHDL () C:\Program Files\Fichiers communs
2015-02-04 19:11 - 2009-07-14 05:54 - 00000000 __RDC () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-04 19:11 - 2009-07-14 05:49 - 00000000 __RDC () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-04 18:35 - 2015-02-04 18:35 - 00001345 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-02-04 18:35 - 2015-02-04 18:35 - 00001326 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-02-04 18:34 - 2015-02-04 18:34 - 00001355 ____C () C:\Windows\TSSysprep.log
2015-02-04 18:32 - 2015-02-04 19:11 - 00000000 ___DC () C:\Windows\Panther
2015-01-30 15:05 - 2015-01-30 15:05 - 00000000 ___DC () C:\Windows.old
2015-01-30 13:16 - 2015-01-30 13:30 - 00000000 ___DC () C:\$UPGRADE.~OS
2015-01-30 12:40 - 2015-01-30 13:30 - 00000002 ____C () C:\$UpgDrv$

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-21 18:08 - 2010-11-21 04:47 - 00169118 ____C () C:\Windows\PFRO.log
2015-02-21 18:08 - 2009-07-14 06:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2015-02-21 18:08 - 2009-07-14 05:51 - 00034436 ____C () C:\Windows\setupact.log
2015-02-21 18:07 - 2013-10-03 12:59 - 00000000 ___DC () C:\AdwCleaner
2015-02-20 09:32 - 2011-04-12 10:16 - 00747318 ____C () C:\Windows\system32\perfh00C.dat
2015-02-20 09:32 - 2011-04-12 10:16 - 00149842 ____C () C:\Windows\system32\perfc00C.dat
2015-02-20 09:32 - 2009-07-14 06:13 - 01668244 ____C () C:\Windows\system32\PerfStringBackup.INI
2015-02-19 09:59 - 2009-07-14 05:45 - 00034736 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-19 09:59 - 2009-07-14 05:45 - 00034736 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-19 09:51 - 2009-07-14 05:45 - 00440664 ____C () C:\Windows\system32\FNTCACHE.DAT
2015-02-18 17:16 - 2009-07-14 04:20 - 00000000 ___DC () C:\Program Files\Common Files\Microsoft Shared
2015-02-18 16:59 - 2009-07-14 04:20 - 00000000 __HDC () C:\Windows\system32\GroupPolicy
2015-02-18 13:22 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\Registration
2015-02-14 16:30 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\system32\NDF
2015-02-11 16:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-11 12:28 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\tracing
2015-02-11 12:28 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\PolicyDefinitions
2015-02-06 19:14 - 2009-07-14 04:20 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-06 19:13 - 2010-10-20 05:01 - 00246804 ____C () C:\Windows\system32\Drivers\AtherosBt.bin
2015-02-05 19:36 - 2011-04-12 10:28 - 00000000 ___DC () C:\Windows\ShellNew
2015-02-05 15:52 - 2011-04-12 10:28 - 00000000 ___DC () C:\Program Files\Windows Journal
2015-02-05 15:52 - 2009-07-14 06:32 - 00000000 ___DC () C:\Program Files\Windows Defender
2015-02-05 15:52 - 2009-07-14 06:32 - 00000000 ___DC () C:\Program Files (x86)\Windows Defender
2015-02-05 15:52 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\SysWOW64\zh-HK
2015-02-05 15:52 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\SysWOW64\tr-TR
2015-02-05 15:52 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\SysWOW64\Dism
2015-02-05 15:52 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\system32\zh-HK
2015-02-05 15:52 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\system32\tr-TR
2015-02-05 15:52 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\system32\Dism
2015-02-05 15:52 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\AppCompat
2015-02-05 15:52 - 2009-07-14 04:20 - 00000000 ___DC () C:\Program Files\Common Files\System
2015-02-05 15:29 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\Help
2015-02-05 15:05 - 2009-07-14 04:20 - 00000000 _RSDC () C:\Windows\Media
2015-02-05 14:46 - 2009-07-14 06:32 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-04 19:36 - 2009-07-14 06:32 - 00000000 ___DC () C:\Windows\system32\restore
2015-02-04 19:11 - 2009-07-14 04:20 - 00000000 _RHDC () C:\Users\Default
2015-02-04 19:11 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\system32\Recovery
2015-02-04 19:11 - 2009-07-14 04:20 - 00000000 ___DC () C:\Program Files\Windows NT
2015-02-04 18:34 - 2009-07-14 05:46 - 00002790 ____C () C:\Windows\DtcInstall.log
2015-02-04 18:34 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\system32\sysprep
2015-02-04 18:33 - 2011-04-12 10:28 - 00000000 ___DC () C:\Windows\CSC
2015-02-04 18:32 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-02-04 18:32 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template

Some content of TEMP:
====================
C:\Users\Patrick\AppData\Local\Temp\4d55E.exe
C:\Users\Patrick\AppData\Local\Temp\nvStInst.exe
C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe
C:\Users\Patrick\AppData\Local\Temp\readSTILog.dll
C:\Users\Patrick\AppData\Local\Temp\sqlite3.dll
C:\Users\Patrick\AppData\Local\Temp\_is9EFE.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-13 20:08

==================== End Of Log ============================

Attached Files


Edited by nasdaq, 21 February 2015 - 02:30 PM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:22 AM

