Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spent around 120+ hours trying to remove malware


  • This topic is locked This topic is locked
6 replies to this topic

#1 ICQWinNuke95

ICQWinNuke95

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:46 AM

Posted 22 March 2015 - 01:14 PM

I am fairly certain I have had a malware dropper that has deposited several types of malware. I am also convinced I have been hacked into by a hacking group. They make themself known at times especially in games by making statements that would be impossible for them to know. I am certain my browsers hijacked, recovery options hijacked. I have used linux, diskpart, format C:, nearly every program listed on this site and other sites regarding malware with no success. There are many different users in the computer now, locked files, scripts, ect. I finally called dell and was going to pay the $100 for the windows 8.1 cd but I learned a lot through this episode. However it seems to be at a point where its if I can't even format it to fix it then this is way over my head. In any case, any help would be greatly appreciated. I have many log files and even some hidden log files I had found from possibly one of the hackers detailing in a debug language with footnotes explaining or giving an idea of how different scripts in the computer are working. But here is a hijackthis log. I did a diskpart /clean all from the windows recovery command prompt (adminstrative) for the 9th time or so and the last one was done a few days ago. The computer will seem ok except it has various outdated drivers that keep seeding themselves back in. I am running windows 8.1, orginally 8. I do know some people, one in particular who is a blackhat who has extensive training through cisco for hacking. But there is definitely more than one party involved if that is the case. Thanks
 
Logfile of random's system information tool 1.10 (written by random/random)
Run by Stuxnet at 2015-03-22 10:56:34
Microsoft Windows 8.1 
System drive C: has 915 GB (96%) free of 953 GB
Total RAM: 8143 MB (55% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:56:41 AM, on 3/22/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Heroes of Newerth\hon.exe
C:\Program Files (x86)\Heroes of Newerth\AwesomiumProcess.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Stuxnet\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Stuxnet.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 6843 bytes
 
======Scheduled tasks folder======
 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d063b2a3090793.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 1a5d70d0-4f82-42cf-afec-86b55aaf15ec.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe  "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:1a5d70d0-4f82-42cf-afec-86b55aaf15ec 
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 223092e3-c8fb-4351-8f58-2843d5cc781a.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe  "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:223092e3-c8fb-4351-8f58-2843d5cc781a 
 
======Registry dump======
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-01-22 7780120]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
 
======List of files/folders created in the last 3 months======
 
2015-03-22 10:56:34 ----D---- C:\rsit
2015-03-22 10:56:34 ----D---- C:\Program Files (x86)\trend micro
2015-03-21 14:11:15 ----D---- C:\ProgramData\RogueKiller
2015-03-21 08:08:49 ----D---- C:\Users\Stuxnet\AppData\Roaming\vlc
2015-03-21 08:03:51 ----D---- C:\Users\Stuxnet\AppData\Roaming\IrfanView
2015-03-21 08:03:50 ----D---- C:\Program Files (x86)\IrfanView
2015-03-21 02:02:17 ----D---- C:\SUPERDelete
2015-03-21 01:33:40 ----D---- C:\Users\Stuxnet\AppData\Roaming\SUPERAntiSpyware.com
2015-03-21 01:33:36 ----D---- C:\Program Files (x86)\Google
2015-03-21 01:33:29 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2015-03-21 00:58:26 ----D---- C:\SymCache
2015-03-21 00:50:37 ----D---- C:\Windows\SoftwareDistribution
2015-03-20 23:08:31 ----D---- C:\EEK
2015-03-20 22:57:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-20 22:50:43 ----D---- C:\q
2015-03-20 02:28:29 ----A---- C:\Windows\SysWOW64\perf-MSSQL11.ADK-sqlagtctr.dll
2015-03-20 02:28:18 ----A---- C:\Windows\SysWOW64\perf-MSSQL$ADK-sqlctr11.0.2100.60.dll
2015-03-20 02:28:12 ----A---- C:\Windows\SysWOW64\hadrres.dll
2015-03-20 02:28:12 ----A---- C:\Windows\SysWOW64\fssres.dll
2015-03-20 02:27:52 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2015-03-20 02:27:27 ----D---- C:\Windows\SysWOW64\1033
2015-03-20 02:26:28 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2015-03-20 02:23:41 ----D---- C:\Program Files (x86)\Windows Kits
2015-03-20 01:07:24 ----D---- C:\Users\Stuxnet\AppData\Roaming\ESET
2015-03-20 01:06:28 ----D---- C:\ProgramData\ESET
2015-03-20 00:53:10 ----D---- C:\Users\Stuxnet\AppData\Roaming\Mozilla
2015-03-20 00:53:05 ----D---- C:\ProgramData\Mozilla
2015-03-20 00:53:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-19 23:45:16 ----D---- C:\ProgramData\PC-Doctor for Windows
2015-03-19 23:45:15 ----D---- C:\ProgramData\PCDr
2015-03-19 23:43:50 ----D---- C:\Users\Stuxnet\AppData\Roaming\PCDr
2015-03-19 23:43:46 ----D---- C:\temp
2015-03-19 23:33:48 ----D---- C:\Windows\nvmup
2015-03-19 23:29:52 ----D---- C:\Program Files (x86)\Common Files\Intel Corporation
2015-03-19 23:29:07 ----D---- C:\Users\Stuxnet\AppData\Roaming\Intel Corporation
2015-03-19 23:29:07 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-19 23:23:05 ----D---- C:\ProgramData\Intel
2015-03-19 23:22:44 ----D---- C:\Program Files (x86)\Common Files\postureAgent
2015-03-19 23:20:28 ----D---- C:\Program Files (x86)\Intel
2015-03-19 23:20:28 ----A---- C:\Windows\SysWOW64\CSVer.dll
2015-03-19 23:19:42 ----D---- C:\ProgramData\Dell
2015-03-19 23:13:38 ----D---- C:\Program Files (x86)\Intel Driver Update Utility
2015-03-19 23:13:33 ----D---- C:\ProgramData\Package Cache
2015-03-18 04:11:00 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2015-03-18 04:11:00 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2015-03-18 04:11:00 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2015-03-18 04:11:00 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-03-18 04:10:43 ----D---- C:\Program Files (x86)\Heroes of Newerth
2015-03-18 04:00:56 ----A---- C:\Windows\SysWOW64\aspnet_counters.dll
2015-03-18 04:00:39 ----A---- C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-03-18 04:00:38 ----A---- C:\Windows\SysWOW64\mfplat.dll
2015-03-18 04:00:38 ----A---- C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-03-18 04:00:38 ----A---- C:\Windows\SysWOW64\MFMediaEngine.dll
2015-03-18 04:00:37 ----A---- C:\Windows\SysWOW64\wuapi.dll
2015-03-18 04:00:37 ----A---- C:\Windows\SysWOW64\WSDApi.dll
2015-03-18 04:00:37 ----A---- C:\Windows\SysWOW64\WinSCard.dll
2015-03-18 04:00:37 ----A---- C:\Windows\SysWOW64\untfs.dll
2015-03-18 04:00:37 ----A---- C:\Windows\SysWOW64\rasapi32.dll
2015-03-18 04:00:37 ----A---- C:\Windows\SysWOW64\QSVRMGMT.DLL
2015-03-18 04:00:37 ----A---- C:\Windows\SysWOW64\QSHVHOST.DLL
2015-03-18 04:00:37 ----A---- C:\Windows\SysWOW64\nshwfp.dll
2015-03-18 04:00:37 ----A---- C:\Windows\SysWOW64\DevicePairing.dll
2015-03-18 04:00:37 ----A---- C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\wuwebv.dll
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\wups.dll
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\wudriver.dll
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\wuapp.exe
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\vsstrace.dll
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\vssapi.dll
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\rasser.dll
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\rasmxs.dll
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\rasdiag.dll
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\rascfg.dll
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\eventcls.dll
2015-03-18 04:00:36 ----A---- C:\Windows\SysWOW64\dnsapi.dll
2015-03-18 04:00:36 ----A---- C:\Windows\splwow64.exe
2015-03-18 03:59:44 ----A---- C:\Windows\SysWOW64\TsWpfWrp.exe
2015-03-18 03:54:06 ----A---- C:\Windows\SysWOW64\RtsUStoricon.dll
2015-03-18 03:46:17 ----D---- C:\Program Files (x86)\Reference Assemblies
2015-03-18 03:46:17 ----D---- C:\Program Files (x86)\MSBuild
2015-03-18 03:44:57 ----A---- C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-03-18 03:44:57 ----A---- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-18 03:28:43 ----D---- C:\ProgramData\NVIDIA
2015-03-18 03:28:33 ----A---- C:\Windows\SysWOW64\nvStreaming.exe
2015-03-18 03:28:19 ----A---- C:\Windows\SysWOW64\OpenCL.dll
2015-03-18 03:28:17 ----D---- C:\ProgramData\NVIDIA Corporation
2015-03-18 03:28:15 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-03-18 03:23:52 ----A---- C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-03-18 03:23:51 ----A---- C:\Windows\SysWOW64\calc.exe
2015-03-18 03:23:50 ----A---- C:\Windows\SysWOW64\winshfhc.dll
2015-03-18 03:23:49 ----A---- C:\Windows\SysWOW64\crypt32.dll
2015-03-18 03:23:20 ----A---- C:\Windows\SysWOW64\SHCore.dll
2015-03-18 03:23:11 ----A---- C:\Windows\SysWOW64\certcli.dll
2015-03-18 03:23:08 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2015-03-18 03:23:04 ----A---- C:\Windows\SysWOW64\schannel.dll
2015-03-18 03:23:00 ----A---- C:\Windows\SysWOW64\photowiz.dll
2015-03-18 03:22:58 ----A---- C:\Windows\SysWOW64\scesrv.dll
2015-03-18 03:22:51 ----A---- C:\Windows\SysWOW64\msftedit.dll
2015-03-18 03:22:49 ----A---- C:\Windows\SysWOW64\atmlib.dll
2015-03-18 03:22:49 ----A---- C:\Windows\SysWOW64\atmfd.dll
2015-03-18 03:22:35 ----A---- C:\Windows\SysWOW64\dwmcore.dll
2015-03-18 03:22:28 ----A---- C:\Windows\SysWOW64\mfc42u.dll
2015-03-18 03:22:28 ----A---- C:\Windows\SysWOW64\mfc42.dll
2015-03-18 03:22:28 ----A---- C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-18 03:22:28 ----A---- C:\Windows\SysWOW64\atlthunk.dll
2015-03-18 03:22:22 ----A---- C:\Windows\SysWOW64\WSShared.dll
2015-03-18 03:22:22 ----A---- C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-18 03:22:20 ----A---- C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-18 03:22:20 ----A---- C:\Windows\SysWOW64\authui.dll
2015-03-18 03:22:14 ----A---- C:\Windows\SysWOW64\wow32.dll
2015-03-18 03:22:14 ----A---- C:\Windows\SysWOW64\user.exe
2015-03-18 03:22:14 ----A---- C:\Windows\SysWOW64\setup16.exe
2015-03-18 03:22:14 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2015-03-18 03:22:14 ----A---- C:\Windows\SysWOW64\ntdll.dll
2015-03-18 03:22:14 ----A---- C:\Windows\SysWOW64\instnm.exe
2015-03-18 03:22:03 ----A---- C:\Windows\SysWOW64\vbscript.dll
2015-03-18 03:22:03 ----A---- C:\Windows\SysWOW64\urlmon.dll
2015-03-18 03:22:03 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2015-03-18 03:22:03 ----A---- C:\Windows\SysWOW64\mshtml.dll
2015-03-18 03:22:03 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2015-03-18 03:22:03 ----A---- C:\Windows\SysWOW64\iepeers.dll
2015-03-18 03:22:03 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2015-03-18 03:22:02 ----A---- C:\Windows\SysWOW64\jscript.dll
2015-03-18 03:22:02 ----A---- C:\Windows\SysWOW64\iertutil.dll
2015-03-18 03:22:02 ----A---- C:\Windows\SysWOW64\ieframe.dll
2015-03-18 03:22:01 ----A---- C:\Windows\SysWOW64\wininet.dll
2015-03-18 03:22:01 ----A---- C:\Windows\SysWOW64\webcheck.dll
2015-03-18 03:22:01 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-18 03:22:01 ----A---- C:\Windows\SysWOW64\jscript9.dll
2015-03-18 03:22:01 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2015-03-18 03:22:01 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2015-03-18 03:21:59 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2015-03-18 03:21:58 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2015-03-18 03:21:55 ----A---- C:\Windows\SysWOW64\eapphost.dll
2015-03-18 03:21:55 ----A---- C:\Windows\SysWOW64\eappgnui.dll
2015-03-18 03:21:55 ----A---- C:\Windows\SysWOW64\eappcfg.dll
2015-03-18 03:21:55 ----A---- C:\Windows\SysWOW64\eapp3hst.dll
2015-03-18 03:21:54 ----A---- C:\Windows\SysWOW64\pku2u.dll
2015-03-18 03:21:54 ----A---- C:\Windows\SysWOW64\kerberos.dll
2015-03-18 03:21:48 ----A---- C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-03-18 03:21:42 ----A---- C:\Windows\SysWOW64\WMPhoto.dll
2015-03-18 03:21:42 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-18 03:21:42 ----A---- C:\Windows\SysWOW64\shell32.dll
2015-03-18 03:21:42 ----A---- C:\Windows\SysWOW64\msctf.dll
2015-03-18 03:21:39 ----A---- C:\Windows\SysWOW64\WerFaultSecure.exe
2015-03-18 03:21:39 ----A---- C:\Windows\SysWOW64\wer.dll
2015-03-18 03:21:39 ----A---- C:\Windows\SysWOW64\Faultrep.dll
2015-03-18 03:21:39 ----A---- C:\Windows\SysWOW64\explorer.exe
2015-03-18 03:21:39 ----A---- C:\Windows\explorer.exe
2015-03-18 03:21:36 ----A---- C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-18 03:21:34 ----A---- C:\Windows\SysWOW64\poqexec.exe
2015-03-18 03:13:09 ----D---- C:\Users\Stuxnet\AppData\Roaming\Macromedia
2015-03-18 03:09:39 ----D---- C:\Users\Stuxnet\AppData\Roaming\Adobe
2015-03-18 03:09:33 ----SD---- C:\Users\Stuxnet\AppData\Roaming\Microsoft
2015-03-18 03:02:28 ----D---- C:\Windows\softwaredistribution.bak
2015-03-18 02:59:52 ----ASH---- C:\hiberfil.sys
2015-03-18 02:58:13 ----D---- C:\Windows\Prefetch
2015-03-18 02:57:49 ----D---- C:\Windows\Panther
2015-03-18 02:57:48 ----ASH---- C:\swapfile.sys
2015-03-18 02:57:48 ----ASH---- C:\pagefile.sys
2015-03-18 01:10:44 ----SHD---- C:\System Volume Information
2015-03-18 01:10:01 ----SHD---- C:\Recovery
2015-02-20 01:44:12 ----A---- C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-20 01:44:08 ----A---- C:\Windows\SysWOW64\nvumdshim.dll
2015-02-20 01:44:02 ----A---- C:\Windows\SysWOW64\nvopencl.dll
2015-02-20 01:43:58 ----A---- C:\Windows\SysWOW64\nvoglv32.dll
2015-02-20 01:43:56 ----A---- C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-20 01:43:54 ----A---- C:\Windows\SysWOW64\nvinit.dll
2015-02-20 01:43:54 ----A---- C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-02-20 01:43:54 ----A---- C:\Windows\SysWOW64\NvIFR.dll
2015-02-20 01:43:50 ----A---- C:\Windows\SysWOW64\NvFBC.dll
2015-02-20 01:43:50 ----A---- C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-02-20 01:43:46 ----A---- C:\Windows\SysWOW64\nvd3dum.dll
2015-02-20 01:43:44 ----A---- C:\Windows\SysWOW64\nvcuvid.dll
2015-02-20 01:43:42 ----A---- C:\Windows\SysWOW64\nvcuda.dll
2015-02-20 01:43:18 ----A---- C:\Windows\SysWOW64\nvcompiler.dll
2015-02-20 01:42:50 ----A---- C:\Windows\SysWOW64\nvapi.dll
 
======List of files/folders modified in the last 3 months======
 
2015-03-22 10:56:40 ----D---- C:\Windows\Temp
2015-03-22 10:56:34 ----RD---- C:\Program Files (x86)
2015-03-22 10:56:12 ----D---- C:\Windows\System32
2015-03-22 08:03:13 ----D---- C:\Windows\Inf
2015-03-21 14:11:15 ----HD---- C:\ProgramData
2015-03-21 08:04:26 ----RD---- C:\Program Files
2015-03-21 02:38:01 ----SHD---- C:\Windows\Installer
2015-03-21 02:08:49 ----D---- C:\Windows\WinSxS
2015-03-21 01:40:08 ----D---- C:\Windows\Tasks
2015-03-21 01:11:43 ----D---- C:\Windows\CbsTemp
2015-03-21 00:50:37 ----D---- C:\Windows
2015-03-20 19:18:39 ----D---- C:\Windows\rescache
2015-03-20 19:17:15 ----D---- C:\Windows\Microsoft.NET
2015-03-20 19:17:15 ----D---- C:\Windows\Logs
2015-03-20 19:16:14 ----RSD---- C:\Windows\assembly
2015-03-20 02:44:06 ----SD---- C:\ProgramData\Microsoft
2015-03-20 02:28:31 ----RD---- C:\Users
2015-03-20 02:28:29 ----D---- C:\Windows\SysWOW64
2015-03-20 02:27:51 ----D---- C:\Program Files (x86)\Common Files\Microsoft Shared
2015-03-20 02:27:42 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-03-19 23:29:52 ----D---- C:\Program Files (x86)\Common Files
2015-03-18 04:29:14 ----D---- C:\Windows\AppReadiness
2015-03-18 04:07:09 ----RD---- C:\Windows\ImmersiveControlPanel
2015-03-18 04:07:08 ----D---- C:\Windows\SysWOW64\setup
2015-03-18 04:01:58 ----D---- C:\Windows\SysWOW64\en-US
2015-03-18 03:46:12 ----RSD---- C:\Windows\Fonts
2015-03-18 03:39:27 ----RD---- C:\Windows\ToastData
2015-03-18 03:39:27 ----D---- C:\Windows\PolicyDefinitions
2015-03-18 03:39:27 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-18 03:39:26 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-18 03:39:22 ----D---- C:\Windows\WinStore
2015-03-18 03:39:22 ----D---- C:\Windows\apppatch
2015-03-18 03:28:29 ----D---- C:\Windows\Help
2015-03-18 03:09:47 ----SHD---- C:\$Recycle.Bin
2015-03-18 03:01:11 ----D---- C:\Windows\debug
2015-03-04 14:24:42 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys []
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys []
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys []
R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\SysWOW64\drivers\Wof.sys []
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 EpfwLWF;@oem25.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys []
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys []
R3 dc3d;@oem15.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\Windows\System32\drivers\dc3d.sys []
R3 MEIx64;@oem20.inf,%TEE_SvcDesc%;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys []
R3 NVHDA;@oem4.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 RSUSBSTOR;@oem9.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys []
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys []
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys []
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 cleanhlp;cleanhlp; \??\C:\EEK\BIN\cleanhlp64.sys [2015-03-21 57024]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys []
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys []
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-22 172344]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-10-01 1349576]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-08-09 131544]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2013-08-09 169432]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-08-09 390616]
R2 MSSQL$ADK;SQL Server (ADK); c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe [2012-02-11 206424]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 129624]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-05 410952]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-21 116648]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 33088]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-02 43696]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-21 116648]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-20 148080]
S4 SQLAgent$ADK;SQL Server Agent (ADK); c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\SQLAGENT.EXE [2012-02-11 438360]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2012-02-11 269912]
 
-----------------EOF-----------------

Edit: Topic moved from Windows 8 to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


m

#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:46 AM

Posted 25 March 2015 - 09:52 AM

Hello and Welcome on board ,

my Name is Machiavelli and I will assist you with your problem. Feel free to call me Makka or something like that.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 ICQWinNuke95

ICQWinNuke95
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:46 AM

Posted 25 March 2015 - 08:57 PM

Thanks for your reply. I did exactly as you directed.
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Stuxnet (administrator) on SYSTEMERROR1X20 on 25-03-2015 18:54:29
Running from C:\Users\Stuxnet\Desktop
Loaded Profiles: Stuxnet (Available profiles: Stuxnet & MSSQL$ADK)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\memdefrag.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-03-13] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKU\S-1-5-21-460681707-3011358676-697363567-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7806232 2015-03-25] (SUPERAntiSpyware)
HKU\S-1-5-21-460681707-3011358676-697363567-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-03-16] (Glarysoft Ltd)
HKU\S-1-5-21-460681707-3011358676-697363567-1001\...\Run: [Glary Memory Optimizer] => C:\Program Files (x86)\Glary Utilities 5\memdefrag.exe [122656 2015-03-16] (Glarysoft Ltd)
BootExecute: autocheck autochk /p \??\C:autocheck autochk *  BootDefrag.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-460681707-3011358676-697363567-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-22] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-22] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-22] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-22] (Oracle Corporation)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Stuxnet\AppData\Roaming\Mozilla\Firefox\Profiles\jpwx1cty.default
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-22] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-22] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-21] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Stuxnet\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Drive) - C:\Users\Stuxnet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-21]
CHR Extension: (YouTube) - C:\Users\Stuxnet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-21]
CHR Extension: (Google Search) - C:\Users\Stuxnet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Stuxnet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-21]
CHR Extension: (Google Wallet) - C:\Users\Stuxnet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-21]
CHR Extension: (Gmail) - C:\Users\Stuxnet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [211320 2015-02-11] (Dell Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-03-13] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-09] (Intel Corporation)
S3 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2015-07-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
S3 MSSQL$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe [206424 2012-02-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-03-13] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-03-13] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
S4 SQLAgent$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\SQLAGENT.EXE [438360 2012-02-11] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-02-12] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2015-03-16] (Glarysoft Ltd)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-03-21] (Emsisoft GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2014-08-18] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2014-08-18] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-09-18] (ESET)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-03-23] (Glarysoft Ltd)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-03-13] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-03-22] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-03-22] (Acronis)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-03-21] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [40392 2012-07-25] (Microsoft Corporation)
 
========================== Drivers MD5 =======================
 
C:\Windows\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\Windows\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\Windows\System32\drivers\ACPI.sys E796AE43DDD1844281DB4D57294D17C0
C:\Windows\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\Windows\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\Windows\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\Windows\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\Windows\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\System32\DRIVERS\afcdp.sys ABCF9C80EAACE03021BB7F450EB8993F
C:\Windows\system32\drivers\afd.sys 374E27295F0A9DCAA8FC96370F9BEEA5
C:\Windows\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\Windows\System32\DRIVERS\ahcache.sys F0CB6DB513CAC393D04A0FCE0A59E1BF
C:\Windows\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\Windows\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\Windows\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\Windows\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\Windows\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\Windows\system32\drivers\appid.sys 415DD71628795197F7AFC176CBADC74E
C:\Windows\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\Windows\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\Windows\system32\DRIVERS\athw8x.sys 2C7676F892E88FD190F08D98048C7C6C
C:\Windows\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\Windows\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\Windows\System32\drivers\BasicRender.sys 38A82F4EE8C416A6744B6D30381ED768
C:\Windows\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\Windows\System32\drivers\BootDefragDriver.sys 0A7F269E6D58A8814105150B4F7F5021
C:\Windows\System32\DRIVERS\bowser.sys 6B4FFFDDC618FCF64473CAA86E305697
C:\Windows\system32\DRIVERS\btfilter.sys 239A81CC18170F3369D389DA65E74342
C:\Windows\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\Windows\System32\drivers\BthEnum.sys 1104A31260CCF4318C884E0AE6C513BF
C:\Windows\System32\drivers\bthhfenum.sys 67343511D80BF3D6D9EEDB5BA8D0B06B
C:\Windows\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\Windows\system32\DRIVERS\BthLEEnum.sys D30C67473A2E229662D21F27EAA9AAA5
C:\Windows\System32\drivers\bthmodem.sys EF4B9E7C9AD88C00C18A12B0D22D1894
C:\Windows\system32\DRIVERS\bthpan.sys 25BB93167DEF270188072603F92A1EF5
C:\Windows\System32\Drivers\BTHport.sys C37F4930795B771400C63C3C87E7A6C2
C:\Windows\System32\Drivers\BTHUSB.sys 08EA90955AED2D959EE67DF6EDF0E2B6
C:\Windows\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\Windows\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\Windows\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\EEK\bin\cleanhlp64.sys B794DCF38C965FA2F93C45A7C3D582C5
C:\Windows\System32\drivers\CLFS.sys 179A41249055D5F039F1B6703F3B6D2B
C:\Windows\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\Windows\System32\Drivers\cng.sys 3930E508DDA46C1FF68FD963F350AA0A
C:\Windows\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\Windows\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\Windows\System32\drivers\dam.sys 389C998C64319CD97625B0550E52ECFA
C:\Windows\System32\drivers\dc3d.sys D06E443457FADC6B1AFAF3AA4B6936F6
C:\Windows\System32\Drivers\dfsc.sys A03F362C5557E238CBFA914689C77248
C:\Windows\System32\drivers\disk.sys 4D40C9B33F738797CF50E77CB7C53E85
C:\Windows\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\Windows\system32\drivers\drmkaud.sys 00C594D5A1DBD22AD8B2902B9F6EFF94
C:\Windows\System32\drivers\dxgkrnl.sys E1BB0B6F00F470B451AB45EA13EBA0B3
C:\Windows\System32\DRIVERS\eamonm.sys D47E023B543D9FA72EBAAD4D30E499B3
C:\Windows\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\Windows\System32\DRIVERS\edevmon.sys 9FB0479D9398C785C607B1196307F782
C:\Windows\system32\DRIVERS\ehdrv.sys EDE769200779A9746A0F1425EBEE59FE
C:\Windows\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\Windows\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\Windows\system32\DRIVERS\epfw.sys D8A6B4CAA5E240878D65E0EAEE6D9082
C:\Windows\system32\DRIVERS\EpfwLWF.sys C581DEBB25220862D325BE141F02E989
C:\Windows\System32\DRIVERS\epfwwfp.sys DC4E3C33A00AF1165E7BDA9CE147ED2D
C:\Windows\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\Windows\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\Windows\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265
C:\Windows\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\Windows\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\Windows\System32\drivers\fltmgr.sys C1FB505A73FA2E9019D32444AB33B75A
C:\Windows\System32\DRIVERS\fltsrv.sys C06AF3D1E7CA6868A6A3064CE6907C4A
C:\Windows\System32\drivers\FsDepends.sys A7C31B168F371E8E6796219F23E354DB
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\Windows\System32\DRIVERS\fvevol.sys F152D55E497E12256290C43B31C7D0CE
C:\Windows\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\Windows\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\Windows\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\Windows\System32\Drivers\msgpioclx.sys 8DF1254093B5C354CE725EB6B9B0DE19
C:\Windows\System32\drivers\GUBootStartup.sys 0636745A40DEA06283D45885C228AF01
C:\Windows\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593
C:\Windows\System32\drivers\HDAudBus.sys D4B7ED39C7900384D9E5C1283F1E7926
C:\Windows\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\Windows\System32\drivers\hidbth.sys 42F88B57CAE42FC10059C887B3FCFCEA
C:\Windows\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\Windows\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\Windows\System32\drivers\hidusb.sys 8DB8EAB9D0C6A5DF0BDCADEA239220B4
C:\Windows\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\Windows\System32\drivers\HTTP.sys 9DDCA7F18983C5410DEFF79F819DF93C
C:\Windows\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\Windows\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\Windows\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\Windows\System32\drivers\i8042prt.sys 49EE0AE9E5B64FFBBD06D55C4984B598
C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\Windows\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\Windows\System32\drivers\iaStorA.sys 57CD95DEB3529181BCC931DD2DFB2341
C:\Windows\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\Windows\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\Windows\system32\drivers\RTKVHD64.sys 2DA6AD59D22189F85F2BC4A91D7E234B
C:\Windows\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\Windows\System32\drivers\intelpep.sys 7AA01AB1C110916825E6E1389F1B9AF2
C:\Windows\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\Windows\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\Windows\System32\drivers\IPMIDrv.sys 9C096BF5E10CA8BFA56F32522A89FAF1
C:\Windows\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD
C:\Windows\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\Windows\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\Windows\System32\drivers\msiscsi.sys D90AB68D0FAC9F357F663670FDBB511E
C:\Windows\System32\drivers\kbdclass.sys 5917AFE4A3F695A54B99C1849C8207FE
C:\Windows\System32\drivers\kbdhid.sys 8CD840A062F6BDF41DDE3ACB96164B72
C:\Windows\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\Windows\System32\Drivers\ksecdd.sys 4E829B18D5BAEC29893792A3C671A847
C:\Windows\System32\Drivers\ksecpkg.sys 15C8C65CEA018C02EA0F648448C491C5
C:\Windows\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\Windows\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\Windows\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\Windows\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\Windows\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\Windows\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\Windows\system32\drivers\luafv.sys DDEE191AB32DFC22C6465002ECDF5EE4
C:\Windows\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\Windows\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\Windows\system32\DRIVERS\TeeDriverx64.sys 18B9AD128EC84E8D16A83F70CF36594F
C:\Windows\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\Windows\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\Windows\System32\drivers\mouclass.sys 08374E4E5B8914DE6067CBA99F61E930
C:\Windows\System32\drivers\mouhid.sys 5FCBAB60598AE119E02B4C27DE6B99EA
C:\Windows\System32\drivers\mountmgr.sys D1D82F007A079A4D623DBD1F36EF30A1
C:\Windows\System32\drivers\mpsdrv.sys 6FC047578785B0435F4E2660946D1ADC
C:\Windows\system32\drivers\mrxdav.sys DB32958F0E704EFBF7F15161A569E39F
C:\Windows\System32\DRIVERS\mrxsmb.sys 31233271EDE50D1BBB220F78AFA60486
C:\Windows\System32\DRIVERS\mrxsmb10.sys 3E28B99198B514DFEB152EACF913025E
C:\Windows\System32\DRIVERS\mrxsmb20.sys 6276AC2AA203CF47811F6EFBBD214FBF
C:\Windows\system32\DRIVERS\bridge.sys F3C060444777A59FC63D920719E43CCD
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\Windows\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\Windows\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\Windows\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\Windows\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\Windows\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\Windows\system32\DRIVERS\mslldp.sys 51B3AC0560848CD6D65AC2033E293113
C:\Windows\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\Windows\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\Windows\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\Windows\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\Windows\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\Windows\System32\Drivers\mup.sys 619CA29326B82372621DB2C0964D8365
C:\Windows\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\Windows\system32\DRIVERS\nwifi.sys 008F7CED69FD5B30CBDE1E03C6F36A27
C:\Windows\System32\drivers\ndis.sys 6D3A2565E01B3E4B0F1BEDB0D4B00B3F
C:\Windows\system32\DRIVERS\ndiscap.sys 8CECC8DA55F3274181FD1EA28AD76664
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 269882812E9A68FFF1AFE1283D428322
C:\Windows\system32\DRIVERS\ndistapi.sys DC1D9F692C2AD84C214584C28501C1F7
C:\Windows\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\Windows\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\System32\Drivers\NDProxy.sys 0BBE2FA30BAD58C9ADC01E4F84A3D2A1
C:\Windows\System32\drivers\Ndu.sys 3083926D1CC5B56EA0786527B557DD1B
C:\Windows\System32\DRIVERS\netbios.sys 42FF4975D032CAE558AE4BB8448F6E5A
C:\Windows\System32\DRIVERS\netbt.sys 0217532E19A748F0E5D569307363D5FD
C:\Windows\System32\drivers\netvsc63.sys D4DCE03870314D3354F3501F9DDD4123
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\Windows\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\Windows\System32\drivers\nsiproxy.sys 0E046FF5823B95326D10CF1B4AF23541
C:\Windows\System32\Drivers\Ntfs.sys 7F68063A5A0461E02BC860CE0E6BFDDC
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\Windows\system32\drivers\nvhda64v.sys 7E4355930B28C2798D9F09AB9F81151F
C:\Windows\system32\DRIVERS\nvlddmkm.sys ECC732D5185408FCC323E56D30170848
C:\Windows\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\Windows\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 977C9F7656D07D36887814A7D570FE1A
C:\Windows\system32\drivers\nvvad64v.sys DBFE7B2DF103F74AE51840B3C5F25FE9
C:\Windows\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\Windows\System32\drivers\parport.sys 764B1121867B2D9B31C491668AC72B2B
C:\Windows\System32\drivers\partmgr.sys BAFF6122CFC9F95CA175AD8C348179A4
C:\Windows\System32\drivers\pci.sys 91ED124E261EA8FAA1C0FFDF2A71B0C4
C:\Windows\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\Windows\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\Windows\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\Windows\System32\drivers\pdc.sys ED54A75050211DC77F9B98C41E026858
C:\Windows\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6
C:\Windows\System32\drivers\point64.sys E4799B87675C59AA1F620DE5C6F113BB
C:\Windows\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\Windows\system32\DRIVERS\pacer.sys FC0141B4A5AD6D637D883C1A89FC45C5
C:\Windows\system32\drivers\qwavedrv.sys 83868EB2924E6BC21A54337C65D614D1
C:\Windows\System32\DRIVERS\rasacd.sys B337B1F1E82A83E20A1743E008E25C0F
C:\Windows\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\Windows\System32\DRIVERS\rdbss.sys A1A5E79C0D1352AFDC08328A623DA051
C:\Windows\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\Windows\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\Windows\System32\drivers\rdpvideominiport.sys BC8A79C625568DDB7DCA49D0C2741A64
C:\Windows\System32\drivers\rdyboost.sys A26AEC49F318FEE141DDDB2C5F99B3E6
C:\Windows\System32\Drivers\ReFS.sys 615DFD97DEA56CE1C3A52185A3038FF8
C:\Windows\System32\drivers\rfcomm.sys DC66AE45816614D2999DCD3834DCCC4E
C:\Windows\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\Windows\System32\Drivers\RtsUStor.sys FC009873CBC12CC6D7045D803D8E8CD3
C:\Windows\system32\DRIVERS\Rt630x64.sys 19764658C1468C2C0CEF133D28414A6B
C:\Windows\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 3289766038DB2CB14D07DC84392138D5
C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 58A38E75F3316A83C23DF6173D41F2B5
C:\Windows\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\Windows\System32\DRIVERS\scfilter.sys 13BEA6C882D4D877A5A85CA149C86BC1
C:\Windows\System32\drivers\sdbus.sys 27FF998504DEF8D29A771FBB41707C5E
C:\Windows\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\Windows\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431
C:\Windows\System32\drivers\serenum.sys 3CD600C089C1251BEEB4CD4CD5164F9E
C:\Windows\System32\drivers\serial.sys D864381BC9C725FAB01D94C060660166
C:\Windows\System32\drivers\sermouse.sys 148195AE95D9BC7375A08846439FDAC1
C:\Windows\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\Windows\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\Windows\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\Windows\System32\DRIVERS\snapman.sys E3E56CAF0472163871B922FC7CBC9654
C:\Windows\System32\drivers\spaceport.sys D24B1945ED1F9C96DA786DBBF1E983CE
C:\Windows\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\Windows\System32\DRIVERS\srv.sys 6416E79A58A8FCC33A447A4DDDD3BF04
C:\Windows\System32\DRIVERS\srv2.sys 00D8AC8E3053290BDE6EA2FB6810D2FC
C:\Windows\System32\DRIVERS\srvnet.sys D047CD668E6277FD80F0C613946F034C
C:\Windows\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\Windows\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\Windows\System32\drivers\vmstorfl.sys 8B9486B64E5FC17FB9CC04CA10B77A34
C:\Windows\System32\drivers\stornvme.sys 6B06E2D11E604BE2B1A406C4CB3B90DE
C:\Windows\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\Windows\System32\drivers\swenum.sys 65454187E0F8B6C0DCECB0287D06EC43
C:\Windows\System32\drivers\tcpip.sys 3C2DF97A21A9BBE6355B0A51F288EFFF
C:\Windows\system32\DRIVERS\tcpip.sys 3C2DF97A21A9BBE6355B0A51F288EFFF
C:\Windows\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4
C:\Windows\system32\DRIVERS\tdrpman.sys AC28A6FCA485821499FF018695CEDE16
C:\Windows\system32\DRIVERS\tdx.sys FFF28F9F6823EB1756C60F1649560BBF
C:\Windows\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\Windows\System32\DRIVERS\tib.sys DE604462206F7D8C203F767F425FCA8D
C:\Windows\System32\DRIVERS\tib_mounter.sys 8C750FE6DE38AF13506B99EC2F519F79
C:\Windows\system32\drivers\tpm.sys 82F909359600D3603FE852DB7F135626
C:\Windows\System32\drivers\TrueSight.sys FD44FA80DA03EA144153A76DEBBB61B4
C:\Windows\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\Windows\System32\drivers\TsUsbGD.sys 20185BEB7512EDE4EFECDFA148AC9F99
C:\Windows\system32\DRIVERS\tunnel.sys C8E0E78B5D284C2FF59BDFFDAF997242
C:\Windows\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\Windows\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\Windows\System32\drivers\ucx01000.sys 807F8CF3E973305FC435C61CBBEE2A49
C:\Windows\System32\DRIVERS\udfs.sys 1EC649F112896FAE33250F0B97AC5D0B
C:\Windows\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\Windows\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\Windows\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\Windows\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\Windows\System32\drivers\usbccgp.sys FF78D053A05E5A394F4E3C1816CC65A8
C:\Windows\System32\drivers\usbcir.sys 0139248F6B95CF0D837B5B46A2722D40
C:\Windows\System32\drivers\usbehci.sys 48BA326A3DBA5B5BEB5F2777F4618696
C:\Windows\System32\drivers\usbhub.sys FEF0BC107812B36849741C3211BA6B60
C:\Windows\System32\drivers\UsbHub3.sys FAA564A13576F9284546BF016D27B551
C:\Windows\System32\drivers\usbohci.sys 3019097FB6C985EF24C058090FF3BDBD
C:\Windows\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\Windows\System32\drivers\USBSTOR.SYS 66732C13628BDB1AB0D6FD46027327C2
C:\Windows\System32\drivers\usbuhci.sys 064260B3A5868AC894A4943543BC7AB7
C:\Windows\System32\drivers\USBXHCI.SYS 1A20F03700D2B2ED775E38D751EF2F63
C:\Windows\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\Windows\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\Windows\System32\drivers\vhdmp.sys F6ECFD6128A16A4851CFE98D4E01B011
C:\Windows\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\Windows\System32\drivers\vmbus.sys 511AD3FF957A0127E6BD336FF6F89C38
C:\Windows\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\Windows\System32\drivers\volmgr.sys 55D7D963DE85162F1C49721E502F9744
C:\Windows\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\Windows\System32\drivers\volsnap.sys 64CA2B4A49A8EAF495E435623ECCE7DB
C:\Windows\System32\drivers\vpci.sys EF31713EE4C7CCFE4049F7E7F15645A2
C:\Windows\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\Windows\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\Windows\System32\drivers\vwifibus.sys BE970C369E43B509C1EDA2B8FA7CECB0
C:\Windows\system32\DRIVERS\vwififlt.sys 6B26AD573CCDD5209DF4397438B76354
C:\Windows\system32\DRIVERS\vwifimp.sys 0B48E0DFB44EE475F4FD8A8EE599AF30
C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\Windows\system32\drivers\WdBoot.sys 1751F6B031ADAC34724511057D2E455D
C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\Windows\system32\drivers\WdFilter.sys D296D0F0DB2CD1504F90405603664493
C:\Windows\System32\Drivers\WdNisDrv.sys 9F4DF0043965808973023A9B51A11136
C:\Windows\System32\DRIVERS\wfplwfs.sys 715ABA3DD164D06457A2A3C92F6EA9D5
C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys 80D4D2866A3D1E0F281A35CC17C18666
C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09
C:\Windows\System32\DRIVERS\wpcfltr.sys A2468CC3509394A33C4C32F99563D845
C:\Windows\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\Windows\System32\drivers\WudfPf.sys 481286719402E4BAEFEA0604AB1B5113
C:\Windows\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\Windows\system32\DRIVERS\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\Windows\system32\DRIVERS\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== Three Months Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-25 18:54 - 2015-03-25 18:54 - 00035243 _____ () C:\Users\Stuxnet\Desktop\FRST.txt
2015-03-25 18:47 - 2015-03-25 18:47 - 02095616 _____ (Farbar) C:\Users\Stuxnet\Downloads\FRST64 (1).exe
2015-03-25 18:47 - 2015-03-25 18:47 - 02095616 _____ (Farbar) C:\Users\Stuxnet\Desktop\FRST64.exe
2015-03-25 18:43 - 2015-03-25 18:43 - 00145383 _____ () C:\Users\Stuxnet\Downloads\FRST.txt
2015-03-25 18:43 - 2015-03-25 18:43 - 00039816 _____ () C:\Users\Stuxnet\Downloads\Shortcut.txt
2015-03-25 18:43 - 2015-03-25 18:43 - 00022329 _____ () C:\Users\Stuxnet\Downloads\Addition.txt
2015-03-25 18:36 - 2015-03-25 18:45 - 00075522 _____ () C:\Windows\WindowsUpdate.log
2015-03-25 06:56 - 2015-03-25 06:56 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\VirtualStore
2015-03-25 06:49 - 2015-03-25 18:41 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7633FAAD-DD85-475E-B15D-531EAC9DFF04}
2015-03-25 06:41 - 2015-03-25 06:41 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\ESET
2015-03-25 06:40 - 2015-03-25 06:40 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\DiskDefrag
2015-03-25 06:17 - 2015-03-25 06:17 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Adobe
2015-03-25 06:16 - 2015-03-16 00:28 - 00118048 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2015-03-25 06:16 - 2015-03-16 00:20 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2015-03-25 06:02 - 2015-03-25 06:02 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Macromedia
2015-03-24 19:54 - 2015-03-24 19:54 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\CrashDumps
2015-03-23 05:19 - 2015-03-23 05:19 - 11796480 _____ () C:\Windows\system32\config\SYSTEM.gu
2015-03-23 05:19 - 2015-03-23 05:19 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.gu
2015-03-23 05:19 - 2015-03-23 05:19 - 00036864 _____ () C:\Windows\system32\config\SOFTWARE.gu
2015-03-23 05:18 - 2015-03-16 00:28 - 00028960 _____ (Glarysoft Ltd) C:\Windows\system32\RegBootDefrag.exe
2015-03-23 03:52 - 2015-03-23 03:52 - 00000000 ____D () C:\ProgramData\GlarySoft
2015-03-23 03:49 - 2015-03-25 14:59 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-03-23 03:49 - 2015-03-25 06:17 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\GlarySoft
2015-03-23 03:49 - 2015-03-23 03:49 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-03-23 03:49 - 2015-03-23 03:49 - 00002990 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2015-03-23 03:49 - 2015-03-23 03:49 - 00002662 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2015-03-23 03:49 - 2015-03-23 03:49 - 00002237 _____ () C:\GUDownLoaddebug.txt
2015-03-23 03:49 - 2015-03-23 03:49 - 00001271 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2015-03-23 03:49 - 2015-03-23 03:49 - 00001259 _____ () C:\Users\Public\Desktop\Registry Repair.lnk
2015-03-23 03:49 - 2015-03-23 03:49 - 00001104 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-03-23 03:49 - 2015-03-23 03:49 - 00001092 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2015-03-23 03:49 - 2015-03-23 03:49 - 00000368 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-03-23 03:49 - 2015-03-23 03:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2015-03-23 03:49 - 2015-03-23 03:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-03-23 03:49 - 2015-03-23 03:49 - 00000000 ____D () C:\Program Files (x86)\Glarysoft
2015-03-23 03:05 - 2015-03-23 03:05 - 02168320 _____ () C:\Users\Stuxnet\Downloads\adwcleaner_4.113.exe
2015-03-23 02:36 - 2015-07-24 11:57 - 00020614 _____ () C:\Windows\system32\Drivers\ibtfltcoex_wp8.cat
2015-03-23 02:36 - 2015-03-23 02:36 - 00000000 ____D () C:\Windows\system32\Drivers\Win64
2015-03-23 02:35 - 2015-03-23 02:35 - 00849522 _____ () C:\Windows\system32\Drivers\rtwavesskdy.dat
2015-03-23 02:35 - 2015-03-23 02:35 - 00463760 _____ () C:\Windows\system32\Drivers\rtwavesmapro.dat
2015-03-23 02:35 - 2015-03-23 02:35 - 00019501 _____ () C:\Windows\system32\Drivers\rtwavesmaprocap.dat
2015-03-23 02:35 - 2015-03-23 02:35 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-23 02:35 - 2015-03-23 02:35 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-03-23 02:35 - 2015-03-23 02:35 - 00000000 ____D () C:\Windows\system32\SRSLabs
2015-03-23 02:35 - 2015-03-23 02:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2015-03-23 02:35 - 2015-03-23 02:35 - 00000000 ____D () C:\Program Files\Realtek
2015-03-23 02:34 - 2015-03-23 02:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-23 02:34 - 2015-03-23 02:34 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-03-23 02:34 - 2013-08-13 18:19 - 03588184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-03-23 02:34 - 2013-08-13 14:41 - 00147160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-03-23 02:34 - 2013-08-13 13:49 - 00626293 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-03-23 02:34 - 2013-08-13 12:22 - 02796248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-03-23 02:34 - 2013-08-13 12:04 - 31171584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCORES64.dat
2015-03-23 02:34 - 2013-08-09 13:45 - 02585304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-03-23 02:34 - 2013-08-07 15:41 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-03-23 02:34 - 2013-08-06 02:56 - 06219096 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-03-23 02:34 - 2013-08-06 02:56 - 01908568 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-03-23 02:34 - 2013-08-06 02:56 - 00312152 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-03-23 02:34 - 2013-08-06 02:56 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-03-23 02:34 - 2013-08-05 16:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-03-23 02:34 - 2013-08-02 18:16 - 01005784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-03-23 02:34 - 2013-08-01 08:59 - 05694760 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-03-23 02:34 - 2013-07-30 12:04 - 00397080 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-03-23 02:34 - 2013-07-30 11:18 - 01994008 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-03-23 02:34 - 2013-07-30 11:18 - 01725720 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-03-23 02:34 - 2013-07-28 08:48 - 27518208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2015-03-23 02:34 - 2013-07-26 12:05 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-03-23 02:34 - 2013-07-24 08:07 - 02032896 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-03-23 02:34 - 2013-07-24 08:07 - 01044736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-03-23 02:34 - 2013-07-24 08:07 - 00933120 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-03-23 02:34 - 2013-07-24 08:07 - 00660224 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-03-23 02:34 - 2013-07-24 08:07 - 00650496 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-03-23 02:34 - 2013-07-23 13:40 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-03-23 02:34 - 2013-07-23 13:39 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-03-23 02:34 - 2013-07-23 13:39 - 01916672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2015-03-23 02:34 - 2013-07-23 13:39 - 01399040 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek364.dll
2015-03-23 02:34 - 2013-07-23 13:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-03-23 02:34 - 2013-07-22 14:36 - 00194816 _____ (Waves Audio) C:\Windows\system32\MaxxAudioVienna264.dll
2015-03-23 02:34 - 2013-06-05 19:42 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-03-23 02:34 - 2013-04-24 15:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-03-23 02:34 - 2013-04-23 12:54 - 00154184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkXInterface64.dll
2015-03-23 02:34 - 2013-02-20 16:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-03-23 02:34 - 2013-01-11 14:27 - 00628504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2015-03-23 02:34 - 2013-01-11 14:27 - 00563992 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2015-03-23 02:34 - 2012-11-14 09:41 - 00378000 _____ (Realtek Semiconductor) C:\Windows\system32\RtkGuiCompLib.dll
2015-03-23 02:34 - 2012-08-31 17:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-03-23 02:34 - 2012-08-31 17:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-03-23 02:34 - 2012-08-31 17:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-03-23 02:34 - 2012-08-31 17:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-03-23 02:34 - 2012-08-31 17:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-03-23 02:34 - 2012-07-15 19:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-03-23 02:34 - 2012-06-08 14:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2015-03-23 02:34 - 2012-06-08 14:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2015-03-23 02:34 - 2012-03-08 09:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-03-23 02:34 - 2011-12-20 13:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-03-23 02:34 - 2011-12-16 12:57 - 00065112 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll
2015-03-23 02:34 - 2011-11-22 14:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-03-23 02:34 - 2010-11-08 05:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-03-23 02:34 - 2010-11-08 05:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-03-23 02:34 - 2010-11-08 05:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-03-23 02:34 - 2010-11-08 05:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-03-23 02:34 - 2010-11-08 05:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-03-23 02:34 - 2010-11-08 05:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-03-23 02:34 - 2010-11-03 16:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-03-23 02:34 - 2010-09-27 07:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-03-23 02:34 - 2009-11-24 07:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-03-23 02:34 - 2009-11-24 07:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-03-23 02:34 - 2009-11-24 07:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-03-23 02:34 - 2009-11-24 07:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-03-23 02:34 - 2009-11-18 05:13 - 00060504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll
2015-03-23 02:33 - 2015-03-23 02:36 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-03-23 02:33 - 2015-03-23 02:33 - 00001536 _____ () C:\Windows\SysWOW64\RtkMsgs.dll
2015-03-23 02:33 - 2013-08-08 17:57 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-03-23 00:38 - 2015-03-23 00:42 - 149589776 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\XPS-8700_Network_Driver_NC1YV_WN_16.1.0.7_A00.EXE
2015-03-23 00:36 - 2015-03-23 00:41 - 160828136 _____ () C:\Users\Stuxnet\Downloads\Dell_Backup_and_Recovery_1.7.5.64.exe
2015-03-23 00:36 - 2015-03-23 00:39 - 39199256 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\XPS-8700_Communications_Driver_32KKW_WN_3.1.1307_A00.EXE
2015-03-23 00:36 - 2015-03-23 00:37 - 13942144 _____ () C:\Users\Stuxnet\Downloads\XPS_8700_BIOS_A10.EXE
2015-03-23 00:35 - 2015-03-23 00:35 - 00000000 ____D () C:\Program Files (x86)\Dell Update
2015-03-23 00:34 - 2015-03-23 02:33 - 00000000 ____D () C:\Dell
2015-03-23 00:34 - 2015-03-23 00:41 - 231285744 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\XPS-8700_Audio_Driver_N4TKF_WN_6.0.1.7016_A00.EXE
2015-03-23 00:34 - 2015-03-23 00:39 - 202126192 _____ () C:\Users\Stuxnet\Downloads\Audio_CREATIVE_W7_W8_W81_A00_Setup-241T2_ZPE.exe
2015-03-23 00:34 - 2015-03-23 00:34 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2015-03-23 00:33 - 2015-03-23 00:33 - 01295912 _____ () C:\Users\Stuxnet\Downloads\DellDigitalDelivery.2.9.901.0_Install_ZPE.exe
2015-03-22 23:02 - 2015-03-23 05:11 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\NVIDIA Corporation
2015-03-22 23:02 - 2015-03-22 23:03 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\NVIDIA
2015-03-22 23:02 - 2015-03-22 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-22 23:02 - 2015-03-13 12:41 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-22 23:02 - 2015-03-13 12:41 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-22 23:02 - 2015-03-13 12:41 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-22 23:02 - 2015-03-13 12:41 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-22 23:01 - 2015-03-22 23:03 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-03-22 23:01 - 2015-03-22 23:02 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-22 23:01 - 2015-03-13 12:41 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-03-22 23:01 - 2015-03-13 12:41 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-03-22 23:01 - 2015-03-13 09:16 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-22 23:01 - 2015-03-13 09:16 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-22 23:01 - 2015-03-13 09:16 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-22 23:01 - 2015-03-13 09:16 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-22 23:01 - 2015-03-13 09:16 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-22 23:01 - 2015-03-13 09:16 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-22 23:01 - 2015-03-13 08:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-22 23:01 - 2015-03-11 06:10 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-03-22 23:00 - 2015-03-13 12:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-22 23:00 - 2015-03-13 12:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-03-22 23:00 - 2015-03-13 12:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-03-22 23:00 - 2015-03-13 12:41 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-22 22:54 - 2015-03-22 22:54 - 00000000 ____D () C:\Users\Stuxnet\Downloads\x64
2015-03-22 22:53 - 2015-03-22 22:54 - 00000000 ____D () C:\Users\Stuxnet\Downloads\settings
2015-03-22 22:53 - 2015-03-22 22:53 - 01176850 _____ (Igor Pavlov) C:\Users\Stuxnet\Downloads\DDU v14.1.0.0.exe
2015-03-22 22:53 - 2015-03-19 08:31 - 01815552 _____ () C:\Users\Stuxnet\Downloads\Display Driver Uninstaller.exe
2015-03-22 22:53 - 2015-03-19 08:31 - 00214528 _____ () C:\Users\Stuxnet\Downloads\Display Driver Uninstaller.pdb
2015-03-22 22:51 - 2015-03-22 22:51 - 00000318 _____ () C:\Users\Stuxnet\Desktop\The nvlddmkm error - What is it An FYI for those seeing this issue - GeForce Forums.url
2015-03-22 22:50 - 2015-03-22 22:54 - 309143408 _____ (NVIDIA Corporation) C:\Users\Stuxnet\Downloads\347.88-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-03-22 22:39 - 2015-03-22 22:39 - 00000000 _____ () C:\Windows\SysWOW64\REN6F3F.tmp
2015-03-22 22:38 - 2015-03-22 22:38 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-22 22:17 - 2015-03-23 05:11 - 00000000 ____D () C:\ProgramData\Acronis
2015-03-22 22:17 - 2015-03-22 22:17 - 01462560 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2015-03-22 22:17 - 2015-03-22 22:17 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2015-03-22 22:17 - 2015-03-22 22:17 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2015-03-22 22:17 - 2015-03-22 22:17 - 00233760 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2015-03-22 22:17 - 2015-03-22 22:17 - 00183224 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2015-03-22 22:17 - 2015-03-22 22:17 - 00108832 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2015-03-22 22:17 - 2015-03-22 22:17 - 00001217 _____ () C:\Users\Public\Desktop\True Image 2013.lnk
2015-03-22 22:17 - 2015-03-22 22:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-03-22 22:16 - 2015-03-22 22:16 - 00000000 ____D () C:\Program Files (x86)\Acronis
2015-03-22 22:09 - 2015-03-22 22:09 - 00000000 _____ () C:\Windows\SysWOW64\REN9EC5.tmp
2015-03-22 22:02 - 2015-03-22 22:02 - 00000000 _____ () C:\Windows\SysWOW64\REN149E.tmp
2015-03-22 21:57 - 2015-03-22 21:57 - 00000000 _____ () C:\Windows\SysWOW64\RENA35E.tmp
2015-03-22 15:26 - 2015-03-25 18:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-22 15:23 - 2015-03-22 23:02 - 00001363 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-03-22 15:18 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-03-22 15:18 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-03-22 15:18 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-03-22 15:18 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-03-22 15:18 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-03-22 15:18 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-03-22 15:18 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-03-22 15:18 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-03-22 15:18 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-03-22 15:18 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-03-22 15:18 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-03-22 15:18 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-03-22 15:17 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-03-22 15:17 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-03-22 15:17 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-03-22 15:17 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-03-22 15:17 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-03-22 15:17 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-03-22 15:17 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-03-22 15:17 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-03-22 15:17 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-03-22 15:17 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-03-22 15:17 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-03-22 15:17 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-03-22 15:17 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-03-22 15:17 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-03-22 15:17 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-03-22 15:17 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-03-22 15:17 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-03-22 15:17 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-03-22 15:17 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-03-22 15:17 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-03-22 15:17 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-03-22 15:17 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-03-22 15:17 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-03-22 15:17 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-03-22 15:17 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-03-22 15:17 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-03-22 15:17 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-03-22 15:17 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-03-22 15:17 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-03-22 15:17 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-03-22 15:17 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-03-22 15:17 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-03-22 15:17 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-03-22 15:17 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-03-22 15:17 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-03-22 15:17 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-03-22 15:17 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-03-22 15:17 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-03-22 15:17 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-03-22 15:17 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-03-22 15:17 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-03-22 15:17 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-03-22 15:17 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-03-22 15:17 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-03-22 15:17 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-03-22 15:17 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-03-22 15:17 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-03-22 15:17 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-03-22 15:17 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-03-22 15:17 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-03-22 15:17 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-03-22 15:17 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-03-22 15:17 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-03-22 15:17 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-03-22 15:17 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-03-22 15:17 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-03-22 15:17 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-03-22 15:17 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-03-22 15:17 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-03-22 15:17 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-03-22 15:17 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-03-22 15:17 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-03-22 15:17 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-03-22 15:17 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-03-22 15:17 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-03-22 15:17 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-03-22 15:17 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-03-22 15:17 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-03-22 15:17 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-03-22 15:17 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-03-22 15:17 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-03-22 15:17 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-03-22 15:17 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-03-22 15:17 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-03-22 15:17 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-03-22 15:17 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-03-22 15:17 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-03-22 15:17 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-03-22 15:17 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-03-22 15:17 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-03-22 15:17 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-03-22 15:17 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-03-22 15:17 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-03-22 15:17 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-03-22 15:17 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-03-22 15:17 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-03-22 15:17 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-03-22 15:17 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-03-22 15:17 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-03-22 15:17 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-03-22 15:17 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-03-22 15:17 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-03-22 15:17 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-03-22 15:17 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-03-22 15:17 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-03-22 15:17 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-03-22 15:17 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-03-22 15:17 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-03-22 15:17 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-03-22 15:17 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-03-22 15:17 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-03-22 15:17 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-03-22 15:17 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-03-22 15:17 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-03-22 15:17 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-03-22 15:17 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-03-22 15:17 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-03-22 15:17 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-03-22 15:17 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-03-22 15:17 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-03-22 15:17 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-03-22 15:17 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-03-22 15:17 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-03-22 15:17 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-03-22 15:17 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-03-22 15:17 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-03-22 15:17 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-03-22 15:17 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-03-22 15:17 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-03-22 15:17 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-03-22 15:17 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-03-22 15:17 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-03-22 15:17 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-03-22 15:17 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-03-22 15:17 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-03-22 15:17 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-03-22 15:17 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-03-22 15:17 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-03-22 15:17 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-03-22 15:17 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-03-22 15:17 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-03-22 15:17 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-03-22 15:17 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-03-22 15:17 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-03-22 15:17 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-03-22 15:17 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-03-22 15:17 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-03-22 15:17 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-03-22 15:16 - 2015-03-22 22:17 - 00000000 ____D () C:\NVIDIA
2015-03-22 15:15 - 2015-03-22 15:15 - 00000000 _____ () C:\Windows\SysWOW64\REN82F9.tmp
2015-03-22 15:13 - 2015-03-22 15:18 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-22 15:13 - 2015-03-22 15:16 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-03-22 15:11 - 2015-03-22 15:11 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Western_Digital_Technolog
2015-03-22 15:11 - 2015-03-22 15:11 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Western Digital
2015-03-22 15:10 - 2015-03-25 18:42 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2015-03-22 15:10 - 2015-03-22 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-03-22 15:09 - 2015-03-23 05:11 - 00000000 ____D () C:\ProgramData\Western Digital
2015-03-22 15:09 - 2015-03-22 15:09 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-22 15:09 - 2015-03-22 15:09 - 00000000 ____D () C:\Program Files\Western Digital