Posted 21 February 2015 - 02:42 PM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-602654425-3526979067-2857855575-1000\...\Policies\Explorer: [RestrictRun] 0
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF DefaultSearchEngine: Startpage (SSL)
FF Homepage: https://startpage.com/fra/?
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF SearchPlugin: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\bh93f09s.default\searchplugins\startpage-ssl.xml
CHR HomePage: Default -> https://startpage.com/
CHR StartupUrls: Default -> "hxxp://vosteran.com/?f=7&a=vst_ir_15_05&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEyDtDyB0CtBtCyCyCzzyCtN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0A0BzyyCtC0DyBtGyD0D0A0CtGyByB0AyDtG0C0D0F0FtGyDtB0D0EyByD0D0D0E0CtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0EtD0CtBzz0BtBtGtB0AyC0CtGyEtCzzzytGzz0F0E0BtGtB0C0ByB0Czyzz0D0ByE0E0B2Q&cr=1349969253&ir="
CHR DefaultSearchKeyword: Default -> startpage
CHR DefaultSearchURL: Default -> https://startpage.com/do/search?query={searchTerms}&cat=web&pl=chrome&language=francais
CHR DefaultSuggestURL: Default -> https://startpage.com/cgi-bin/csuggest?output=json&pl=chrome&lang=francais&query={searchTerms}
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
Task: {50D1BA7C-3D3C-4FC4-BBEF-B65CC7A27DBC} - \Update\Google Update No Task File <==== ATTENTION
Task: {9BC4E2D6-8C90-4E0B-8275-7DE7739D1A56} - \AutoKMS No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:B755D674

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset the browsers that have been compromised. (Those still giving you some popups or redirection)

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
====

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F
===

Reset Internet Explorer:
Menu > Tools > Internet Options > Advanced Tab.
Click the Reset button on the bottom of the pane.
Click the Apply button.
Close IE.

===

Download Security Check by screen317 from here
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/

How is the computer running now?

#5 Patfisc

Patfisc
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:22 PM

Posted 22 February 2015 - 06:12 AM

Dear Nasdaq
I followed your instructions to the letter and you will find attached the files requested in your last post.
 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-02-2015
Ran by Patrick at 2015-02-22 11:22:36 Run:1
Running from G:\Téléchargements
Loaded Profiles: Patrick (Available profiles: Patrick)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
CloseProcesses:
 
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-602654425-3526979067-2857855575-1000\...\Policies\Explorer: [RestrictRun] 0
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 ->
DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF DefaultSearchEngine: Startpage (SSL)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF SearchPlugin: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\bh93f09s.default\searchplugins\startpage-ssl.xml
CHR HomePage: Default -> https://startpage.com/
CHR StartupUrls: Default -> "hxxp://vosteran.com/?f=7&a=vst_ir_15_05&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEyDtDyB0CtBtCyCyCzzyCtN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0A0BzyyCtC0DyBtGyD0D0A0CtGyByB0AyDtG0C0D0F0FtGyDtB0D0EyByD0D0D0E0CtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0EtD0CtBzz0BtBtGtB0AyC0CtGyEtCzzzytGzz0F0E0BtGtB0C0ByB0Czyzz0D0ByE0E0B2Q&cr=1349969253&ir="
CHR
DefaultSearchKeyword: Default -> startpage
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
Task: {50D1BA7C-3D3C-4FC4-BBEF-B65CC7A27DBC} - \Update\Google Update No Task File <==== ATTENTION
Task: {9BC4E2D6-8C90-4E0B-8275-7DE7739D1A56} - \AutoKMS No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:B755D674
 
End
*****************
 
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\RestrictRun => value deleted successfully.
HKU\S-1-5-21-602654425-3526979067-2857855575-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\RestrictRun => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\SearchScopes: HKU\S-1-5-19 ->\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SearchScopes: HKU\S-1-5-19 -> => Value not found.
DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = => Error: No automatic fix found for this entry.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox homepage deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\bh93f09s.default\searchplugins\startpage-ssl.xml => Moved successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
CHR => Error: No automatic fix found for this entry.
DefaultSearchKeyword: Default -> startpage => Error: No automatic fix found for this entry.
Chrome DefaultSearchURL deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho" => Key deleted successfully.
klkbdflt2 => Error deleting Service
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{50D1BA7C-3D3C-4FC4-BBEF-B65CC7A27DBC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50D1BA7C-3D3C-4FC4-BBEF-B65CC7A27DBC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update\Google Update" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9BC4E2D6-8C90-4E0B-8275-7DE7739D1A56}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BC4E2D6-8C90-4E0B-8275-7DE7739D1A56}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
C:\ProgramData\TEMP => ":B755D674" ADS removed successfully.
 
 
The system needed a reboot. 
 
==== End of Fixlog 11:22:37 ====
 
And   
 

Results of screen317's Security Check version 0.99.96  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
  Java 64-bit 8 Update 31  
 Mozilla Firefox (35.0.1) 
 Google Chrome (40.0.2214.115) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Kaspersky Lab Kaspersky Internet Security 15.0.1 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 15.0.1 avpui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: = 
````````````````````End of Log`````````````````````` 
 
See you later
 
 


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:22 AM

Posted 22 February 2015 - 09:25 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

#7 Patfisc

Patfisc
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:22 PM

Posted 22 February 2015 - 12:59 PM

Dear Nasdaq
I tested browsers, and all is well now.
Thank you for all the help you have given me.
 
bye for now


#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:22 AM

Posted 22 February 2015 - 01:20 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users