2015-03-22 15:09 - 2015-03-22 15:09 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2015-03-22 15:09 - 2015-03-22 15:09 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2015-03-22 15:07 - 2015-03-22 15:06 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-22 15:06 - 2015-03-22 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-22 15:06 - 2015-03-22 15:06 - 00000000 ____D () C:\Program Files\Java
2015-03-22 14:59 - 2015-03-24 22:09 - 00003064 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-03-22 14:59 - 2015-03-24 22:09 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-03-22 14:59 - 2015-03-22 14:59 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-03-22 14:59 - 2015-03-22 14:59 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-03-22 14:59 - 2015-03-22 14:59 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-03-22 14:59 - 2015-03-22 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2015-03-22 14:58 - 2015-03-22 14:58 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2015-03-22 14:55 - 2015-03-22 14:55 - 00000000 ____D () C:\ProgramData\Sun
2015-03-22 14:54 - 2015-03-22 22:41 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-22 12:07 - 2015-03-22 12:07 - 00000021 _____ () C:\folders.log
2015-03-22 12:07 - 2015-03-22 12:07 - 00000000 ____D () C:\zoek
2015-03-22 12:00 - 2015-03-22 12:10 - 00005417 _____ () C:\zoek-results.log
2015-03-22 11:58 - 2015-03-22 12:10 - 00003169 _____ () C:\runcheck.txt
2015-03-22 11:58 - 2015-03-22 12:08 - 00000000 ____D () C:\zoek_backup
2015-03-22 11:31 - 2015-03-22 11:31 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-03-22 11:26 - 2015-03-22 11:26 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Stuxnet\Desktop\iExplore64.exe
2015-03-22 11:23 - 2015-03-23 03:07 - 00000000 ____D () C:\AdwCleaner
2015-03-22 11:22 - 2015-03-25 18:54 - 00000000 ____D () C:\FRST
2015-03-22 10:56 - 2015-03-22 10:56 - 00000000 ____D () C:\rsit
2015-03-22 10:56 - 2015-03-22 10:56 - 00000000 ____D () C:\Program Files (x86)\trend micro
2015-03-22 10:53 - 2015-03-22 10:53 - 00139264 _____ () C:\Users\Stuxnet\Downloads\SystemLook.exe
2015-03-22 10:52 - 2015-03-22 10:52 - 01107968 _____ () C:\Users\Stuxnet\Downloads\RSIT.exe
2015-03-22 07:55 - 2015-03-22 07:55 - 00000017 _____ () C:\Users\Stuxnet\AppData\Local\resmon.resmoncfg
2015-03-22 07:33 - 2015-03-22 07:33 - 00402944 _____ (Farbar) C:\Users\Stuxnet\Downloads\MiniToolBox.exe
2015-03-21 14:11 - 2015-03-23 05:11 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-21 14:11 - 2015-03-21 14:11 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-21 14:11 - 2015-03-21 14:11 - 00000000 _____ () C:\Users\Stuxnet\defogger_reenable
2015-03-21 08:08 - 2015-03-25 14:59 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\vlc
2015-03-21 08:04 - 2015-03-21 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-21 08:04 - 2015-03-21 08:04 - 00000000 ____D () C:\Program Files\VideoLAN
2015-03-21 08:03 - 2015-03-25 04:51 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\IrfanView
2015-03-21 08:03 - 2015-03-21 08:03 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2015-03-21 01:54 - 2015-03-21 01:55 - 143688440 _____ (Microsoft Corporation) C:\Users\Stuxnet\Downloads\msert.exe
2015-03-21 01:34 - 2015-03-21 01:38 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-21 01:34 - 2015-03-21 01:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-21 01:33 - 2015-03-25 18:50 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-21 01:33 - 2015-03-25 18:37 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-21 01:33 - 2015-03-25 09:33 - 00000546 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 223092e3-c8fb-4351-8f58-2843d5cc781a.job
2015-03-21 01:33 - 2015-03-23 05:11 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Google
2015-03-21 01:33 - 2015-03-23 05:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-21 01:33 - 2015-03-21 01:40 - 00003674 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-21 01:33 - 2015-03-21 01:33 - 00003904 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-21 01:33 - 2015-03-21 01:33 - 00003622 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1a5d70d0-4f82-42cf-afec-86b55aaf15ec
2015-03-21 01:33 - 2015-03-21 01:33 - 00003540 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 223092e3-c8fb-4351-8f58-2843d5cc781a
2015-03-21 01:33 - 2015-03-21 01:33 - 00001820 _____ () C:\Users\Stuxnet\Desktop\SUPERAntiSpyware Professional.lnk
2015-03-21 01:33 - 2015-03-21 01:33 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-21 01:33 - 2015-03-21 01:33 - 00000546 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1a5d70d0-4f82-42cf-afec-86b55aaf15ec.job
2015-03-21 01:33 - 2015-03-21 01:33 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\SUPERAntiSpyware.com
2015-03-21 01:33 - 2015-03-21 01:33 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-03-21 01:33 - 2015-03-21 01:33 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-03-21 00:20 - 2015-03-21 00:20 - 00050477 _____ () C:\Users\Stuxnet\Downloads\Defogger.exe
2015-03-20 23:14 - 2015-03-20 23:16 - 15648856 _____ () C:\Users\Stuxnet\Downloads\RogueKiller.exe
2015-03-20 23:08 - 2015-03-25 06:42 - 00000000 ____D () C:\EEK
2015-03-20 23:08 - 2015-03-22 11:21 - 00000755 _____ () C:\Users\Stuxnet\Desktop\Start Emsisoft Emergency Kit.lnk
2015-03-20 23:02 - 2015-03-25 06:43 - 00002718 _____ () C:\Users\Stuxnet\Desktop\Rkill.txt
2015-03-20 23:00 - 2015-03-20 23:00 - 21459512 _____ (SUPERAntiSpyware) C:\Users\Stuxnet\Downloads\SUPERAntiSpywarePro.exe
2015-03-20 23:00 - 2015-03-20 23:00 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Stuxnet\Downloads\lkldfkff.com.exe
2015-03-20 22:54 - 2015-03-20 22:54 - 00000000 ____D () C:\Users\Stuxnet\Documents\WPA Files
2015-03-20 22:50 - 2015-03-23 00:33 - 00000000 ____D () C:\q
2015-03-20 22:50 - 2015-03-20 22:50 - 00464491 _____ () C:\Users\Stuxnet\Downloads\RootRepeal.zip
2015-03-20 22:46 - 2015-03-20 22:46 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Stuxnet\Downloads\rkill.com
2015-03-20 22:46 - 2015-03-20 22:46 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Stuxnet\Desktop\iExplore.exe
2015-03-20 22:45 - 2015-03-20 22:48 - 164788416 _____ () C:\Users\Stuxnet\Downloads\EmsisoftEmergencyKit.exe
2015-03-20 22:45 - 2015-03-20 22:45 - 02095616 _____ (Farbar) C:\Users\Stuxnet\Downloads\FRST64.exe
2015-03-20 02:28 - 2015-03-24 19:35 - 00000000 ____D () C:\Users\MSSQL$ADK
2015-03-20 02:28 - 2015-03-20 02:28 - 00000020 ___SH () C:\Users\MSSQL$ADK\ntuser.ini
2015-03-20 02:28 - 2015-03-18 03:39 - 00000000 ___RD () C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-20 02:28 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-20 02:28 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-20 02:28 - 2014-11-21 01:52 - 00000369 _____ () C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-20 02:28 - 2014-11-21 01:52 - 00000369 _____ () C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-20 02:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-20 02:28 - 2012-02-11 10:08 - 00147032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hadrres.dll
2015-03-20 02:28 - 2012-02-11 10:08 - 00069208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fssres.dll
2015-03-20 02:28 - 2012-02-11 10:03 - 00082520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$ADK-sqlctr11.0.2100.60.dll
2015-03-20 02:28 - 2012-02-11 10:02 - 00045656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL11.ADK-sqlagtctr.dll
2015-03-20 02:27 - 2015-03-20 02:27 - 00000000 ____D () C:\Windows\SysWOW64\1033
2015-03-20 02:27 - 2015-03-20 02:27 - 00000000 ____D () C:\Windows\system32\1033
2015-03-20 02:27 - 2015-03-20 02:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2015-03-20 02:27 - 2015-03-20 02:27 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-03-20 02:27 - 2015-03-20 02:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2015-03-20 02:26 - 2015-03-20 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
2015-03-20 02:26 - 2015-03-20 02:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-03-20 02:23 - 2015-03-20 02:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-03-20 02:23 - 2015-03-20 02:23 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2015-03-20 01:52 - 2015-03-20 01:53 - 01219152 _____ (Microsoft Corporation) C:\Users\Stuxnet\Downloads\adksetup.exe
2015-03-20 01:07 - 2015-03-20 01:07 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\ESET
2015-03-20 01:06 - 2015-03-20 01:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-03-20 01:06 - 2015-03-20 01:06 - 00000000 ____D () C:\ProgramData\ESET
2015-03-20 01:06 - 2015-03-20 01:06 - 00000000 ____D () C:\Program Files\ESET
2015-03-20 00:53 - 2015-03-23 05:11 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Mozilla
2015-03-20 00:53 - 2015-03-20 00:53 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Mozilla
2015-03-20 00:53 - 2015-03-20 00:53 - 00000000 ____D () C:\ProgramData\Mozilla
2015-03-19 23:47 - 2015-03-19 23:47 - 00000000 _____ () C:\Users\Stuxnet\agent.log
2015-03-19 23:45 - 2015-03-25 05:55 - 00003486 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-03-19 23:45 - 2015-03-23 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-03-19 23:45 - 2015-03-19 23:45 - 00000000 ____D () C:\ProgramData\PCDr
2015-03-19 23:45 - 2015-03-19 23:45 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-03-19 23:45 - 2015-03-19 23:45 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-03-19 23:45 - 2015-03-19 23:45 - 00000000 ____D () C:\Program Files\Dell
2015-03-19 23:43 - 2015-03-22 23:02 - 00000000 ____D () C:\temp
2015-03-19 23:43 - 2015-03-19 23:43 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\PCDr
2015-03-19 23:36 - 2013-11-15 00:42 - 00012064 _____ (NVIDIA Corporation) C:\Windows\system32\NVMUPEventMsg.dll
2015-03-19 23:33 - 2015-03-19 23:33 - 00000000 ____D () C:\Windows\nvmup
2015-03-19 23:29 - 2015-03-20 02:28 - 01000894 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-19 23:26 - 2015-03-19 23:29 - 273798752 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\Video_Driver_77P69_WN_9.18.13.3185_A00 (1).EXE
2015-03-19 23:26 - 2015-03-19 23:26 - 23925040 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\XPS-8700_Serial-ATA_Driver_89G40_WN_12.8.0.1016_A00.EXE
2015-03-19 23:25 - 2015-03-23 05:11 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Apps\2.0
2015-03-19 23:25 - 2015-03-19 23:25 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2015-03-19 23:25 - 2015-03-19 23:25 - 00000000 _____ () C:\Windows\SysWOW64\agent.log
2015-03-19 23:23 - 2015-03-23 05:11 - 00000000 ____D () C:\ProgramData\Intel
2015-03-19 23:23 - 2015-03-19 23:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-03-19 23:23 - 2015-03-19 23:28 - 00000000 ____D () C:\Program Files\Intel
2015-03-19 23:23 - 2013-08-09 02:25 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-03-19 23:22 - 2015-03-19 23:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-03-19 23:22 - 2013-08-09 02:25 - 00099288 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-03-19 23:20 - 2015-03-23 02:35 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-03-19 23:20 - 2013-07-16 06:32 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-03-19 23:19 - 2015-03-23 05:11 - 00000000 ____D () C:\ProgramData\Dell
2015-03-19 23:19 - 2015-03-19 23:20 - 113815799 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\Video_Driver_77P69_WN_9.18.13.3185_A00.EXE.i400cp5.partial
2015-03-19 23:18 - 2015-03-19 23:19 - 65140544 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\XPS-8700_Chipset_Driver_VW876_WN_9.5.13.1706_A00.EXE
2015-03-19 23:18 - 2015-03-19 23:18 - 12170088 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\XPS-8700_Chipset_Driver_V2D47_WN_9.4.0.1021_A00.EXE
2015-03-19 23:14 - 2015-03-19 23:14 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Intel
2015-03-19 23:13 - 2015-03-19 23:13 - 00001182 _____ () C:\Users\Public\Desktop\Intel® Driver Update Utility 2.0.lnk
2015-03-19 23:13 - 2015-03-19 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-03-19 23:13 - 2015-03-19 23:13 - 00000000 ____D () C:\Program Files (x86)\Intel Driver Update Utility
2015-03-19 23:12 - 2015-03-19 23:12 - 02333416 _____ (Intel) C:\Users\Stuxnet\Downloads\Intel Driver Update Utility Installer.exe
2015-03-18 04:49 - 2015-03-18 04:49 - 00001937 _____ () C:\Users\Stuxnet\Desktop\Heroes of Newerth.lnk
2015-03-18 04:49 - 2015-03-18 04:49 - 00000000 ____D () C:\Users\Stuxnet\Documents\Heroes of Newerth
2015-03-18 04:49 - 2015-03-18 04:49 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2015-03-18 04:49 - 2015-03-18 04:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2015-03-18 04:11 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-03-18 04:11 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-03-18 04:11 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-03-18 04:11 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-03-18 04:10 - 2015-03-25 01:43 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth
2015-03-18 04:10 - 2015-03-18 04:10 - 19956704 _____ () C:\Users\Stuxnet\Downloads\HoNClient.exe
2015-03-18 04:01 - 2015-03-18 04:01 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2015-03-18 04:00 - 2014-11-17 13:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-03-18 04:00 - 2014-11-17 13:17 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-03-18 04:00 - 2014-11-15 12:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-18 04:00 - 2014-11-14 23:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-18 04:00 - 2014-11-14 07:36 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-03-18 04:00 - 2014-11-14 00:10 - 03558400 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-03-18 04:00 - 2014-11-13 23:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-03-18 04:00 - 2014-11-13 23:58 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-03-18 04:00 - 2014-11-13 23:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-03-18 04:00 - 2014-11-13 23:57 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-03-18 04:00 - 2014-11-13 23:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2015-03-18 04:00 - 2014-11-13 23:54 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-03-18 04:00 - 2014-11-13 23:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-03-18 04:00 - 2014-11-13 23:53 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-03-18 04:00 - 2014-11-13 23:52 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-03-18 04:00 - 2014-11-13 23:46 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-03-18 04:00 - 2014-11-13 23:39 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-03-18 04:00 - 2014-11-13 22:04 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-03-18 04:00 - 2014-11-13 22:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-03-18 04:00 - 2014-11-13 22:03 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-03-18 04:00 - 2014-11-13 22:01 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-03-18 04:00 - 2014-11-13 22:01 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-03-18 04:00 - 2014-11-10 11:06 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-03-18 04:00 - 2014-11-10 11:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-03-18 04:00 - 2014-11-10 11:06 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-03-18 04:00 - 2014-11-10 11:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-03-18 04:00 - 2014-11-09 19:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-03-18 04:00 - 2014-11-09 18:37 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-03-18 04:00 - 2014-11-09 18:34 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-03-18 04:00 - 2014-11-09 18:26 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-03-18 04:00 - 2014-11-09 18:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-03-18 04:00 - 2014-11-09 18:09 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-03-18 04:00 - 2014-11-09 18:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-03-18 04:00 - 2014-11-09 18:06 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-03-18 04:00 - 2014-11-09 17:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-03-18 04:00 - 2014-11-09 17:57 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-03-18 04:00 - 2014-11-07 21:00 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-03-18 04:00 - 2014-11-07 21:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2015-03-18 04:00 - 2014-11-07 20:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2015-03-18 04:00 - 2014-11-07 20:58 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-03-18 04:00 - 2014-11-07 20:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2015-03-18 04:00 - 2014-11-07 20:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2015-03-18 04:00 - 2014-11-07 20:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2015-03-18 04:00 - 2014-11-07 20:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-03-18 04:00 - 2014-11-07 20:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2015-03-18 04:00 - 2014-11-07 20:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2015-03-18 04:00 - 2014-11-07 20:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2015-03-18 04:00 - 2014-11-07 19:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2015-03-18 04:00 - 2014-11-07 19:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-03-18 04:00 - 2014-11-07 19:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-03-18 04:00 - 2014-11-07 19:09 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-03-18 04:00 - 2014-11-07 19:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-03-18 04:00 - 2014-11-07 18:59 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-03-18 04:00 - 2014-11-07 18:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-03-18 04:00 - 2014-11-07 18:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-03-18 04:00 - 2014-11-06 20:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-03-18 04:00 - 2014-11-06 20:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-03-18 04:00 - 2014-11-04 19:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2015-03-18 04:00 - 2014-11-04 19:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2015-03-18 04:00 - 2014-11-04 19:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-03-18 04:00 - 2014-11-04 18:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-03-18 04:00 - 2014-11-04 18:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-03-18 04:00 - 2014-11-04 18:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-03-18 04:00 - 2014-11-04 18:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2015-03-18 04:00 - 2014-11-04 18:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2015-03-18 04:00 - 2014-11-04 18:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-03-18 04:00 - 2014-11-04 18:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-03-18 04:00 - 2014-11-04 18:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-03-18 04:00 - 2014-11-04 18:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-03-18 04:00 - 2014-11-04 18:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-03-18 04:00 - 2014-11-04 18:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-03-18 04:00 - 2014-11-04 12:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-03-18 04:00 - 2014-11-04 12:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-03-18 04:00 - 2014-11-04 12:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-03-18 04:00 - 2014-11-03 23:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-03-18 04:00 - 2014-11-03 23:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-03-18 04:00 - 2014-11-03 23:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-03-18 04:00 - 2014-11-03 23:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-03-18 04:00 - 2014-11-03 23:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-03-18 04:00 - 2014-11-03 22:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-03-18 04:00 - 2014-10-30 17:51 - 18823168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-03-18 04:00 - 2014-10-30 17:10 - 15158784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-03-18 04:00 - 2014-10-28 20:05 - 00551232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-03-18 04:00 - 2014-10-28 18:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-03-18 04:00 - 2014-10-28 18:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-03-18 04:00 - 2014-10-20 18:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2015-03-18 04:00 - 2014-10-20 18:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2015-03-18 04:00 - 2014-10-20 17:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-03-18 04:00 - 2014-10-20 17:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-03-18 04:00 - 2014-10-20 17:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-03-18 04:00 - 2014-10-20 17:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-03-18 04:00 - 2014-10-20 17:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-03-18 04:00 - 2014-10-18 01:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-03-18 04:00 - 2014-10-18 01:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-03-18 04:00 - 2014-10-18 00:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-03-18 04:00 - 2014-10-17 23:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-03-18 04:00 - 2014-10-16 21:56 - 00238912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-03-18 04:00 - 2014-10-16 21:56 - 00153920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-03-18 04:00 - 2014-10-16 21:56 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-03-18 04:00 - 2014-10-16 20:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-03-18 04:00 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-03-18 04:00 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-03-18 03:59 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-03-18 03:59 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-03-18 03:54 - 2015-03-18 03:54 - 09882112 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUStoricon.dll
2015-03-18 03:54 - 2015-03-18 03:54 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-03-18 03:54 - 2015-03-18 03:54 - 00422504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStor.dll
2015-03-18 03:54 - 2015-03-18 03:54 - 00243712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2015-03-18 03:48 - 2015-03-18 03:48 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\DHAgent
2015-03-18 03:46 - 2015-03-18 03:46 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-03-18 03:46 - 2015-03-18 03:46 - 00000000 ____D () C:\Program Files\MSBuild
2015-03-18 03:46 - 2015-03-18 03:46 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-03-18 03:46 - 2015-03-18 03:46 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-18 03:44 - 2013-08-02 21:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-03-18 03:44 - 2013-08-02 21:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-18 03:44 - 2013-08-02 21:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-03-18 03:44 - 2013-08-02 21:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-18 03:39 - 2015-03-18 03:39 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-18 03:34 - 2015-03-18 03:34 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-18 03:33 - 2015-03-11 18:48 - 122905856 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-18 03:28 - 2015-03-22 23:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-18 03:23 - 2015-03-05 19:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-18 03:23 - 2015-03-05 19:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-18 03:23 - 2015-02-25 16:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-18 03:23 - 2015-02-06 16:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-18 03:23 - 2015-02-03 16:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-18 03:23 - 2015-02-03 16:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-18 03:23 - 2015-02-03 16:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-18 03:23 - 2015-02-02 16:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-18 03:23 - 2015-02-02 16:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-18 03:23 - 2015-01-28 18:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-18 03:23 - 2015-01-28 18:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-18 03:23 - 2015-01-26 20:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-18 03:23 - 2015-01-23 18:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-18 03:23 - 2015-01-23 00:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-18 03:23 - 2015-01-22 22:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-18 03:23 - 2015-01-15 15:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-18 03:23 - 2015-01-15 15:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-18 03:23 - 2015-01-13 21:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-03-18 03:23 - 2015-01-13 20:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-03-18 03:23 - 2014-12-19 01:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-18 03:23 - 2014-12-19 01:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-18 03:23 - 2014-12-08 18:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-03-18 03:23 - 2014-11-09 19:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-03-18 03:23 - 2014-11-09 18:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-03-18 03:23 - 2014-10-30 16:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-18 03:23 - 2014-10-30 16:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-18 03:22 - 2015-02-20 17:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-18 03:22 - 2015-02-20 17:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-18 03:22 - 2015-02-20 17:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-18 03:22 - 2015-02-20 16:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-18 03:22 - 2015-02-20 16:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-18 03:22 - 2015-02-19 20:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-18 03:22 - 2015-02-19 19:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-18 03:22 - 2015-02-19 19:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-18 03:22 - 2015-02-19 19:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-18 03:22 - 2015-02-19 19:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-18 03:22 - 2015-02-19 19:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-18 03:22 - 2015-02-19 19:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-18 03:22 - 2015-02-19 19:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-18 03:22 - 2015-02-19 19:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-18 03:22 - 2015-02-19 19:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-18 03:22 - 2015-02-19 19:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-18 03:22 - 2015-02-19 19:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-18 03:22 - 2015-02-19 19:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-18 03:22 - 2015-02-19 18:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-18 03:22 - 2015-02-19 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-18 03:22 - 2015-02-19 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-18 03:22 - 2015-02-19 18:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-18 03:22 - 2015-02-19 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-18 03:22 - 2015-02-19 18:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-18 03:22 - 2015-02-19 18:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-18 03:22 - 2015-02-19 18:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-18 03:22 - 2015-02-19 18:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-18 03:22 - 2015-02-19 18:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-18 03:22 - 2015-02-19 18:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-18 03:22 - 2015-02-19 18:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-18 03:22 - 2015-02-19 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-18 03:22 - 2015-02-19 18:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-18 03:22 - 2015-02-19 17:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-18 03:22 - 2015-02-19 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-18 03:22 - 2015-02-05 18:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-18 03:22 - 2015-02-05 18:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-18 03:22 - 2015-02-05 13:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-18 03:22 - 2015-02-03 16:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-18 03:22 - 2015-02-03 16:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-18 03:22 - 2015-02-03 16:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-18 03:22 - 2015-02-02 17:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-18 03:22 - 2015-02-02 17:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-18 03:22 - 2015-02-02 16:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-18 03:22 - 2015-02-02 16:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-18 03:22 - 2015-02-02 16:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-18 03:22 - 2015-01-30 16:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-18 03:22 - 2015-01-30 16:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-18 03:22 - 2015-01-30 16:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-18 03:22 - 2015-01-29 20:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-18 03:22 - 2015-01-29 20:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-03-18 03:22 - 2015-01-29 19:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-18 03:22 - 2015-01-29 19:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-18 03:22 - 2015-01-29 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-18 03:22 - 2015-01-29 18:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-18 03:22 - 2015-01-29 18:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-18 03:22 - 2015-01-28 18:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-18 03:22 - 2015-01-28 18:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-18 03:22 - 2015-01-28 18:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-18 03:22 - 2015-01-28 18:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-18 03:22 - 2015-01-28 17:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-18 03:22 - 2015-01-28 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-18 03:22 - 2015-01-28 17:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-18 03:22 - 2015-01-28 17:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-18 03:22 - 2015-01-28 08:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-18 03:22 - 2015-01-28 08:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-18 03:22 - 2015-01-28 08:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-18 03:22 - 2015-01-27 19:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-18 03:22 - 2015-01-27 18:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-18 03:22 - 2015-01-26 21:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-18 03:22 - 2015-01-26 19:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-18 03:22 - 2015-01-19 11:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-03-18 03:22 - 2015-01-11 18:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-18 03:22 - 2015-01-11 18:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-18 03:22 - 2014-12-18 23:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-03-18 03:22 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-18 03:22 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-03-18 03:22 - 2014-12-11 19:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-03-18 03:22 - 2014-12-11 17:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-03-18 03:22 - 2014-12-08 20:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-03-18 03:22 - 2014-12-08 18:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-18 03:22 - 2014-12-05 20:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-03-18 03:22 - 2014-12-05 18:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-03-18 03:22 - 2014-12-02 16:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-18 03:22 - 2014-11-21 19:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-18 03:22 - 2014-11-21 19:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-18 03:22 - 2014-10-28 19:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-03-18 03:22 - 2014-10-28 19:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-03-18 03:22 - 2014-10-28 18:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-03-18 03:22 - 2014-10-28 18:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-03-18 03:22 - 2014-10-28 18:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-03-18 03:22 - 2014-10-28 18:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-03-18 03:22 - 2014-10-28 18:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-03-18 03:22 - 2014-10-28 18:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-03-18 03:21 - 2015-02-20 18:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-18 03:21 - 2015-02-20 17:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-18 03:21 - 2015-02-19 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-18 03:21 - 2015-02-19 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-18 03:21 - 2015-02-19 18:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-18 03:21 - 2015-02-19 18:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-18 03:21 - 2015-02-19 18:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-18 03:21 - 2015-02-12 10:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-18 03:21 - 2015-02-12 10:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-18 03:21 - 2015-02-07 16:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-18 03:21 - 2015-02-07 16:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-18 03:21 - 2015-01-29 19:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-18 03:21 - 2015-01-29 18:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-18 03:21 - 2015-01-29 18:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-18 03:21 - 2015-01-29 18:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-18 03:21 - 2015-01-29 18:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-18 03:21 - 2015-01-29 18:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-18 03:21 - 2015-01-29 18:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-18 03:21 - 2015-01-29 18:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-18 03:21 - 2015-01-29 11:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-18 03:21 - 2015-01-29 11:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-18 03:21 - 2015-01-27 18:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-18 03:21 - 2015-01-27 18:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-18 03:21 - 2015-01-27 16:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-18 03:21 - 2015-01-27 16:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-18 03:21 - 2015-01-20 22:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-18 03:21 - 2015-01-20 22:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-18 03:21 - 2015-01-11 19:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-18 03:21 - 2015-01-11 18:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-18 03:21 - 2014-12-10 22:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-18 03:21 - 2014-12-08 12:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-03-18 03:21 - 2014-12-08 12:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-18 03:21 - 2014-12-08 12:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-03-18 03:21 - 2014-12-08 12:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-03-18 03:21 - 2014-12-08 12:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-03-18 03:21 - 2014-12-08 12:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-18 03:21 - 2014-12-08 12:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-03-18 03:21 - 2014-12-08 12:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-03-18 03:21 - 2014-12-05 18:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-03-18 03:21 - 2014-11-09 16:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-18 03:21 - 2014-11-09 16:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-18 03:21 - 2014-11-09 16:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-03-18 03:21 - 2014-11-09 16:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-03-18 03:21 - 2014-10-30 15:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-03-18 03:21 - 2014-10-30 15:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-03-18 03:21 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-03-18 03:21 - 2014-07-23 20:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-03-18 03:18 - 2015-03-03 06:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-18 03:16 - 2015-03-18 03:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-03-18 03:15 - 2015-03-18 03:17 - 64147607 _____ () C:\Users\Stuxnet\Downloads\Windows8.1-KB2919355-x64.msu.x5c2ihd.partial
2015-03-18 03:15 - 2015-03-18 03:17 - 59885671 _____ () C:\Users\Stuxnet\Downloads\Windows8.1-KB2934018-x64.msu.1ofsslv.partial
2015-03-18 03:14 - 2015-03-25 18:50 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-460681707-3011358676-697363567-1001
2015-03-18 03:13 - 2015-03-18 03:13 - 00000000 __SHD () C:\Users\Stuxnet\AppData\Local\EmieUserList
2015-03-18 03:13 - 2015-03-18 03:13 - 00000000 __SHD () C:\Users\Stuxnet\AppData\Local\EmieSiteList
2015-03-18 03:13 - 2015-03-18 03:13 - 00000000 __SHD () C:\Users\Stuxnet\AppData\Local\EmieBrowserModeList
2015-03-18 03:09 - 2015-03-23 05:19 - 00000000 ____D () C:\Users\Stuxnet
2015-03-18 03:09 - 2015-03-18 03:09 - 00001442 _____ () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-18 03:09 - 2015-03-18 03:09 - 00000020 ___SH () C:\Users\Stuxnet\ntuser.ini
2015-03-18 03:09 - 2015-03-18 03:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-18 03:09 - 2015-03-18 03:09 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Packages
2015-03-18 03:09 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-18 03:09 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-18 03:09 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-18 03:09 - 2014-11-21 01:52 - 00000369 _____ () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-18 03:09 - 2014-11-21 01:52 - 00000369 _____ () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-18 03:09 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-18 03:02 - 2015-03-18 03:16 - 00000000 ____D () C:\Windows\softwaredistribution.bak
2015-03-18 02:58 - 2015-03-18 02:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-03-18 02:57 - 2015-03-18 03:55 - 00000000 ____D () C:\Windows\Panther
2015-03-18 01:10 - 2015-03-18 01:10 - 00000000 __SHD () C:\Recovery
2015-03-09 09:48 - 2015-03-09 09:48 - 00599240 _____ (Qualcomm Atheros) C:\Windows\system32\Drivers\btfilter.sys
2015-03-09 09:48 - 2015-03-09 09:48 - 00246804 _____ () C:\Windows\system32\Drivers\AtherosBT.bin
2015-03-09 09:48 - 2015-03-09 09:48 - 00182784 _____ (Qualcomm®Atheros®) C:\Windows\system32\BtContextMenu.dll
2015-03-09 09:48 - 2015-03-09 09:48 - 00181760 _____ (Qualcomm Atheros Communications Inc.) C:\Windows\system32\btcoinst.dll
2015-03-09 09:48 - 2015-03-09 09:48 - 00048092 _____ () C:\Windows\system32\Drivers\AthrBT_0x01020200.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00046748 _____ () C:\Windows\system32\Drivers\AthrBT_0x31010000.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00046268 _____ () C:\Windows\system32\Drivers\AthrBT_0x11020100.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00046212 _____ () C:\Windows\system32\Drivers\AthrBT_0x11020000.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00040684 _____ () C:\Windows\system32\Drivers\AthrBT_0x31010000_ss01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00038140 _____ () C:\Windows\system32\Drivers\AthrBT_0x31010100.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00023532 _____ () C:\Windows\system32\Drivers\AthrBT_0x01020201.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001926 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0xf0.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001926 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0x21.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001926 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0x11.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001926 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001922 _____ () C:\Windows\system32\Drivers\ramps_0x31010100_40.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001802 _____ () C:\Windows\system32\Drivers\ramps_0x11020100_40_SS01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001802 _____ () C:\Windows\system32\Drivers\ramps_0x11020100_40_nf01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001802 _____ () C:\Windows\system32\Drivers\ramps_0x11020100_40.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001796 _____ () C:\Windows\system32\Drivers\ramps_0x11020000_40.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001516 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_SS01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001516 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_LV01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001516 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0xf1.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001516 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0x22.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001516 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0x12.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001516 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0x01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001512 _____ () C:\Windows\system32\Drivers\ramps_0x31010100_40_0x01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001242 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40_0x01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001228 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40_0x04.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001214 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40_0x03.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001204 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40_0x02.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001204 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001198 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_26.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001192 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_26_0x01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000296 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_40_0x01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000278 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_40_0x04.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000264 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_40_0x03.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000264 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_40_0x02.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000264 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_40.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000264 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_26_0x01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000264 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_26.dfu
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-25 18:41 - 2014-11-21 01:44 - 00986908 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-25 18:36 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-25 15:03 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-25 15:00 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-23 05:19 - 2013-08-22 06:25 - 75235328 _____ () C:\Windows\system32\config\SOFTWARE.gu.bak
2015-03-23 05:19 - 2013-08-22 06:25 - 00262144 _____ () C:\Windows\system32\config\SECURITY.gu.bak
2015-03-23 05:19 - 2013-08-22 06:25 - 00262144 _____ () C:\Windows\system32\config\SAM.gu.bak
2015-03-23 05:11 - 2013-08-22 06:36 - 00000000 __RHD () C:\Users\Default
2015-03-22 23:01 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\Help
2015-03-22 15:07 - 2013-08-22 07:44 - 00337976 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-21 01:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-21 01:11 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-20 19:18 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2015-03-19 23:22 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-18 04:29 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-18 04:07 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-03-18 04:07 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-03-18 04:07 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\setup
2015-03-18 03:39 - 2014-11-21 08:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppCompat
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-18 03:32 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\restore
2015-03-18 03:18 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-18 01:10 - 2013-08-22 08:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2015-03-18 01:10 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\Recovery
2015-03-04 14:24 - 2014-11-21 09:03 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 14:24 - 2014-11-21 09:03 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2015-03-22 07:55 - 2015-03-22 07:55 - 0000017 _____ () C:\Users\Stuxnet\AppData\Local\resmon.resmoncfg
2015-03-23 02:35 - 2015-03-23 02:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
==================== BCD ================================
 
Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
                        {71d32a34-cd2b-11e4-92de-f18a24186994}
                        {71d32a32-cd2b-11e4-92de-f18a24186994}
                        {71d32a33-cd2b-11e4-92de-f18a24186994}
                        {71d32a30-cd2b-11e4-92de-f18a24186994}
                        {71d32a31-cd2b-11e4-92de-f18a24186994}
timeout                 2
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
integrityservices       Enable
default                 {current}
resumeobject            {71d32a3a-cd2b-11e4-92de-f18a24186994}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Firmware Application (101fffff)
-------------------------------
identifier              {71d32a30-cd2b-11e4-92de-f18a24186994}
description             P1: TSSTcorp DVD+/-RW SH-216DB
 
Firmware Application (101fffff)
-------------------------------
identifier              {71d32a31-cd2b-11e4-92de-f18a24186994}
description             P0: WDC WD10EZEX-75ZF5A0      
 
Firmware Application (101fffff)
-------------------------------
identifier              {71d32a32-cd2b-11e4-92de-f18a24186994}
description             UEFI: IP4 Realtek PCIe GBE Family Controller
 
Firmware Application (101fffff)
-------------------------------
identifier              {71d32a33-cd2b-11e4-92de-f18a24186994}
description             UEFI: IP6 Realtek PCIe GBE Family Controller
 
Firmware Application (101fffff)
-------------------------------
identifier              {71d32a34-cd2b-11e4-92de-f18a24186994}
description             UEFI: IP4 Realtek PCIe GBE Family Controller
 
Windows Boot Loader
-------------------
identifier              {71d32a38-cd2b-11e4-92de-f18a24186994}
device                  ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{71d32a39-cd2b-11e4-92de-f18a24186994}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
displaymessageoverride  9
osdevice                ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{71d32a39-cd2b-11e4-92de-f18a24186994}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.efi
description             Windows 8.1
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {71d32a3c-cd2b-11e4-92de-f18a24186994}
integrityservices       Enable
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \Windows
resumeobject            {71d32a3a-cd2b-11e4-92de-f18a24186994}
nx                      OptIn
bootmenupolicy          Standard
 
Windows Boot Loader
-------------------
identifier              {71d32a3c-cd2b-11e4-92de-f18a24186994}
device                  ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{71d32a3d-cd2b-11e4-92de-f18a24186994}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{71d32a3d-cd2b-11e4-92de-f18a24186994}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {71d32a3a-cd2b-11e4-92de-f18a24186994}
device                  partition=C:
path                    \Windows\system32\winresume.efi
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
recoverysequence        {71d32a3c-cd2b-11e4-92de-f18a24186994}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 No
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {71d32a39-cd2b-11e4-92de-f18a24186994}
description             Windows Recovery
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
 
Device options
--------------
identifier              {71d32a3d-cd2b-11e4-92de-f18a24186994}
description             Windows Recovery
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
 
 
 
LastRegBack: 2015-03-18 02:57
 
==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Stuxnet at 2015-03-25 18:54:47
Running from C:\Users\Stuxnet\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET Smart Security 8.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Disabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Application Compatibility Toolkit (Version: 8.59.25584 - Microsoft) Hidden
Assessment and Deployment Kit (HKLM-x32\...\{fc46d1b2-9557-4c1f-baac-04af4d2db7e4}) (Version: 8.59.25584 - Microsoft Corporation)
Assessments on Client (x32 Version: 8.59.25584 - Microsoft) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell)
Dell System Detect (HKU\S-1-5-21-460681707-3011358676-697363567-1001\...\73f463568823ebbe) (Version: 6.0.0.9 - Dell)
Dell Update (HKLM-x32\...\{D9E0A33F-19D6-45A7-83BB-535C7B5F699B}) (Version: 1.5.3000.0 - Dell Inc.)
ESET Smart Security (HKLM\...\{C082CDB9-D173-4740-AE0E-C685E6F44850}) (Version: 8.0.304.0 - ESET, spol s r. o.)
Glary Utilities 5.21 (HKLM-x32\...\Glary Utilities 5) (Version: 5.21.0.40 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1327.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{CEA86648-87FA-4775-8F3B-A57F720BAE85}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7016 - Realtek Semiconductor Corp.)
Registry Repair 5.0.1.66 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.66 - Glarysoft Ltd)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
SQL Server 2012 Common Files (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
Toolkit Documentation (x32 Version: 8.59.25584 - Microsoft) Hidden
True Image WD Edition (HKLM-x32\...\{85CB1512-2D4A-4469-AC21-6B111D169CEB}) (Version: 16.0.5962 - Acronis)
User State Migration Tool (x32 Version: 8.59.25584 - Microsoft) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Volume Activation Management Tool (x32 Version: 8.59.25584 - Microsoft) Hidden
WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{F6FE3205-7737-4772-9017-C7ACD8A5561C}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{647175e1-9944-4a82-bac1-102c95f0a99a}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WPT Redistributables (x32 Version: 8.59.25584 - Microsoft) Hidden
WPTx64 (x32 Version: 8.59.25584 - Microsoft) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
18-03-2015 03:32:04 Windows Update
19-03-2015 23:13:15 Intel® Driver Update Utility
22-03-2015 12:01:00 zoek.exe restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2015-03-21 14:16 - 00000768 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {38187803-029E-4E17-A22F-157F633C557D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {3DCB7DAC-4635-4FBF-BC53-D974A4B1A336} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-11] (Microsoft Corporation)
Task: {49C07154-6CF7-493C-9523-22E9F2F311A7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {6BC9F452-4F7C-49D7-9599-E94C19B55E1E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {76CB65BE-CC1C-4552-AFB3-30A96589459B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {8941B8ED-1641-487D-93A7-C25BAC3AC35C} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-03-16] (Glarysoft Ltd)
Task: {8FCF400D-B768-4A3B-ACFF-06B06E90C078} - System32\Tasks\SUPERAntiSpyware Scheduled Task 1a5d70d0-4f82-42cf-afec-86b55aaf15ec => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {9ED7930B-C6E8-4450-893F-46990656E453} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {B5E53155-5038-4A68-8672-49FDA2116D5B} - System32\Tasks\SUPERAntiSpyware Scheduled Task 223092e3-c8fb-4351-8f58-2843d5cc781a => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {C527C958-E8F8-4936-ACED-D1B7F1EA571B} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {CD5AA7F5-EA2D-412B-B493-339DE140539A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-21] (Google Inc.)
Task: {D667BCF1-EA3E-453C-8B2D-DF1559FADB40} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-03-16] (Glarysoft Ltd)
Task: {F10AF28B-B671-44F1-B36B-4D12EE447057} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-21] (Google Inc.)
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1a5d70d0-4f82-42cf-afec-86b55aaf15ec.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 223092e3-c8fb-4351-8f58-2843d5cc781a.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-03-22 23:01 - 2015-03-13 09:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-21 01:34 - 2015-03-14 03:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-21 01:34 - 2015-03-14 03:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-21 01:34 - 2015-03-14 03:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
2015-03-22 23:12 - 2013-08-09 02:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-03-06 00:10 - 2014-03-06 00:10 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-03-21 01:34 - 2015-03-14 03:12 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\47369426.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\47369426.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-460681707-3011358676-697363567-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-460681707-3011358676-697363567-500 - Administrator - Disabled)
Guest (S-1-5-21-460681707-3011358676-697363567-501 - Limited - Disabled)
John (S-1-5-21-460681707-3011358676-697363567-1004 - Limited - Enabled)
Stuxnet (S-1-5-21-460681707-3011358676-697363567-1001 - Administrator - Enabled) => C:\Users\Stuxnet
 
==================== Faulty Device Manager Devices =============
 
Name: Dell Wireless 1703 Bluetooth
Description: Dell Wireless 1703 Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/25/2015 06:37:01 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 
 
Error: (03/25/2015 06:40:54 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: C:\Windows\System32\winspool.drvSpooler4
 
Error: (03/25/2015 06:40:54 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 
 
Error: (03/25/2015 06:25:55 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: SQLAgent$ADK8
 
Error: (03/25/2015 06:25:55 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$ADK8
 
Error: (03/24/2015 08:09:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SystemError1x20)
Description: Activation of app winstore_cw5n1h2txyewy!Windows.Store failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (03/24/2015 08:09:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WWAHost.exe, version: 6.3.9600.17415, time stamp: 0x545036ce
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0x00000004
Fault offset: 0x0000000000008b9c
Faulting process id: 0x17e0
Faulting application start time: 0xWWAHost.exe0
Faulting application path: WWAHost.exe1
Faulting module path: WWAHost.exe2
Report Id: WWAHost.exe3
Faulting package full name: WWAHost.exe4
Faulting package-relative application ID: WWAHost.exe5
 
Error: (03/24/2015 07:54:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SystemError1x20)
Description: Activation of app winstore_cw5n1h2txyewy!Windows.Store failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (03/24/2015 07:54:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WWAHost.exe, version: 6.3.9600.17415, time stamp: 0x545036ce
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0x00000004
Fault offset: 0x0000000000008b9c
Faulting process id: 0x1048
Faulting application start time: 0xWWAHost.exe0
Faulting application path: WWAHost.exe1
Faulting module path: WWAHost.exe2
Report Id: WWAHost.exe3
Faulting package full name: WWAHost.exe4
Faulting package-relative application ID: WWAHost.exe5
 
Error: (03/24/2015 07:36:13 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
 
System errors:
=============
Error: (03/25/2015 06:42:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (03/25/2015 06:39:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%1053
 
Error: (03/25/2015 06:39:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
 
Error: (03/25/2015 10:57:43 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (03/25/2015 10:57:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (03/25/2015 06:43:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%1053
 
Error: (03/25/2015 06:43:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
 
Error: (03/25/2015 06:40:52 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:51:18 AM on ‎3/‎25/‎2015 was unexpected.
 
Error: (03/25/2015 06:26:03 AM) (Source: DCOM) (EventID: 10010) (User: SystemError1x20)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (03/25/2015 06:25:33 AM) (Source: DCOM) (EventID: 10010) (User: SystemError1x20)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
 
Microsoft Office Sessions:
=========================
Error: (03/25/2015 06:37:01 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 
 
Error: (03/25/2015 06:40:54 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: C:\Windows\System32\winspool.drvSpooler4
 
Error: (03/25/2015 06:40:54 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 
 
Error: (03/25/2015 06:25:55 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: SQLAgent$ADK8
 
Error: (03/25/2015 06:25:55 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$ADK8
 
Error: (03/24/2015 08:09:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SystemError1x20)
Description: winstore_cw5n1h2txyewy!Windows.Store-2147023170
 
Error: (03/24/2015 08:09:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WWAHost.exe6.3.9600.17415545036ceKERNELBASE.dll6.3.9600.1741554505737000000040000000000008b9c17e001d066a90c5d2bd9C:\Windows\System32\WWAHost.exeC:\Windows\system32\KERNELBASE.dll4a3264d7-d29c-11e4-8265-f8b156a3eb39winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewyWindows.Store
 
Error: (03/24/2015 07:54:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SystemError1x20)
Description: winstore_cw5n1h2txyewy!Windows.Store-2147023170
 
Error: (03/24/2015 07:54:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WWAHost.exe6.3.9600.17415545036ceKERNELBASE.dll6.3.9600.1741554505737000000040000000000008b9c104801d066a6ffe34d1eC:\Windows\System32\WWAHost.exeC:\Windows\system32\KERNELBASE.dll3da08937-d29a-11e4-8265-f8b156a3eb39winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewyWindows.Store
 
Error: (03/24/2015 07:36:13 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 22%
Total physical RAM: 8143.21 MB
Available physical RAM: 6310.15 MB
Total Pagefile: 9423.21 MB
Available Pagefile: 7376.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931 GB) (Free:884.27 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0B0B95A4)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================



 


#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:46 AM

Posted 26 March 2015 - 12:48 PM

Hey,
well done. :)

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
  • Note: The log can also be found in here: C:\AdwCleaner\

    Step 2: Malwarebytes

    Iconic_normal.png Please download Malwarebytes Anti-Malware to your desktop
    • Double-click mbam-setup-version.exe and follow the prompts to install the program.
    • At the end, be sure a check-mark is placed next to the following:
      • Enable free trial of Malwarebytes Anti-Malware Premium
      • Launch Malwarebytes Anti-Malware
    • Then click Finish.
    • If an update is found, you will be prompted to download and install the latest version.
    • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
    • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
    • Reboot your computer if prompted.
    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

    The log is available throughout History ->Application logs. Please post it contents in your next reply.

    Step 3: Junkware Removal Tool

    thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    Step 4: FRST Scan
    • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
    • Click Scan to start FRST.
    • When FRST finishes scanning, a log, FRST.txt, will open.
    • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 ICQWinNuke95

ICQWinNuke95
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:46 AM

Posted 28 March 2015 - 04:55 AM

Thanks unfortunately i've used the malbytes premium trial a few weeks ago.

# AdwCleaner v4.113 - Logfile created 28/03/2015 at 02:22:43
# Updated 22/03/2015 by Xplode
# Database : 2015-03-27.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Stuxnet - SYSTEMERROR1X20
# Running from : C:\Users\Stuxnet\Desktop\AdwCleaner (1).exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : WinRing0_1_2_0
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v
 
 
*************************
 
AdwCleaner[R0].txt - [881 bytes] - [22/03/2015 11:23:52]
AdwCleaner[R1].txt - [1030 bytes] - [23/03/2015 03:06:03]
AdwCleaner[R2].txt - [1421 bytes] - [28/03/2015 02:19:58]
AdwCleaner[S0].txt - [950 bytes] - [22/03/2015 11:25:42]
AdwCleaner[S1].txt - [1101 bytes] - [23/03/2015 03:07:17]
AdwCleaner[S2].txt - [1362 bytes] - [28/03/2015 02:22:43]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1421  bytes] ##########

 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 3/28/2015
Scan Time: 2:30:59 AM
Logfile: malbyte.txt
Administrator: Yes
 
Version: 2.01.4.1018
Malware Database: v2015.03.28.02
Rootkit Database: v2015.03.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Stuxnet
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 385035
Time Elapsed: 5 min, 9 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.7 (03.28.2015:1)
OS: Windows 8.1 x64
Ran by Stuxnet on Sat 03/28/2015 at  2:40:17.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\prefetch\DRIVERBOOSTER.EXE-D5205666.pf
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Stuxnet\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Users\Stuxnet\appdata\locallow\pcdr"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 03/28/2015 at  2:42:00.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Stuxnet (administrator) on SYSTEMERROR1X20 on 28-03-2015 02:45:38
Running from C:\Users\Stuxnet\Desktop
Loaded Profiles: Stuxnet (Available profiles: Stuxnet & MSSQL$ADK)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCService.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCAvSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Monitor.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Thisisu) C:\Users\Stuxnet\Desktop\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
HKU\S-1-5-21-460681707-3011358676-697363567-1001\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe [2596128 2015-03-12] (IObit)
HKU\S-1-5-21-460681707-3011358676-697363567-1001\...\Run: [WiFiProtLauncher] => C:\Program Files (x86)\WiFi Protector\WiFiProtLauncher.exe [829744 2015-02-04] (Optimal Software s.r.o.)
IFEO\ActionCenterDownloader.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\AutoShutdown.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\BlueBirdInit.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\BuildIndex.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\ChangeIcon.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\Check.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\DelStartMenuExtension.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\DriverBooster.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\GameAssistant.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\GameAssistantMain.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\GASendBugReport.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\gatsvc.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\hdtmonitor.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\Homepage.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\iFreeUp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\iFreeUpgrade.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\iFreeUpMini.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\IMF.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\IMFsrv.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\IMFTips.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\IMF_ActionCenterDownloader.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\InstallServices.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\InstStat.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\IWsIMF.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\KillAllStartMenu.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\LiveUpdate.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\LocalLang.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\MakeSFX.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\Promote.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\Scheduler.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\ScreenShot.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\SDSendBugReport.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\SD_FreeSoftwareDownloader.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\SendBugReport.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\SendBugReportNew.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\SetupHlp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\SPSetup.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\StartMenu8.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\StartMenu8_About.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\StartMenu8_frmStartMenuLibrary.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\StartMenuServices.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\StartMenuSetting.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\StartMenu_Hook.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\ToggleDesktop.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
IFEO\UpdateIMF.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\AutoReactivator.exe
Startup: C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Assistant.lnk
ShortcutTarget: Game Assistant.lnk -> C:\Program Files (x86)\IObit\Game Assistant\GameAssistant.exe (IObit)
BootExecute: autocheck autochk *  
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-460681707-3011358676-697363567-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-26] (IObit)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-22] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-22] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-22] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-22] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Stuxnet\AppData\Roaming\Mozilla\Firefox\Profiles\jpwx1cty.default
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-22] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-21] (Google Inc.)
 
Chrome: 
=======
 
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCService.exe [911648 2014-11-22] (IObit)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ascavsvc.exe [659232 2015-03-16] (IOBit)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
S4 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [211320 2015-02-11] (Dell Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S4 game assistant by-pass UAC; C:\Program Files (x86)\IObit\Game Assistant\gatsvc.exe [80728 2014-10-28] (IObit)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-03-13] (NVIDIA Corporation)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S4 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit)
S4 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
S4 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-09] (Intel Corporation)
S4 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2015-07-24] (Intel Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 MSSQL$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe [206424 2012-02-11] (Microsoft Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-03-13] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-03-13] (NVIDIA Corporation)
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2015-03-26] (Realtek Semiconductor)
S4 SQLAgent$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\SQLAGENT.EXE [438360 2012-02-11] (Microsoft Corporation)
S4 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-03-13] (IObit)
S4 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-02-12] (Western Digital Technologies, Inc.)
S4 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S4 wifiProtService; C:\Program Files (x86)\WiFi Protector\wifiProtService.exe [1719680 2015-02-04] (Optimal Software s.r.o.)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2015-03-26] (Qualcomm Atheros Communications, Inc.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-03-21] (Emsisoft GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2014-08-18] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2014-08-18] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-09-18] (ESET)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2014-11-10] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-26] (REALiX™)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-03-26] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-03-13] (NVIDIA Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2014-11-10] (IObit.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2015-03-26] (Synaptics Incorporated)
R3 tapwp01; C:\Windows\system32\DRIVERS\tapwp01.sys [40664 2014-10-29] (The OpenVPN Project)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-03-22] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-03-22] (Acronis)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-03-21] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2014-11-10] (IObit.com)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [40392 2012-07-25] (Microsoft Corporation)
 
========================== Drivers MD5 =======================
 
C:\Windows\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\Windows\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\Windows\System32\drivers\ACPI.sys E796AE43DDD1844281DB4D57294D17C0
C:\Windows\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\Windows\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\Windows\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\Windows\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\Windows\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\System32\DRIVERS\afcdp.sys ABCF9C80EAACE03021BB7F450EB8993F
C:\Windows\system32\drivers\afd.sys 374E27295F0A9DCAA8FC96370F9BEEA5
C:\Windows\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\Windows\System32\DRIVERS\ahcache.sys F0CB6DB513CAC393D04A0FCE0A59E1BF
C:\Windows\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\Windows\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\Windows\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\Windows\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\Windows\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\Windows\system32\drivers\appid.sys 415DD71628795197F7AFC176CBADC74E
C:\Windows\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\Windows\system32\DRIVERS\asyncmac.sys 3DB7721F06BC2FEDB25029EA23AB27DA
C:\Windows\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\Windows\system32\DRIVERS\athwbx.sys 60EFDC0EE93A51C63C159C3BD06D25F3
C:\Windows\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\Windows\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\Windows\System32\drivers\BasicRender.sys 38A82F4EE8C416A6744B6D30381ED768
C:\Windows\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\Windows\System32\DRIVERS\bowser.sys 6B4FFFDDC618FCF64473CAA86E305697
C:\Windows\system32\DRIVERS\btfilter.sys 8434237E1EC39E85D8ACE6FA694A5733
C:\Windows\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\Windows\System32\drivers\BthEnum.sys 1104A31260CCF4318C884E0AE6C513BF
C:\Windows\System32\drivers\bthhfenum.sys 67343511D80BF3D6D9EEDB5BA8D0B06B
C:\Windows\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\Windows\system32\DRIVERS\BthLEEnum.sys D30C67473A2E229662D21F27EAA9AAA5
C:\Windows\System32\drivers\bthmodem.sys EF4B9E7C9AD88C00C18A12B0D22D1894
C:\Windows\system32\DRIVERS\bthpan.sys 25BB93167DEF270188072603F92A1EF5
C:\Windows\System32\Drivers\BTHport.sys C37F4930795B771400C63C3C87E7A6C2
C:\Windows\System32\Drivers\BTHUSB.sys 08EA90955AED2D959EE67DF6EDF0E2B6
C:\Windows\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\Windows\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\Windows\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\EEK\bin\cleanhlp64.sys B794DCF38C965FA2F93C45A7C3D582C5
C:\Windows\System32\drivers\CLFS.sys 179A41249055D5F039F1B6703F3B6D2B
C:\Windows\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\Windows\System32\Drivers\cng.sys 3930E508DDA46C1FF68FD963F350AA0A
C:\Windows\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\Windows\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\Windows\System32\drivers\dam.sys 389C998C64319CD97625B0550E52ECFA
C:\Windows\System32\drivers\dc3d.sys D06E443457FADC6B1AFAF3AA4B6936F6
C:\Windows\System32\Drivers\dfsc.sys A03F362C5557E238CBFA914689C77248
C:\Windows\System32\drivers\disk.sys 4D40C9B33F738797CF50E77CB7C53E85
C:\Windows\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\Windows\system32\drivers\drmkaud.sys 00C594D5A1DBD22AD8B2902B9F6EFF94
C:\Windows\System32\drivers\dxgkrnl.sys E1BB0B6F00F470B451AB45EA13EBA0B3
C:\Windows\System32\DRIVERS\eamonm.sys D47E023B543D9FA72EBAAD4D30E499B3
C:\Windows\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\Windows\System32\DRIVERS\edevmon.sys 9FB0479D9398C785C607B1196307F782
C:\Windows\system32\DRIVERS\ehdrv.sys EDE769200779A9746A0F1425EBEE59FE
C:\Windows\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\Windows\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\Windows\system32\DRIVERS\epfw.sys D8A6B4CAA5E240878D65E0EAEE6D9082
C:\Windows\system32\DRIVERS\EpfwLWF.sys C581DEBB25220862D325BE141F02E989
C:\Windows\System32\DRIVERS\epfwwfp.sys DC4E3C33A00AF1165E7BDA9CE147ED2D
C:\Windows\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\Windows\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\Windows\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265
C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys D409D4A4517865131999FAC96D366CBF
C:\Windows\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\Windows\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\Windows\System32\drivers\fltmgr.sys C1FB505A73FA2E9019D32444AB33B75A
C:\Windows\System32\DRIVERS\fltsrv.sys C06AF3D1E7CA6868A6A3064CE6907C4A
C:\Windows\System32\drivers\FsDepends.sys A7C31B168F371E8E6796219F23E354DB
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\Windows\System32\DRIVERS\fvevol.sys F152D55E497E12256290C43B31C7D0CE
C:\Windows\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\Windows\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\Windows\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\Windows\System32\Drivers\msgpioclx.sys 8DF1254093B5C354CE725EB6B9B0DE19
C:\Windows\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593
C:\Windows\System32\drivers\HDAudBus.sys D4B7ED39C7900384D9E5C1283F1E7926
C:\Windows\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\Windows\System32\drivers\hidbth.sys 42F88B57CAE42FC10059C887B3FCFCEA
C:\Windows\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\Windows\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\Windows\System32\drivers\hidusb.sys 8DB8EAB9D0C6A5DF0BDCADEA239220B4
C:\Windows\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\Windows\System32\drivers\HTTP.sys 9DDCA7F18983C5410DEFF79F819DF93C
C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS E5805896A55D4166C20F216249F40FA3
C:\Windows\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\Windows\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\Windows\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\Windows\System32\drivers\i8042prt.sys 49EE0AE9E5B64FFBBD06D55C4984B598
C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\Windows\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\Windows\System32\drivers\iaStorA.sys 57CD95DEB3529181BCC931DD2DFB2341
C:\Windows\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\Windows\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\Windows\system32\drivers\RTKVHD64.sys D2B1DA73B6E8769A1BE1A55693B7F1B3
C:\Windows\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\Windows\System32\drivers\intelpep.sys 7AA01AB1C110916825E6E1389F1B9AF2
C:\Windows\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\Windows\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\Windows\System32\drivers\IPMIDrv.sys 9C096BF5E10CA8BFA56F32522A89FAF1
C:\Windows\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD
C:\Windows\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\Windows\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\Windows\System32\drivers\msiscsi.sys D90AB68D0FAC9F357F663670FDBB511E
C:\Windows\System32\drivers\kbdclass.sys 5917AFE4A3F695A54B99C1849C8207FE
C:\Windows\System32\drivers\kbdhid.sys 8CD840A062F6BDF41DDE3ACB96164B72
C:\Windows\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\Windows\System32\Drivers\ksecdd.sys 4E829B18D5BAEC29893792A3C671A847
C:\Windows\System32\Drivers\ksecpkg.sys 15C8C65CEA018C02EA0F648448C491C5
C:\Windows\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\Windows\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\Windows\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\Windows\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\Windows\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\Windows\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\Windows\system32\drivers\luafv.sys DDEE191AB32DFC22C6465002ECDF5EE4
C:\Windows\system32\drivers\mbam.sys CF12E148C6FC151335B7D7FE03F1C7A2
C:\Windows\system32\drivers\mwac.sys 7FD0FDFB97D80B21195273C4C3810FE1
C:\Windows\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\Windows\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\Windows\system32\DRIVERS\TeeDriverx64.sys 1BC9159CF58BABD89419072EA180A8F6
C:\Windows\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\Windows\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\Windows\System32\drivers\mouclass.sys 08374E4E5B8914DE6067CBA99F61E930
C:\Windows\System32\drivers\mouhid.sys 5FCBAB60598AE119E02B4C27DE6B99EA
C:\Windows\System32\drivers\mountmgr.sys D1D82F007A079A4D623DBD1F36EF30A1
C:\Windows\System32\drivers\mpsdrv.sys 6FC047578785B0435F4E2660946D1ADC
C:\Windows\system32\drivers\mrxdav.sys DB32958F0E704EFBF7F15161A569E39F
C:\Windows\System32\DRIVERS\mrxsmb.sys 31233271EDE50D1BBB220F78AFA60486
C:\Windows\System32\DRIVERS\mrxsmb10.sys 3E28B99198B514DFEB152EACF913025E
C:\Windows\System32\DRIVERS\mrxsmb20.sys 6276AC2AA203CF47811F6EFBBD214FBF
C:\Windows\system32\DRIVERS\bridge.sys F3C060444777A59FC63D920719E43CCD
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\Windows\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\Windows\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\Windows\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\Windows\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\Windows\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\Windows\system32\DRIVERS\mslldp.sys 51B3AC0560848CD6D65AC2033E293113
C:\Windows\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\Windows\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\Windows\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\Windows\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\Windows\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\Windows\System32\Drivers\mup.sys 619CA29326B82372621DB2C0964D8365
C:\Windows\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\Windows\system32\DRIVERS\nwifi.sys 008F7CED69FD5B30CBDE1E03C6F36A27
C:\Windows\System32\drivers\ndis.sys 6D3A2565E01B3E4B0F1BEDB0D4B00B3F
C:\Windows\system32\DRIVERS\ndiscap.sys 8CECC8DA55F3274181FD1EA28AD76664
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 269882812E9A68FFF1AFE1283D428322
C:\Windows\system32\DRIVERS\ndistapi.sys DC1D9F692C2AD84C214584C28501C1F7
C:\Windows\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\Windows\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\System32\Drivers\NDProxy.sys 0BBE2FA30BAD58C9ADC01E4F84A3D2A1
C:\Windows\System32\drivers\Ndu.sys 3083926D1CC5B56EA0786527B557DD1B
C:\Windows\System32\DRIVERS\netbios.sys 42FF4975D032CAE558AE4BB8448F6E5A
C:\Windows\System32\DRIVERS\netbt.sys 0217532E19A748F0E5D569307363D5FD
C:\Windows\System32\drivers\netvsc63.sys D4DCE03870314D3354F3501F9DDD4123
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\Windows\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\Windows\System32\drivers\nsiproxy.sys 0E046FF5823B95326D10CF1B4AF23541
C:\Windows\System32\Drivers\Ntfs.sys 7F68063A5A0461E02BC860CE0E6BFDDC
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\Windows\system32\drivers\nvhda64v.sys 7E4355930B28C2798D9F09AB9F81151F
C:\Windows\system32\DRIVERS\nvlddmkm.sys ECC732D5185408FCC323E56D30170848
C:\Windows\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\Windows\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 977C9F7656D07D36887814A7D570FE1A
C:\Windows\system32\drivers\nvvad64v.sys DBFE7B2DF103F74AE51840B3C5F25FE9
C:\Windows\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\Windows\System32\drivers\parport.sys 764B1121867B2D9B31C491668AC72B2B
C:\Windows\System32\drivers\partmgr.sys BAFF6122CFC9F95CA175AD8C348179A4
C:\Windows\System32\drivers\pci.sys 91ED124E261EA8FAA1C0FFDF2A71B0C4
C:\Windows\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\Windows\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\Windows\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\Windows\System32\drivers\pdc.sys ED54A75050211DC77F9B98C41E026858
C:\Windows\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6
C:\Windows\System32\drivers\point64.sys E4799B87675C59AA1F620DE5C6F113BB
C:\Windows\system32\DRIVERS\raspptp.sys E075CC071022BD4E9BE7C024717C0E0A
C:\Windows\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\Windows\system32\DRIVERS\pacer.sys FC0141B4A5AD6D637D883C1A89FC45C5
C:\Windows\system32\drivers\qwavedrv.sys 83868EB2924E6BC21A54337C65D614D1
C:\Windows\System32\DRIVERS\rasacd.sys B337B1F1E82A83E20A1743E008E25C0F
C:\Windows\system32\DRIVERS\AgileVpn.sys 3EE5097945A7F680E320953271EB2D4F
C:\Windows\system32\DRIVERS\rasl2tp.sys 1BD3022FD6E450B00DE560265638FD2A
C:\Windows\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\Windows\system32\DRIVERS\rassstp.sys 41F631007A158FEBB67F0E2AD1601BBA
C:\Windows\System32\DRIVERS\rdbss.sys A1A5E79C0D1352AFDC08328A623DA051
C:\Windows\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\Windows\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\Windows\System32\drivers\rdpvideominiport.sys BC8A79C625568DDB7DCA49D0C2741A64
C:\Windows\System32\drivers\rdyboost.sys A26AEC49F318FEE141DDDB2C5F99B3E6
C:\Windows\System32\Drivers\ReFS.sys 615DFD97DEA56CE1C3A52185A3038FF8
C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys 5623E2CC4F1F6DE24BE9DB3319E42D23
C:\Windows\System32\drivers\rfcomm.sys DC66AE45816614D2999DCD3834DCCC4E
C:\Windows\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\Windows\System32\Drivers\RtsUStor.sys E902D36DD94CB4A0568DF9C26D6E4D70
C:\Windows\system32\DRIVERS\Rt630x64.sys 030D2961C555B706024FF5A8908DDB6F
C:\Windows\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 3289766038DB2CB14D07DC84392138D5
C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 58A38E75F3316A83C23DF6173D41F2B5
C:\Windows\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\Windows\System32\DRIVERS\scfilter.sys 13BEA6C882D4D877A5A85CA149C86BC1
C:\Windows\System32\drivers\sdbus.sys 27FF998504DEF8D29A771FBB41707C5E
C:\Windows\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\Windows\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431
C:\Windows\System32\drivers\serenum.sys 3CD600C089C1251BEEB4CD4CD5164F9E
C:\Windows\System32\drivers\serial.sys D864381BC9C725FAB01D94C060660166
C:\Windows\System32\drivers\sermouse.sys 148195AE95D9BC7375A08846439FDAC1
C:\Windows\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\Windows\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\Windows\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\Windows\System32\Drivers\SmartDefragDriver.sys E77CB3736A702D46A6FB15FB4A9894E3
C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 5A474BBF8689F73BD28AD224A4BD0102
C:\Windows\System32\DRIVERS\snapman.sys E3E56CAF0472163871B922FC7CBC9654
C:\Windows\System32\drivers\spaceport.sys D24B1945ED1F9C96DA786DBBF1E983CE
C:\Windows\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\Windows\System32\DRIVERS\srv.sys 6416E79A58A8FCC33A447A4DDDD3BF04
C:\Windows\System32\DRIVERS\srv2.sys 00D8AC8E3053290BDE6EA2FB6810D2FC
C:\Windows\System32\DRIVERS\srvnet.sys D047CD668E6277FD80F0C613946F034C
C:\Windows\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\Windows\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\Windows\System32\drivers\vmstorfl.sys 8B9486B64E5FC17FB9CC04CA10B77A34
C:\Windows\System32\drivers\stornvme.sys 6B06E2D11E604BE2B1A406C4CB3B90DE
C:\Windows\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\Windows\System32\drivers\swenum.sys 65454187E0F8B6C0DCECB0287D06EC43
C:\Windows\system32\DRIVERS\tapwp01.sys 3C32FF010F869BC184DF71290477384E
C:\Windows\System32\drivers\tcpip.sys 3C2DF97A21A9BBE6355B0A51F288EFFF
C:\Windows\system32\DRIVERS\tcpip.sys 3C2DF97A21A9BBE6355B0A51F288EFFF
C:\Windows\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4
C:\Windows\system32\DRIVERS\tdrpman.sys AC28A6FCA485821499FF018695CEDE16
C:\Windows\system32\DRIVERS\tdx.sys FFF28F9F6823EB1756C60F1649560BBF
C:\Windows\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\Windows\System32\DRIVERS\tib.sys DE604462206F7D8C203F767F425FCA8D
C:\Windows\System32\DRIVERS\tib_mounter.sys 8C750FE6DE38AF13506B99EC2F519F79
C:\Windows\system32\drivers\tpm.sys 82F909359600D3603FE852DB7F135626
C:\Windows\System32\drivers\TrueSight.sys FD44FA80DA03EA144153A76DEBBB61B4
C:\Windows\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\Windows\System32\drivers\TsUsbGD.sys 20185BEB7512EDE4EFECDFA148AC9F99
C:\Windows\system32\DRIVERS\tunnel.sys C8E0E78B5D284C2FF59BDFFDAF997242
C:\Windows\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\Windows\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\Windows\System32\drivers\ucx01000.sys 807F8CF3E973305FC435C61CBBEE2A49
C:\Windows\System32\DRIVERS\udfs.sys 1EC649F112896FAE33250F0B97AC5D0B
C:\Windows\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\Windows\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\Windows\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\Windows\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys 893A6B67C8AA502648AD946CF50DDFD1
C:\Windows\System32\drivers\usbccgp.sys FF78D053A05E5A394F4E3C1816CC65A8
C:\Windows\System32\drivers\usbcir.sys 0139248F6B95CF0D837B5B46A2722D40
C:\Windows\System32\drivers\usbehci.sys 48BA326A3DBA5B5BEB5F2777F4618696
C:\Windows\System32\drivers\usbhub.sys FEF0BC107812B36849741C3211BA6B60
C:\Windows\System32\drivers\UsbHub3.sys FAA564A13576F9284546BF016D27B551
C:\Windows\System32\drivers\usbohci.sys 3019097FB6C985EF24C058090FF3BDBD
C:\Windows\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\Windows\System32\drivers\USBSTOR.SYS 66732C13628BDB1AB0D6FD46027327C2
C:\Windows\System32\drivers\usbuhci.sys 064260B3A5868AC894A4943543BC7AB7
C:\Windows\System32\drivers\USBXHCI.SYS 1A20F03700D2B2ED775E38D751EF2F63
C:\Windows\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\Windows\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\Windows\System32\drivers\vhdmp.sys F6ECFD6128A16A4851CFE98D4E01B011
C:\Windows\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\Windows\System32\drivers\vmbus.sys 511AD3FF957A0127E6BD336FF6F89C38
C:\Windows\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\Windows\System32\drivers\volmgr.sys 55D7D963DE85162F1C49721E502F9744
C:\Windows\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\Windows\System32\drivers\volsnap.sys 64CA2B4A49A8EAF495E435623ECCE7DB
C:\Windows\System32\drivers\vpci.sys EF31713EE4C7CCFE4049F7E7F15645A2
C:\Windows\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\Windows\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\Windows\System32\drivers\vwifibus.sys BE970C369E43B509C1EDA2B8FA7CECB0
C:\Windows\system32\DRIVERS\vwififlt.sys 6B26AD573CCDD5209DF4397438B76354
C:\Windows\system32\DRIVERS\vwifimp.sys 0B48E0DFB44EE475F4FD8A8EE599AF30
C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\Windows\system32\DRIVERS\wanarp.sys B41F3E5780D97CFD44A717153AD9CF2C
C:\Windows\system32\DRIVERS\wanarp.sys B41F3E5780D97CFD44A717153AD9CF2C
C:\Windows\system32\drivers\WdBoot.sys 1751F6B031ADAC34724511057D2E455D
C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\Windows\system32\drivers\WdFilter.sys D296D0F0DB2CD1504F90405603664493
C:\Windows\System32\Drivers\WdNisDrv.sys 9F4DF0043965808973023A9B51A11136
C:\Windows\System32\DRIVERS\wfplwfs.sys 715ABA3DD164D06457A2A3C92F6EA9D5
C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys 80D4D2866A3D1E0F281A35CC17C18666
C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09
C:\Windows\System32\DRIVERS\wpcfltr.sys A2468CC3509394A33C4C32F99563D845
C:\Windows\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\Windows\System32\drivers\WudfPf.sys 481286719402E4BAEFEA0604AB1B5113
C:\Windows\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\Windows\system32\DRIVERS\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\Windows\system32\DRIVERS\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== Three Months Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-28 02:45 - 2015-03-28 02:45 - 00041834 _____ () C:\Users\Stuxnet\Desktop\FRST.txt
2015-03-28 02:44 - 2015-03-28 02:44 - 02095616 _____ (Farbar) C:\Users\Stuxnet\Desktop\FRST64.exe
2015-03-28 02:42 - 2015-03-28 02:42 - 00000907 _____ () C:\Users\Stuxnet\Desktop\JRT.txt
2015-03-28 02:38 - 2015-03-28 02:38 - 01389240 _____ (Thisisu) C:\Users\Stuxnet\Desktop\JRT.exe
2015-03-28 02:37 - 2015-03-28 02:37 - 00001047 _____ () C:\Users\Stuxnet\Desktop\malbyte.txt
2015-03-28 02:30 - 2015-03-28 02:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-28 02:30 - 2015-03-28 02:30 - 00001130 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-28 02:30 - 2015-03-28 02:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-28 02:30 - 2015-03-28 02:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-28 02:30 - 2015-03-28 02:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-28 02:30 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-28 02:30 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-28 02:30 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-28 02:28 - 2015-03-28 02:28 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Stuxnet\Desktop\mbam-setup-2.1.4.1018.exe
2015-03-28 02:25 - 2015-03-28 02:25 - 00337976 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-28 02:25 - 2015-03-28 02:25 - 00000822 _____ () C:\Windows\PFRO.log
2015-03-28 02:25 - 2015-03-28 02:25 - 00000116 _____ () C:\Windows\setupact.log
2015-03-28 02:25 - 2015-03-28 02:25 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-28 02:18 - 2015-03-28 02:18 - 02168320 _____ () C:\Users\Stuxnet\Desktop\AdwCleaner (1).exe
2015-03-28 02:17 - 2015-03-28 02:17 - 02168320 _____ () C:\Users\Stuxnet\Downloads\AdwCleaner.exe
2015-03-27 18:32 - 2015-03-27 18:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2015-03-27 18:32 - 2015-03-27 18:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2015-03-27 14:05 - 2015-03-27 14:05 - 00000000 ____D () C:\Users\Stuxnet\Documents\My Received Files
2015-03-27 13:53 - 2015-03-27 13:53 - 00002418 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Stuxnet
2015-03-27 13:53 - 2015-03-27 13:53 - 00000314 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Stuxnet.job
2015-03-27 11:42 - 2015-03-27 11:42 - 00001345 _____ () C:\Users\Stuxnet\Desktop\Win Fix.lnk
2015-03-27 03:00 - 2015-03-27 03:00 - 00003464 _____ () C:\Windows\System32\Tasks\WiFiProtLauncher
2015-03-27 03:00 - 2015-03-27 03:00 - 00000000 ____D () C:\Users\Stuxnet\Documents\Wifi Protector
2015-03-27 02:59 - 2015-03-28 02:29 - 00000000 ____D () C:\Program Files (x86)\WiFi Protector
2015-03-27 02:59 - 2015-03-27 02:59 - 00001139 _____ () C:\Users\Stuxnet\Desktop\WiFi Protector.lnk
2015-03-27 02:59 - 2015-03-27 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiFi Protector
2015-03-27 02:59 - 2015-03-27 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-27 02:59 - 2015-03-27 02:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-03-27 02:59 - 2014-10-29 17:08 - 00040664 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapwp01.sys
2015-03-27 02:58 - 2015-03-27 02:58 - 06988544 _____ (Optimal Software s.r.o ) C:\Users\Stuxnet\Downloads\wifiprotector.exe
2015-03-27 02:55 - 2015-03-27 02:55 - 02442208 _____ (IO3O LLC ) C:\Users\Stuxnet\Downloads\mywifi.exe
2015-03-26 10:57 - 2015-03-26 10:57 - 00000000 ____D () C:\Users\Stuxnet\Documents\Heroes of Newerth
2015-03-26 10:43 - 2015-03-26 10:43 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2015-03-26 06:20 - 2015-03-26 06:20 - 00001201 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-03-26 06:20 - 2015-03-26 06:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-03-26 06:09 - 2014-06-04 15:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-03-26 05:02 - 2015-03-26 05:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2015-03-26 05:02 - 2015-03-26 05:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iFreeUp
2015-03-26 05:00 - 2015-03-27 02:45 - 00003200 _____ () C:\Windows\System32\Tasks\SmartDefrag4_Startup
2015-03-26 05:00 - 2015-03-27 02:45 - 00003198 _____ () C:\Windows\System32\Tasks\SmartDefrag4_Update
2015-03-26 05:00 - 2015-03-26 05:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-03-26 05:00 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2015-03-26 05:00 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2015-03-26 04:46 - 2015-03-26 04:46 - 00003220 _____ () C:\Windows\System32\Tasks\ASCU8_PerformanceMonitor
2015-03-26 04:43 - 2015-03-28 00:32 - 00002300 _____ () C:\Users\Public\Desktop\Advanced SystemCare Ultimate 8.lnk
2015-03-26 04:43 - 2015-03-26 04:43 - 00002400 _____ () C:\Windows\System32\Tasks\ASCU8_SkipUac_Stuxnet
2015-03-26 04:43 - 2015-03-26 04:43 - 00000296 _____ () C:\Windows\Tasks\ASCU8_SkipUac_Stuxnet.job
2015-03-26 04:43 - 2015-03-26 04:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate 8
2015-03-26 04:43 - 2015-03-26 04:43 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2015-03-26 04:43 - 2015-03-26 04:43 - 00000000 ____D () C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2015-03-26 04:39 - 2015-03-26 04:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Assistant
2015-03-26 04:27 - 2015-03-27 03:07 - 00003252 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2015-03-26 04:27 - 2015-03-27 03:07 - 00003196 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2015-03-26 04:27 - 2015-03-27 02:40 - 00002892 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Stuxnet)
2015-03-26 04:19 - 2015-03-26 05:05 - 00003166 _____ () C:\Windows\System32\Tasks\Game_Booster_AutoUpdate
2015-03-26 04:19 - 2015-03-26 04:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
2015-03-26 03:44 - 2015-03-26 03:44 - 00876760 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-03-26 03:44 - 2015-03-26 03:44 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 75038720 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2015-03-26 03:43 - 2015-03-26 03:43 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCORES64.dat
2015-03-26 03:43 - 2015-03-26 03:43 - 12967680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-03-26 03:43 - 2015-03-26 03:43 - 04833280 _____ () C:\Windows\system32\config\DRIVERS.iobit
2015-03-26 03:43 - 2015-03-26 03:43 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-03-26 03:43 - 2015-03-26 03:43 - 03691608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioMeters64.exe
2015-03-26 03:43 - 2015-03-26 03:43 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 02000640 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-03-26 03:43 - 2015-03-26 03:43 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 01728768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 01499984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-03-26 03:43 - 2015-03-26 03:43 - 01353472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 00979280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.iobit
2015-03-26 03:43 - 2015-03-26 03:43 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 00129312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-03-26 03:43 - 2015-03-26 03:43 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-03-26 03:43 - 2015-03-26 03:43 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iobit
2015-03-26 03:43 - 2015-03-26 03:43 - 00028672 _____ () C:\Windows\system32\config\SAM.iobit
2015-03-26 03:42 - 2015-03-26 03:45 - 00000000 ____D () C:\Windows\LastGood.Tmp
2015-03-26 03:42 - 2015-03-26 03:42 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2015-03-26 03:42 - 2015-03-26 03:42 - 03893248 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athwbx.sys
2015-03-26 03:42 - 2015-03-26 03:42 - 00598216 _____ (Qualcomm Atheros) C:\Windows\system32\Drivers\btfilter.sys
2015-03-26 03:42 - 2015-03-26 03:42 - 00272600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2015-03-26 03:42 - 2015-03-26 03:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-03-26 03:41 - 2015-03-26 03:41 - 00031472 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-03-26 03:41 - 2015-03-26 03:41 - 00000000 ____D () C:\Program Files\Synaptics
2015-03-26 01:03 - 2015-03-26 01:03 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\ProductData
2015-03-26 01:02 - 2015-03-26 04:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-03-26 01:02 - 2015-03-26 01:02 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-03-26 01:02 - 2015-03-26 01:02 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Apple Computer
2015-03-26 01:01 - 2015-03-27 13:53 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\IObit
2015-03-26 01:01 - 2015-03-27 13:53 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-03-26 01:01 - 2015-03-27 02:04 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-26 01:01 - 2015-03-26 06:03 - 00000000 ____D () C:\ProgramData\IObit
2015-03-26 01:01 - 2015-03-26 01:01 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2015-03-26 01:01 - 2015-03-26 01:01 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-03-25 23:37 - 2015-03-28 02:43 - 01446774 _____ () C:\Windows\WindowsUpdate.log
2015-03-25 22:50 - 2015-03-28 01:09 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-03-25 22:50 - 2015-03-26 05:22 - 00000368 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-03-25 22:50 - 2015-03-25 22:50 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-03-25 22:50 - 2015-03-25 22:50 - 00002990 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2015-03-25 22:50 - 2015-03-25 22:50 - 00001104 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-03-25 22:50 - 2015-03-25 22:50 - 00001092 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2015-03-25 22:50 - 2015-03-25 22:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-03-25 19:49 - 2015-03-25 19:49 - 00003176 ____N () C:\bootsqm.dat
2015-03-25 18:47 - 2015-03-25 18:47 - 02095616 _____ (Farbar) C:\Users\Stuxnet\Downloads\FRST64 (1).exe
2015-03-25 18:43 - 2015-03-25 18:43 - 00145383 _____ () C:\Users\Stuxnet\Downloads\FRST.txt
2015-03-25 18:43 - 2015-03-25 18:43 - 00039816 _____ () C:\Users\Stuxnet\Downloads\Shortcut.txt
2015-03-25 18:43 - 2015-03-25 18:43 - 00022329 _____ () C:\Users\Stuxnet\Downloads\Addition.txt
2015-03-25 06:56 - 2015-03-25 06:56 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\VirtualStore
2015-03-25 06:49 - 2015-03-28 00:58 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7633FAAD-DD85-475E-B15D-531EAC9DFF04}
2015-03-25 06:41 - 2015-03-25 06:41 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\ESET
2015-03-25 06:40 - 2015-03-25 06:40 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\DiskDefrag
2015-03-25 06:17 - 2015-03-25 06:17 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Adobe
2015-03-25 06:02 - 2015-03-25 06:02 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Macromedia
2015-03-24 19:54 - 2015-03-26 05:15 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\CrashDumps
2015-03-23 05:19 - 2015-03-23 05:19 - 11796480 _____ () C:\Windows\system32\config\SYSTEM.gu
2015-03-23 05:19 - 2015-03-23 05:19 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.gu
2015-03-23 05:19 - 2015-03-23 05:19 - 00036864 _____ () C:\Windows\system32\config\SOFTWARE.gu
2015-03-23 05:18 - 2015-03-16 00:28 - 00028960 _____ (Glarysoft Ltd) C:\Windows\system32\RegBootDefrag.exe
2015-03-23 03:52 - 2015-03-23 03:52 - 00000000 ____D () C:\ProgramData\GlarySoft
2015-03-23 03:49 - 2015-03-26 05:05 - 00002664 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2015-03-23 03:49 - 2015-03-25 22:50 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\GlarySoft
2015-03-23 03:49 - 2015-03-23 03:49 - 00002237 _____ () C:\GUDownLoaddebug.txt
2015-03-23 03:49 - 2015-03-23 03:49 - 00001271 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2015-03-23 03:49 - 2015-03-23 03:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2015-03-23 03:49 - 2015-03-23 03:49 - 00000000 ____D () C:\Program Files (x86)\Glarysoft
2015-03-23 03:05 - 2015-03-23 03:05 - 02168320 _____ () C:\Users\Stuxnet\Downloads\adwcleaner_4.113.exe
2015-03-23 02:36 - 2015-07-24 11:57 - 00020614 _____ () C:\Windows\system32\Drivers\ibtfltcoex_wp8.cat
2015-03-23 02:36 - 2015-03-23 02:36 - 00000000 ____D () C:\Windows\system32\Drivers\Win64
2015-03-23 02:35 - 2015-03-26 03:44 - 01019725 _____ () C:\Windows\system32\Drivers\rtwavesskdy.dat
2015-03-23 02:35 - 2015-03-26 03:44 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-03-23 02:35 - 2015-03-23 02:35 - 00463760 _____ () C:\Windows\system32\Drivers\rtwavesmapro.dat
2015-03-23 02:35 - 2015-03-23 02:35 - 00019501 _____ () C:\Windows\system32\Drivers\rtwavesmaprocap.dat
2015-03-23 02:35 - 2015-03-23 02:35 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-23 02:35 - 2015-03-23 02:35 - 00000000 ____D () C:\Windows\system32\SRSLabs
2015-03-23 02:35 - 2015-03-23 02:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2015-03-23 02:35 - 2015-03-23 02:35 - 00000000 ____D () C:\Program Files\Realtek
2015-03-23 02:34 - 2015-03-23 02:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-23 02:34 - 2015-03-23 02:34 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-03-23 02:34 - 2013-08-09 13:45 - 02585304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-03-23 02:34 - 2013-07-28 08:48 - 27518208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2015-03-23 02:34 - 2013-07-23 13:40 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-03-23 02:34 - 2013-07-23 13:39 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-03-23 02:34 - 2013-07-23 13:39 - 01916672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2015-03-23 02:34 - 2013-07-23 13:39 - 01399040 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek364.dll
2015-03-23 02:34 - 2013-07-23 13:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-03-23 02:34 - 2013-07-22 14:36 - 00194816 _____ (Waves Audio) C:\Windows\system32\MaxxAudioVienna264.dll
2015-03-23 02:34 - 2013-04-23 12:54 - 00154184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkXInterface64.dll
2015-03-23 02:34 - 2013-01-11 14:27 - 00628504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2015-03-23 02:34 - 2013-01-11 14:27 - 00563992 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2015-03-23 02:34 - 2012-11-14 09:41 - 00378000 _____ (Realtek Semiconductor) C:\Windows\system32\RtkGuiCompLib.dll
2015-03-23 02:34 - 2012-08-31 17:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-03-23 02:34 - 2012-08-31 17:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-03-23 02:34 - 2012-08-31 17:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-03-23 02:34 - 2012-08-31 17:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-03-23 02:34 - 2012-08-31 17:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-03-23 02:34 - 2012-06-08 14:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2015-03-23 02:34 - 2012-06-08 14:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2015-03-23 02:34 - 2012-03-08 09:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-03-23 02:34 - 2011-12-20 13:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-03-23 02:34 - 2011-12-16 12:57 - 00065112 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll
2015-03-23 02:34 - 2011-11-22 14:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-03-23 02:34 - 2011-05-31 07:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-03-23 02:34 - 2010-11-08 05:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-03-23 02:34 - 2010-11-08 05:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-03-23 02:34 - 2010-11-08 05:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-03-23 02:34 - 2010-11-08 05:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-03-23 02:34 - 2010-11-08 05:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-03-23 02:34 - 2010-11-08 05:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-03-23 02:34 - 2010-11-03 16:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-03-23 02:34 - 2010-09-27 07:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-03-23 02:34 - 2009-11-24 07:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-03-23 02:34 - 2009-11-24 07:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-03-23 02:34 - 2009-11-24 07:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-03-23 02:34 - 2009-11-24 07:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-03-23 02:34 - 2009-11-18 05:13 - 00060504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll
2015-03-23 02:33 - 2015-03-23 02:36 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-03-23 02:33 - 2015-03-23 02:33 - 00001536 _____ () C:\Windows\SysWOW64\RtkMsgs.dll
2015-03-23 02:33 - 2013-08-08 17:57 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-03-23 00:38 - 2015-03-23 00:42 - 149589776 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\XPS-8700_Network_Driver_NC1YV_WN_16.1.0.7_A00.EXE
2015-03-23 00:36 - 2015-03-23 00:41 - 160828136 _____ () C:\Users\Stuxnet\Downloads\Dell_Backup_and_Recovery_1.7.5.64.exe
2015-03-23 00:36 - 2015-03-23 00:39 - 39199256 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\XPS-8700_Communications_Driver_32KKW_WN_3.1.1307_A00.EXE
2015-03-23 00:36 - 2015-03-23 00:37 - 13942144 _____ () C:\Users\Stuxnet\Downloads\XPS_8700_BIOS_A10.EXE
2015-03-23 00:35 - 2015-03-23 00:35 - 00000000 ____D () C:\Program Files (x86)\Dell Update
2015-03-23 00:34 - 2015-03-27 11:44 - 00000000 ____D () C:\Dell
2015-03-23 00:34 - 2015-03-23 00:41 - 231285744 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\XPS-8700_Audio_Driver_N4TKF_WN_6.0.1.7016_A00.EXE
2015-03-23 00:34 - 2015-03-23 00:39 - 202126192 _____ () C:\Users\Stuxnet\Downloads\Audio_CREATIVE_W7_W8_W81_A00_Setup-241T2_ZPE.exe
2015-03-23 00:34 - 2015-03-23 00:34 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2015-03-23 00:33 - 2015-03-23 00:33 - 01295912 _____ () C:\Users\Stuxnet\Downloads\DellDigitalDelivery.2.9.901.0_Install_ZPE.exe
2015-03-22 23:02 - 2015-03-23 05:11 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\NVIDIA Corporation
2015-03-22 23:02 - 2015-03-22 23:03 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\NVIDIA
2015-03-22 23:02 - 2015-03-22 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-22 23:02 - 2015-03-13 12:41 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-22 23:02 - 2015-03-13 12:41 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-22 23:02 - 2015-03-13 12:41 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-22 23:02 - 2015-03-13 12:41 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-22 23:01 - 2015-03-26 05:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-03-22 23:01 - 2015-03-22 23:02 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-22 23:01 - 2015-03-13 12:41 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-03-22 23:01 - 2015-03-13 12:41 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-03-22 23:01 - 2015-03-13 09:16 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-22 23:01 - 2015-03-13 09:16 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-22 23:01 - 2015-03-13 09:16 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-22 23:01 - 2015-03-13 09:16 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-22 23:01 - 2015-03-13 09:16 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-22 23:01 - 2015-03-13 09:16 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-22 23:01 - 2015-03-13 08:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-22 23:01 - 2015-03-11 06:10 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-03-22 23:00 - 2015-03-13 12:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-22 23:00 - 2015-03-13 12:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-03-22 23:00 - 2015-03-13 12:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-03-22 23:00 - 2015-03-13 12:41 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-03-22 23:00 - 2015-03-13 12:41 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-22 22:54 - 2015-03-22 22:54 - 00000000 ____D () C:\Users\Stuxnet\Downloads\x64
2015-03-22 22:53 - 2015-03-22 22:54 - 00000000 ____D () C:\Users\Stuxnet\Downloads\settings
2015-03-22 22:53 - 2015-03-22 22:53 - 01176850 _____ (Igor Pavlov) C:\Users\Stuxnet\Downloads\DDU v14.1.0.0.exe
2015-03-22 22:53 - 2015-03-19 08:31 - 01815552 _____ () C:\Users\Stuxnet\Downloads\Display Driver Uninstaller.exe
2015-03-22 22:53 - 2015-03-19 08:31 - 00214528 _____ () C:\Users\Stuxnet\Downloads\Display Driver Uninstaller.pdb
2015-03-22 22:50 - 2015-03-22 22:54 - 309143408 _____ (NVIDIA Corporation) C:\Users\Stuxnet\Downloads\347.88-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-03-22 22:39 - 2015-03-22 22:39 - 00000000 _____ () C:\Windows\SysWOW64\REN6F3F.tmp
2015-03-22 22:38 - 2015-03-22 22:38 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-22 22:17 - 2015-03-23 05:11 - 00000000 ____D () C:\ProgramData\Acronis
2015-03-22 22:17 - 2015-03-22 22:17 - 01462560 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2015-03-22 22:17 - 2015-03-22 22:17 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2015-03-22 22:17 - 2015-03-22 22:17 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2015-03-22 22:17 - 2015-03-22 22:17 - 00233760 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2015-03-22 22:17 - 2015-03-22 22:17 - 00183224 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2015-03-22 22:17 - 2015-03-22 22:17 - 00108832 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2015-03-22 22:17 - 2015-03-22 22:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-03-22 22:16 - 2015-03-22 22:16 - 00000000 ____D () C:\Program Files (x86)\Acronis
2015-03-22 22:09 - 2015-03-22 22:09 - 00000000 _____ () C:\Windows\SysWOW64\REN9EC5.tmp
2015-03-22 22:02 - 2015-03-22 22:02 - 00000000 _____ () C:\Windows\SysWOW64\REN149E.tmp
2015-03-22 21:57 - 2015-03-22 21:57 - 00000000 _____ () C:\Windows\SysWOW64\RENA35E.tmp
2015-03-22 15:26 - 2015-03-27 12:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-22 15:18 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-03-22 15:18 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-03-22 15:18 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-03-22 15:18 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-03-22 15:18 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-03-22 15:18 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-03-22 15:18 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-03-22 15:18 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-03-22 15:18 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-03-22 15:18 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-03-22 15:18 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-03-22 15:18 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-03-22 15:18 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-03-22 15:17 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-03-22 15:17 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-03-22 15:17 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-03-22 15:17 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-03-22 15:17 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-03-22 15:17 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-03-22 15:17 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-03-22 15:17 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-03-22 15:17 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-03-22 15:17 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-03-22 15:17 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-03-22 15:17 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-03-22 15:17 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-03-22 15:17 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-03-22 15:17 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-03-22 15:17 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-03-22 15:17 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-03-22 15:17 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-03-22 15:17 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-03-22 15:17 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-03-22 15:17 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-03-22 15:17 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-03-22 15:17 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-03-22 15:17 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-03-22 15:17 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-03-22 15:17 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-03-22 15:17 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-03-22 15:17 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-03-22 15:17 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-03-22 15:17 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-03-22 15:17 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-03-22 15:17 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-03-22 15:17 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-03-22 15:17 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-03-22 15:17 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-03-22 15:17 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-03-22 15:17 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-03-22 15:17 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-03-22 15:17 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-03-22 15:17 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-03-22 15:17 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-03-22 15:17 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-03-22 15:17 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-03-22 15:17 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-03-22 15:17 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-03-22 15:17 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-03-22 15:17 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-03-22 15:17 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-03-22 15:17 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-03-22 15:17 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-03-22 15:17 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-03-22 15:17 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-03-22 15:17 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-03-22 15:17 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-03-22 15:17 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-03-22 15:17 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-03-22 15:17 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-03-22 15:17 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-03-22 15:17 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-03-22 15:17 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-03-22 15:17 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-03-22 15:17 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-03-22 15:17 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-03-22 15:17 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-03-22 15:17 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-03-22 15:17 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-03-22 15:17 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-03-22 15:17 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-03-22 15:17 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-03-22 15:17 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-03-22 15:17 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-03-22 15:17 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-03-22 15:17 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-03-22 15:17 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-03-22 15:17 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-03-22 15:17 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-03-22 15:17 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-03-22 15:17 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-03-22 15:17 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-03-22 15:17 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-03-22 15:17 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-03-22 15:17 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-03-22 15:17 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-03-22 15:17 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-03-22 15:17 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-03-22 15:17 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-03-22 15:17 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-03-22 15:17 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-03-22 15:17 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-03-22 15:17 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-03-22 15:17 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-03-22 15:17 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-03-22 15:17 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-03-22 15:17 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-03-22 15:17 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-03-22 15:17 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-03-22 15:17 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-03-22 15:17 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-03-22 15:17 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-03-22 15:17 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-03-22 15:17 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-03-22 15:17 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-03-22 15:17 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-03-22 15:17 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-03-22 15:17 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-03-22 15:17 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-03-22 15:17 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-03-22 15:17 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-03-22 15:17 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-03-22 15:17 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-03-22 15:17 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-03-22 15:17 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-03-22 15:17 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-03-22 15:17 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-03-22 15:17 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-03-22 15:17 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-03-22 15:17 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-03-22 15:17 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-03-22 15:17 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-03-22 15:17 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-03-22 15:17 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-03-22 15:17 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-03-22 15:17 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-03-22 15:17 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-03-22 15:17 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-03-22 15:17 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-03-22 15:17 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-03-22 15:17 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-03-22 15:17 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-03-22 15:17 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-03-22 15:17 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-03-22 15:17 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-03-22 15:17 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-03-22 15:17 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-03-22 15:17 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-03-22 15:17 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-03-22 15:17 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-03-22 15:17 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-03-22 15:17 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-03-22 15:17 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-03-22 15:16 - 2015-03-22 22:17 - 00000000 ____D () C:\NVIDIA
2015-03-22 15:15 - 2015-03-22 15:15 - 00000000 _____ () C:\Windows\SysWOW64\REN82F9.tmp
2015-03-22 15:13 - 2015-03-22 15:18 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-22 15:13 - 2015-03-22 15:16 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-03-22 15:11 - 2015-03-22 15:11 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Western_Digital_Technolog
2015-03-22 15:11 - 2015-03-22 15:11 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Western Digital
2015-03-22 15:10 - 2015-03-22 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-03-22 15:09 - 2015-03-23 05:11 - 00000000 ____D () C:\ProgramData\Western Digital
2015-03-22 15:09 - 2015-03-22 15:09 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-22 15:09 - 2015-03-22 15:09 - 00000000 ____D () C:\Program Files\Western Digital
2015-03-22 15:09 - 2015-03-22 15:09 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2015-03-22 15:09 - 2015-03-22 15:09 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2015-03-22 15:07 - 2015-03-22 15:06 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-22 15:06 - 2015-03-22 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-22 15:06 - 2015-03-22 15:06 - 00000000 ____D () C:\Program Files\Java
2015-03-22 14:59 - 2015-03-24 22:09 - 00003064 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-03-22 14:59 - 2015-03-24 22:09 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-03-22 14:59 - 2015-03-22 14:59 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-03-22 14:59 - 2015-03-22 14:59 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-03-22 14:59 - 2015-03-22 14:59 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-03-22 14:59 - 2015-03-22 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2015-03-22 14:58 - 2015-03-22 14:58 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2015-03-22 14:55 - 2015-03-22 14:55 - 00000000 ____D () C:\ProgramData\Sun
2015-03-22 14:54 - 2015-03-22 22:41 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-22 12:07 - 2015-03-22 12:07 - 00000000 ____D () C:\zoek
2015-03-22 11:58 - 2015-03-22 12:10 - 00003169 _____ () C:\runcheck.txt
2015-03-22 11:58 - 2015-03-22 12:08 - 00000000 ____D () C:\zoek_backup
2015-03-22 11:31 - 2015-03-22 11:31 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-03-22 11:26 - 2015-03-22 11:26 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Stuxnet\Desktop\iExplore64.exe
2015-03-22 11:23 - 2015-03-28 02:22 - 00000000 ____D () C:\AdwCleaner
2015-03-22 11:22 - 2015-03-28 02:45 - 00000000 ____D () C:\FRST
2015-03-22 10:56 - 2015-03-22 10:56 - 00000000 ____D () C:\rsit
2015-03-22 10:56 - 2015-03-22 10:56 - 00000000 ____D () C:\Program Files (x86)\trend micro
2015-03-22 10:53 - 2015-03-22 10:53 - 00139264 _____ () C:\Users\Stuxnet\Downloads\SystemLook.exe
2015-03-22 10:52 - 2015-03-22 10:52 - 01107968 _____ () C:\Users\Stuxnet\Downloads\RSIT.exe
2015-03-22 07:55 - 2015-03-22 07:55 - 00000017 _____ () C:\Users\Stuxnet\AppData\Local\resmon.resmoncfg
2015-03-22 07:33 - 2015-03-22 07:33 - 00402944 _____ (Farbar) C:\Users\Stuxnet\Downloads\MiniToolBox.exe
2015-03-21 14:11 - 2015-03-23 05:11 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-21 14:11 - 2015-03-21 14:11 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-21 14:11 - 2015-03-21 14:11 - 00000000 _____ () C:\Users\Stuxnet\defogger_reenable
2015-03-21 08:08 - 2015-03-26 07:32 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\vlc
2015-03-21 08:04 - 2015-03-21 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-21 08:04 - 2015-03-21 08:04 - 00000000 ____D () C:\Program Files\VideoLAN
2015-03-21 08:03 - 2015-03-25 04:51 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\IrfanView
2015-03-21 08:03 - 2015-03-21 08:03 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2015-03-21 01:54 - 2015-03-21 01:55 - 143688440 _____ (Microsoft Corporation) C:\Users\Stuxnet\Downloads\msert.exe
2015-03-21 01:34 - 2015-03-21 01:38 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-21 01:34 - 2015-03-21 01:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-21 01:33 - 2015-03-26 05:22 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-21 01:33 - 2015-03-26 05:22 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-21 01:33 - 2015-03-26 05:22 - 00000546 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 223092e3-c8fb-4351-8f58-2843d5cc781a.job
2015-03-21 01:33 - 2015-03-26 05:22 - 00000546 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1a5d70d0-4f82-42cf-afec-86b55aaf15ec.job
2015-03-21 01:33 - 2015-03-26 05:06 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-21 01:33 - 2015-03-26 05:06 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-21 01:33 - 2015-03-26 05:06 - 00003542 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 223092e3-c8fb-4351-8f58-2843d5cc781a
2015-03-21 01:33 - 2015-03-26 05:05 - 00003624 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1a5d70d0-4f82-42cf-afec-86b55aaf15ec
2015-03-21 01:33 - 2015-03-26 04:25 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-21 01:33 - 2015-03-23 05:11 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Google
2015-03-21 01:33 - 2015-03-23 05:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-21 01:33 - 2015-03-21 01:33 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\SUPERAntiSpyware.com
2015-03-21 01:33 - 2015-03-21 01:33 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-03-21 01:33 - 2015-03-21 01:33 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-03-21 00:50 - 2015-03-26 06:35 - 00000000 ____D () C:\Windows\softwaredistribution.bak1
2015-03-21 00:20 - 2015-03-21 00:20 - 00050477 _____ () C:\Users\Stuxnet\Downloads\Defogger.exe
2015-03-20 23:14 - 2015-03-20 23:16 - 15648856 _____ () C:\Users\Stuxnet\Downloads\RogueKiller.exe
2015-03-20 23:08 - 2015-03-25 06:42 - 00000000 ____D () C:\EEK
2015-03-20 23:02 - 2015-03-26 19:56 - 00002582 _____ () C:\Users\Stuxnet\Desktop\Rkill.txt
2015-03-20 23:00 - 2015-03-20 23:00 - 21459512 _____ (SUPERAntiSpyware) C:\Users\Stuxnet\Downloads\SUPERAntiSpywarePro.exe
2015-03-20 23:00 - 2015-03-20 23:00 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Stuxnet\Downloads\lkldfkff.com.exe
2015-03-20 22:50 - 2015-03-26 04:42 - 00000000 ____D () C:\q
2015-03-20 22:50 - 2015-03-20 22:50 - 00464491 _____ () C:\Users\Stuxnet\Downloads\RootRepeal.zip
2015-03-20 22:46 - 2015-03-20 22:46 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Stuxnet\Downloads\rkill.com
2015-03-20 22:46 - 2015-03-20 22:46 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Stuxnet\Desktop\iExplore.exe
2015-03-20 22:45 - 2015-03-20 22:48 - 164788416 _____ () C:\Users\Stuxnet\Downloads\EmsisoftEmergencyKit.exe
2015-03-20 22:45 - 2015-03-20 22:45 - 02095616 _____ (Farbar) C:\Users\Stuxnet\Downloads\FRST64.exe
2015-03-20 02:28 - 2015-03-24 19:35 - 00000000 ____D () C:\Users\MSSQL$ADK
2015-03-20 02:28 - 2015-03-20 02:28 - 00000020 ___SH () C:\Users\MSSQL$ADK\ntuser.ini
2015-03-20 02:28 - 2015-03-18 03:39 - 00000000 ___RD () C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-20 02:28 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-20 02:28 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-20 02:28 - 2014-11-21 01:52 - 00000369 _____ () C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-20 02:28 - 2014-11-21 01:52 - 00000369 _____ () C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-20 02:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-20 02:28 - 2012-02-11 10:08 - 00147032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hadrres.dll
2015-03-20 02:28 - 2012-02-11 10:08 - 00069208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fssres.dll
2015-03-20 02:28 - 2012-02-11 10:03 - 00082520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$ADK-sqlctr11.0.2100.60.dll
2015-03-20 02:28 - 2012-02-11 10:02 - 00045656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL11.ADK-sqlagtctr.dll
2015-03-20 02:27 - 2015-03-20 02:27 - 00000000 ____D () C:\Windows\SysWOW64\1033
2015-03-20 02:27 - 2015-03-20 02:27 - 00000000 ____D () C:\Windows\system32\1033
2015-03-20 02:27 - 2015-03-20 02:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2015-03-20 02:27 - 2015-03-20 02:27 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-03-20 02:27 - 2015-03-20 02:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2015-03-20 02:26 - 2015-03-20 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
2015-03-20 02:26 - 2015-03-20 02:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-03-20 02:23 - 2015-03-20 02:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-03-20 02:23 - 2015-03-20 02:23 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2015-03-20 01:07 - 2015-03-20 01:07 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\ESET
2015-03-20 01:06 - 2015-03-20 01:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-03-20 01:06 - 2015-03-20 01:06 - 00000000 ____D () C:\ProgramData\ESET
2015-03-20 01:06 - 2015-03-20 01:06 - 00000000 ____D () C:\Program Files\ESET
2015-03-20 00:53 - 2015-03-23 05:11 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Mozilla
2015-03-20 00:53 - 2015-03-20 00:53 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Mozilla
2015-03-20 00:53 - 2015-03-20 00:53 - 00000000 ____D () C:\ProgramData\Mozilla
2015-03-19 23:45 - 2015-03-25 05:55 - 00003486 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-03-19 23:45 - 2015-03-23 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-03-19 23:45 - 2015-03-19 23:45 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-03-19 23:45 - 2015-03-19 23:45 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-03-19 23:45 - 2015-03-19 23:45 - 00000000 ____D () C:\Program Files\Dell
2015-03-19 23:43 - 2015-03-22 23:02 - 00000000 ____D () C:\temp
2015-03-19 23:36 - 2013-11-15 00:42 - 00012064 _____ (NVIDIA Corporation) C:\Windows\system32\NVMUPEventMsg.dll
2015-03-19 23:33 - 2015-03-19 23:33 - 00000000 ____D () C:\Windows\nvmup
2015-03-19 23:29 - 2015-03-20 02:28 - 01000894 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-19 23:26 - 2015-03-19 23:29 - 273798752 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\Video_Driver_77P69_WN_9.18.13.3185_A00 (1).EXE
2015-03-19 23:26 - 2015-03-19 23:26 - 23925040 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\XPS-8700_Serial-ATA_Driver_89G40_WN_12.8.0.1016_A00.EXE
2015-03-19 23:25 - 2015-03-23 05:11 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Apps\2.0
2015-03-19 23:25 - 2015-03-19 23:25 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2015-03-19 23:25 - 2015-03-19 23:25 - 00000000 _____ () C:\Windows\SysWOW64\agent.log
2015-03-19 23:23 - 2015-03-23 05:11 - 00000000 ____D () C:\ProgramData\Intel
2015-03-19 23:23 - 2015-03-19 23:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-03-19 23:23 - 2015-03-19 23:28 - 00000000 ____D () C:\Program Files\Intel
2015-03-19 23:23 - 2013-08-09 02:25 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-03-19 23:22 - 2015-03-19 23:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-03-19 23:20 - 2015-03-23 02:35 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-03-19 23:20 - 2013-07-16 06:32 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-03-19 23:19 - 2015-03-23 05:11 - 00000000 ____D () C:\ProgramData\Dell
2015-03-19 23:19 - 2015-03-19 23:20 - 113815799 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\Video_Driver_77P69_WN_9.18.13.3185_A00.EXE.i400cp5.partial
2015-03-19 23:18 - 2015-03-19 23:19 - 65140544 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\XPS-8700_Chipset_Driver_VW876_WN_9.5.13.1706_A00.EXE
2015-03-19 23:18 - 2015-03-19 23:18 - 12170088 _____ (Dell Inc.) C:\Users\Stuxnet\Downloads\XPS-8700_Chipset_Driver_V2D47_WN_9.4.0.1021_A00.EXE
2015-03-19 23:14 - 2015-03-19 23:14 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Intel
2015-03-19 23:13 - 2015-03-19 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-03-19 23:13 - 2015-03-19 23:13 - 00000000 ____D () C:\Program Files (x86)\Intel Driver Update Utility
2015-03-19 23:12 - 2015-03-19 23:12 - 02333416 _____ (Intel) C:\Users\Stuxnet\Downloads\Intel Driver Update Utility Installer.exe
2015-03-18 04:49 - 2015-03-18 04:49 - 00001937 _____ () C:\Users\Stuxnet\Desktop\Heroes of Newerth.lnk
2015-03-18 04:49 - 2015-03-18 04:49 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2015-03-18 04:49 - 2015-03-18 04:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
2015-03-18 04:11 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-03-18 04:11 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-03-18 04:11 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-03-18 04:11 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-03-18 04:10 - 2015-03-26 10:44 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth
2015-03-18 04:10 - 2015-03-18 04:10 - 19956704 _____ () C:\Users\Stuxnet\Downloads\HoNClient.exe
2015-03-18 04:01 - 2015-03-18 04:01 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2015-03-18 04:00 - 2014-11-17 13:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-03-18 04:00 - 2014-11-17 13:17 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-03-18 04:00 - 2014-11-15 12:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-18 04:00 - 2014-11-14 23:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-18 04:00 - 2014-11-14 07:36 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-03-18 04:00 - 2014-11-14 00:10 - 03558400 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-03-18 04:00 - 2014-11-13 23:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-03-18 04:00 - 2014-11-13 23:58 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-03-18 04:00 - 2014-11-13 23:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-03-18 04:00 - 2014-11-13 23:57 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-03-18 04:00 - 2014-11-13 23:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2015-03-18 04:00 - 2014-11-13 23:54 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-03-18 04:00 - 2014-11-13 23:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-03-18 04:00 - 2014-11-13 23:53 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-03-18 04:00 - 2014-11-13 23:52 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-03-18 04:00 - 2014-11-13 23:46 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-03-18 04:00 - 2014-11-13 23:39 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-03-18 04:00 - 2014-11-13 22:04 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-03-18 04:00 - 2014-11-13 22:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-03-18 04:00 - 2014-11-13 22:03 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-03-18 04:00 - 2014-11-13 22:01 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-03-18 04:00 - 2014-11-13 22:01 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-03-18 04:00 - 2014-11-10 11:06 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-03-18 04:00 - 2014-11-10 11:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-03-18 04:00 - 2014-11-10 11:06 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-03-18 04:00 - 2014-11-10 11:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-03-18 04:00 - 2014-11-09 19:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-03-18 04:00 - 2014-11-09 18:37 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-03-18 04:00 - 2014-11-09 18:34 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-03-18 04:00 - 2014-11-09 18:26 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-03-18 04:00 - 2014-11-09 18:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-03-18 04:00 - 2014-11-09 18:09 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-03-18 04:00 - 2014-11-09 18:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-03-18 04:00 - 2014-11-09 18:06 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-03-18 04:00 - 2014-11-09 17:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-03-18 04:00 - 2014-11-09 17:57 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-03-18 04:00 - 2014-11-07 21:00 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-03-18 04:00 - 2014-11-07 21:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2015-03-18 04:00 - 2014-11-07 20:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2015-03-18 04:00 - 2014-11-07 20:58 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-03-18 04:00 - 2014-11-07 20:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2015-03-18 04:00 - 2014-11-07 20:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2015-03-18 04:00 - 2014-11-07 20:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2015-03-18 04:00 - 2014-11-07 20:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-03-18 04:00 - 2014-11-07 20:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2015-03-18 04:00 - 2014-11-07 20:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2015-03-18 04:00 - 2014-11-07 20:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2015-03-18 04:00 - 2014-11-07 19:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2015-03-18 04:00 - 2014-11-07 19:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-03-18 04:00 - 2014-11-07 19:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-03-18 04:00 - 2014-11-07 19:09 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-03-18 04:00 - 2014-11-07 19:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-03-18 04:00 - 2014-11-07 18:59 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-03-18 04:00 - 2014-11-07 18:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-03-18 04:00 - 2014-11-07 18:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-03-18 04:00 - 2014-11-06 20:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-03-18 04:00 - 2014-11-06 20:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-03-18 04:00 - 2014-11-04 19:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2015-03-18 04:00 - 2014-11-04 19:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2015-03-18 04:00 - 2014-11-04 19:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-03-18 04:00 - 2014-11-04 18:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-03-18 04:00 - 2014-11-04 18:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-03-18 04:00 - 2014-11-04 18:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-03-18 04:00 - 2014-11-04 18:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2015-03-18 04:00 - 2014-11-04 18:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2015-03-18 04:00 - 2014-11-04 18:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-03-18 04:00 - 2014-11-04 18:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-03-18 04:00 - 2014-11-04 18:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-03-18 04:00 - 2014-11-04 18:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-03-18 04:00 - 2014-11-04 18:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-03-18 04:00 - 2014-11-04 18:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-03-18 04:00 - 2014-11-04 12:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-03-18 04:00 - 2014-11-04 12:25 - 00059712 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-03-18 04:00 - 2014-11-04 12:25 - 00051008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-03-18 04:00 - 2014-11-03 23:55 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-03-18 04:00 - 2014-11-03 23:54 - 00108544 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-03-18 04:00 - 2014-11-03 23:54 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-03-18 04:00 - 2014-11-03 23:54 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-03-18 04:00 - 2014-11-03 23:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-03-18 04:00 - 2014-11-03 22:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-03-18 04:00 - 2014-10-30 17:51 - 18823168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-03-18 04:00 - 2014-10-30 17:10 - 15158784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-03-18 04:00 - 2014-10-28 20:05 - 00551232 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-03-18 04:00 - 2014-10-28 18:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-03-18 04:00 - 2014-10-28 18:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-03-18 04:00 - 2014-10-20 18:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2015-03-18 04:00 - 2014-10-20 18:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2015-03-18 04:00 - 2014-10-20 17:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-03-18 04:00 - 2014-10-20 17:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-03-18 04:00 - 2014-10-20 17:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-03-18 04:00 - 2014-10-20 17:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-03-18 04:00 - 2014-10-20 17:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-03-18 04:00 - 2014-10-18 01:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-03-18 04:00 - 2014-10-18 01:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-03-18 04:00 - 2014-10-18 00:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-03-18 04:00 - 2014-10-17 23:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-03-18 04:00 - 2014-10-16 21:56 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-03-18 04:00 - 2014-10-16 21:56 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-03-18 04:00 - 2014-10-16 21:56 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-03-18 04:00 - 2014-10-16 20:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-03-18 04:00 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-03-18 04:00 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-03-18 03:59 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-03-18 03:59 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-03-18 03:54 - 2015-03-18 03:54 - 09882112 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUStoricon.dll
2015-03-18 03:54 - 2015-03-18 03:54 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-03-18 03:54 - 2015-03-18 03:54 - 00422504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStor.dll
2015-03-18 03:48 - 2015-03-18 03:48 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\DHAgent
2015-03-18 03:46 - 2015-03-18 03:46 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-03-18 03:46 - 2015-03-18 03:46 - 00000000 ____D () C:\Program Files\MSBuild
2015-03-18 03:46 - 2015-03-18 03:46 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-03-18 03:46 - 2015-03-18 03:46 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-18 03:44 - 2013-08-02 21:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-03-18 03:44 - 2013-08-02 21:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-18 03:44 - 2013-08-02 21:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-03-18 03:44 - 2013-08-02 21:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-18 03:39 - 2015-03-18 03:39 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-18 03:34 - 2015-03-18 03:34 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-18 03:33 - 2015-03-11 18:48 - 122905856 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-18 03:28 - 2015-03-22 23:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-18 03:23 - 2015-03-05 19:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-18 03:23 - 2015-03-05 19:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-18 03:23 - 2015-02-25 16:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-18 03:23 - 2015-02-06 16:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-18 03:23 - 2015-02-03 16:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-18 03:23 - 2015-02-03 16:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-18 03:23 - 2015-02-03 16:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-18 03:23 - 2015-02-02 16:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-18 03:23 - 2015-02-02 16:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-18 03:23 - 2015-01-28 18:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-18 03:23 - 2015-01-28 18:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-18 03:23 - 2015-01-26 20:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-18 03:23 - 2015-01-23 18:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-18 03:23 - 2015-01-23 00:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-18 03:23 - 2015-01-22 22:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-18 03:23 - 2015-01-15 15:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-18 03:23 - 2015-01-15 15:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-18 03:23 - 2015-01-13 21:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-03-18 03:23 - 2015-01-13 20:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-03-18 03:23 - 2014-12-19 01:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-18 03:23 - 2014-12-19 01:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-18 03:23 - 2014-12-08 18:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-03-18 03:23 - 2014-11-09 19:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-03-18 03:23 - 2014-11-09 18:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-03-18 03:23 - 2014-10-30 16:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-18 03:23 - 2014-10-30 16:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-18 03:22 - 2015-02-20 17:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-18 03:22 - 2015-02-20 17:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-18 03:22 - 2015-02-20 17:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-18 03:22 - 2015-02-20 16:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-18 03:22 - 2015-02-20 16:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-18 03:22 - 2015-02-19 20:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-18 03:22 - 2015-02-19 19:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-18 03:22 - 2015-02-19 19:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-18 03:22 - 2015-02-19 19:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-18 03:22 - 2015-02-19 19:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-18 03:22 - 2015-02-19 19:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-18 03:22 - 2015-02-19 19:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-18 03:22 - 2015-02-19 19:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-18 03:22 - 2015-02-19 19:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-18 03:22 - 2015-02-19 19:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-18 03:22 - 2015-02-19 19:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-18 03:22 - 2015-02-19 19:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-18 03:22 - 2015-02-19 19:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-18 03:22 - 2015-02-19 18:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-18 03:22 - 2015-02-19 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-18 03:22 - 2015-02-19 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-18 03:22 - 2015-02-19 18:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-18 03:22 - 2015-02-19 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-18 03:22 - 2015-02-19 18:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-18 03:22 - 2015-02-19 18:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-18 03:22 - 2015-02-19 18:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-18 03:22 - 2015-02-19 18:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-18 03:22 - 2015-02-19 18:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-18 03:22 - 2015-02-19 18:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-18 03:22 - 2015-02-19 18:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-18 03:22 - 2015-02-19 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-18 03:22 - 2015-02-19 18:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-18 03:22 - 2015-02-19 17:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-18 03:22 - 2015-02-19 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-18 03:22 - 2015-02-05 18:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-18 03:22 - 2015-02-05 18:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-18 03:22 - 2015-02-05 13:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-18 03:22 - 2015-02-03 16:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-18 03:22 - 2015-02-03 16:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-18 03:22 - 2015-02-03 16:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-18 03:22 - 2015-02-02 17:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-18 03:22 - 2015-02-02 17:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-18 03:22 - 2015-02-02 16:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-18 03:22 - 2015-02-02 16:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-18 03:22 - 2015-02-02 16:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-18 03:22 - 2015-01-30 16:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-18 03:22 - 2015-01-30 16:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-18 03:22 - 2015-01-30 16:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-18 03:22 - 2015-01-29 20:01 - 00097792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-18 03:22 - 2015-01-29 20:00 - 00167424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-03-18 03:22 - 2015-01-29 19:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-18 03:22 - 2015-01-29 19:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-18 03:22 - 2015-01-29 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-18 03:22 - 2015-01-29 18:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-18 03:22 - 2015-01-29 18:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-18 03:22 - 2015-01-28 18:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-18 03:22 - 2015-01-28 18:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-18 03:22 - 2015-01-28 18:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-18 03:22 - 2015-01-28 18:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-18 03:22 - 2015-01-28 17:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-18 03:22 - 2015-01-28 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-18 03:22 - 2015-01-28 17:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-18 03:22 - 2015-01-28 17:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-18 03:22 - 2015-01-28 08:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-18 03:22 - 2015-01-28 08:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-18 03:22 - 2015-01-28 08:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-18 03:22 - 2015-01-27 19:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-18 03:22 - 2015-01-27 18:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-18 03:22 - 2015-01-26 21:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-18 03:22 - 2015-01-26 19:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-18 03:22 - 2015-01-19 11:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-03-18 03:22 - 2015-01-11 18:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-18 03:22 - 2015-01-11 18:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-18 03:22 - 2014-12-18 23:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-03-18 03:22 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-18 03:22 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-03-18 03:22 - 2014-12-11 19:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-03-18 03:22 - 2014-12-11 17:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-03-18 03:22 - 2014-12-08 20:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-03-18 03:22 - 2014-12-08 18:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-18 03:22 - 2014-12-05 20:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-03-18 03:22 - 2014-12-05 18:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-03-18 03:22 - 2014-12-02 16:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-18 03:22 - 2014-11-21 19:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-18 03:22 - 2014-11-21 19:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-18 03:22 - 2014-10-28 19:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-03-18 03:22 - 2014-10-28 19:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-03-18 03:22 - 2014-10-28 18:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-03-18 03:22 - 2014-10-28 18:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-03-18 03:22 - 2014-10-28 18:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-03-18 03:22 - 2014-10-28 18:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-03-18 03:22 - 2014-10-28 18:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-03-18 03:22 - 2014-10-28 18:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-03-18 03:21 - 2015-02-20 18:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-18 03:21 - 2015-02-20 17:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-18 03:21 - 2015-02-19 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-18 03:21 - 2015-02-19 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-18 03:21 - 2015-02-19 18:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-18 03:21 - 2015-02-19 18:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-18 03:21 - 2015-02-19 18:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-18 03:21 - 2015-02-12 10:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-18 03:21 - 2015-02-12 10:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-18 03:21 - 2015-02-07 16:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-18 03:21 - 2015-02-07 16:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-18 03:21 - 2015-01-29 19:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-18 03:21 - 2015-01-29 18:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-18 03:21 - 2015-01-29 18:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-18 03:21 - 2015-01-29 18:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-18 03:21 - 2015-01-29 18:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-18 03:21 - 2015-01-29 18:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-18 03:21 - 2015-01-29 18:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-18 03:21 - 2015-01-29 18:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-18 03:21 - 2015-01-29 11:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-18 03:21 - 2015-01-29 11:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-18 03:21 - 2015-01-27 18:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-18 03:21 - 2015-01-27 18:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-18 03:21 - 2015-01-27 16:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-18 03:21 - 2015-01-27 16:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-18 03:21 - 2015-01-20 22:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-18 03:21 - 2015-01-20 22:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-18 03:21 - 2015-01-11 19:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-18 03:21 - 2015-01-11 18:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-18 03:21 - 2014-12-10 22:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-18 03:21 - 2014-12-08 12:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-03-18 03:21 - 2014-12-08 12:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-18 03:21 - 2014-12-08 12:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-03-18 03:21 - 2014-12-08 12:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-03-18 03:21 - 2014-12-08 12:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-03-18 03:21 - 2014-12-08 12:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-18 03:21 - 2014-12-08 12:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-03-18 03:21 - 2014-12-08 12:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-03-18 03:21 - 2014-12-05 18:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-03-18 03:21 - 2014-11-09 16:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-18 03:21 - 2014-11-09 16:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-18 03:21 - 2014-11-09 16:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-03-18 03:21 - 2014-11-09 16:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-03-18 03:21 - 2014-10-30 15:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-03-18 03:21 - 2014-10-30 15:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-03-18 03:21 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-03-18 03:21 - 2014-07-23 20:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-03-18 03:18 - 2015-03-03 06:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-18 03:16 - 2015-03-18 03:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-03-18 03:15 - 2015-03-18 03:17 - 64147607 _____ () C:\Users\Stuxnet\Downloads\Windows8.1-KB2919355-x64.msu.x5c2ihd.partial
2015-03-18 03:15 - 2015-03-18 03:17 - 59885671 _____ () C:\Users\Stuxnet\Downloads\Windows8.1-KB2934018-x64.msu.1ofsslv.partial
2015-03-18 03:14 - 2015-03-28 02:35 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-460681707-3011358676-697363567-1001
2015-03-18 03:13 - 2015-03-18 03:13 - 00000000 __SHD () C:\Users\Stuxnet\AppData\Local\EmieUserList
2015-03-18 03:13 - 2015-03-18 03:13 - 00000000 __SHD () C:\Users\Stuxnet\AppData\Local\EmieSiteList
2015-03-18 03:13 - 2015-03-18 03:13 - 00000000 __SHD () C:\Users\Stuxnet\AppData\Local\EmieBrowserModeList
2015-03-18 03:09 - 2015-03-27 13:54 - 00000000 ____D () C:\Users\Stuxnet\AppData\Local\Packages
2015-03-18 03:09 - 2015-03-27 02:49 - 00000000 ____D () C:\Users\Stuxnet
2015-03-18 03:09 - 2015-03-18 03:09 - 00001442 _____ () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-18 03:09 - 2015-03-18 03:09 - 00000020 ___SH () C:\Users\Stuxnet\ntuser.ini
2015-03-18 03:09 - 2015-03-18 03:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-18 03:09 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-18 03:09 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-18 03:09 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-18 03:09 - 2014-11-21 01:52 - 00000369 _____ () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-18 03:09 - 2014-11-21 01:52 - 00000369 _____ () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-18 03:09 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\Stuxnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-18 03:02 - 2015-03-18 03:16 - 00000000 ____D () C:\Windows\softwaredistribution.bak
2015-03-18 02:58 - 2015-03-18 02:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-03-18 02:57 - 2015-03-26 03:40 - 00000000 ____D () C:\Windows\Panther
2015-03-18 01:10 - 2015-03-18 01:10 - 00000000 __SHD () C:\Recovery
2015-03-09 09:48 - 2015-03-09 09:48 - 00246804 _____ () C:\Windows\system32\Drivers\AtherosBT.bin
2015-03-09 09:48 - 2015-03-09 09:48 - 00182784 _____ (Qualcomm®Atheros®) C:\Windows\system32\BtContextMenu.dll
2015-03-09 09:48 - 2015-03-09 09:48 - 00181760 _____ (Qualcomm Atheros Communications Inc.) C:\Windows\system32\btcoinst.dll
2015-03-09 09:48 - 2015-03-09 09:48 - 00048092 _____ () C:\Windows\system32\Drivers\AthrBT_0x01020200.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00046748 _____ () C:\Windows\system32\Drivers\AthrBT_0x31010000.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00046268 _____ () C:\Windows\system32\Drivers\AthrBT_0x11020100.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00046212 _____ () C:\Windows\system32\Drivers\AthrBT_0x11020000.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00040684 _____ () C:\Windows\system32\Drivers\AthrBT_0x31010000_ss01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00038140 _____ () C:\Windows\system32\Drivers\AthrBT_0x31010100.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00023532 _____ () C:\Windows\system32\Drivers\AthrBT_0x01020201.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001926 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0xf0.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001926 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0x21.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001926 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0x11.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001926 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001922 _____ () C:\Windows\system32\Drivers\ramps_0x31010100_40.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001802 _____ () C:\Windows\system32\Drivers\ramps_0x11020100_40_SS01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001802 _____ () C:\Windows\system32\Drivers\ramps_0x11020100_40_nf01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001802 _____ () C:\Windows\system32\Drivers\ramps_0x11020100_40.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001796 _____ () C:\Windows\system32\Drivers\ramps_0x11020000_40.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001516 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_SS01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001516 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_LV01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001516 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0xf1.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001516 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0x22.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001516 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0x12.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001516 _____ () C:\Windows\system32\Drivers\ramps_0x31010000_40_0x01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001512 _____ () C:\Windows\system32\Drivers\ramps_0x31010100_40_0x01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001242 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40_0x01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001228 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40_0x04.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001214 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40_0x03.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001204 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40_0x02.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001204 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001198 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_26.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00001192 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_26_0x01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000296 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_40_0x01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000278 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_40_0x04.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000264 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_40_0x03.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000264 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_40_0x02.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000264 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_40.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000264 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_26_0x01.dfu
2015-03-09 09:48 - 2015-03-09 09:48 - 00000264 _____ () C:\Windows\system32\Drivers\ramps_0x01020201_26.dfu
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-28 02:30 - 2014-11-21 01:44 - 00986908 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-28 02:25 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-28 02:23 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-28 02:02 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-27 13:54 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-26 05:14 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-23 05:19 - 2013-08-22 06:25 - 75235328 _____ () C:\Windows\system32\config\SOFTWARE.gu.bak
2015-03-23 05:19 - 2013-08-22 06:25 - 00262144 _____ () C:\Windows\system32\config\SECURITY.gu.bak
2015-03-23 05:19 - 2013-08-22 06:25 - 00262144 _____ () C:\Windows\system32\config\SAM.gu.bak
2015-03-23 05:11 - 2013-08-22 06:36 - 00000000 __RHD () C:\Users\Default
2015-03-22 23:01 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\Help
2015-03-21 01:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-21 01:11 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-20 19:18 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2015-03-18 04:07 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-03-18 04:07 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-03-18 04:07 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\setup
2015-03-18 03:39 - 2014-11-21 08:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppCompat
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-18 03:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-18 03:32 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\restore
2015-03-18 03:18 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-18 01:10 - 2013-08-22 08:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2015-03-18 01:10 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\Recovery
2015-03-04 14:24 - 2014-11-21 09:03 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 14:24 - 2014-11-21 09:03 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2015-03-22 07:55 - 2015-03-22 07:55 - 0000017 _____ () C:\Users\Stuxnet\AppData\Local\resmon.resmoncfg
2015-03-23 02:35 - 2015-03-23 02:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some content of TEMP:
====================
C:\Users\Stuxnet\AppData\Local\Temp\Quarantine.exe
C:\Users\Stuxnet\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
==================== BCD ================================
 
Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
                        {71d32a34-cd2b-11e4-92de-f18a24186994}
                        {71d32a32-cd2b-11e4-92de-f18a24186994}
                        {71d32a33-cd2b-11e4-92de-f18a24186994}
                        {71d32a30-cd2b-11e4-92de-f18a24186994}
                        {71d32a31-cd2b-11e4-92de-f18a24186994}
timeout                 2
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
integrityservices       Enable
default                 {current}
resumeobject            {71d32a3a-cd2b-11e4-92de-f18a24186994}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Firmware Application (101fffff)
-------------------------------
identifier              {71d32a30-cd2b-11e4-92de-f18a24186994}
description             P1: TSSTcorp DVD+/-RW SH-216DB
 
Firmware Application (101fffff)
-------------------------------
identifier              {71d32a31-cd2b-11e4-92de-f18a24186994}
description             P0: WDC WD10EZEX-75ZF5A0      
 
Firmware Application (101fffff)
-------------------------------
identifier              {71d32a32-cd2b-11e4-92de-f18a24186994}
description             UEFI: IP4 Realtek PCIe GBE Family Controller
 
Firmware Application (101fffff)
-------------------------------
identifier              {71d32a33-cd2b-11e4-92de-f18a24186994}
description             UEFI: IP6 Realtek PCIe GBE Family Controller
 
Firmware Application (101fffff)
-------------------------------
identifier              {71d32a34-cd2b-11e4-92de-f18a24186994}
description             UEFI: IP4 Realtek PCIe GBE Family Controller
 
Windows Boot Loader
-------------------
identifier              {71d32a38-cd2b-11e4-92de-f18a24186994}
device                  ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{71d32a39-cd2b-11e4-92de-f18a24186994}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
displaymessageoverride  9
osdevice                ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{71d32a39-cd2b-11e4-92de-f18a24186994}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.efi
description             Windows 8.1
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {71d32a3c-cd2b-11e4-92de-f18a24186994}
integrityservices       Enable
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \Windows
resumeobject            {71d32a3a-cd2b-11e4-92de-f18a24186994}
nx                      OptIn
bootmenupolicy          Standard
 
Windows Boot Loader
-------------------
identifier              {71d32a3c-cd2b-11e4-92de-f18a24186994}
device                  ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{71d32a3d-cd2b-11e4-92de-f18a24186994}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{71d32a3d-cd2b-11e4-92de-f18a24186994}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {71d32a3a-cd2b-11e4-92de-f18a24186994}
device                  partition=C:
path                    \Windows\system32\winresume.efi
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
recoverysequence        {71d32a3c-cd2b-11e4-92de-f18a24186994}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 No
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {71d32a39-cd2b-11e4-92de-f18a24186994}
description             Windows Recovery
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
 
Device options
--------------
identifier              {71d32a3d-cd2b-11e4-92de-f18a24186994}
description             Windows Recovery
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
 
 
 
LastRegBack: 2015-03-27 13:44
 
==================== End Of Log ============================


#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:46 AM

Posted 28 March 2015 - 07:50 AM

Hey,
well done. :)

Step 1: FRST Fix
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    EmptyTemp:
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!
  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:46 AM

Posted 02 April 2015 - 07:38 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users