Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hidden connections, svchost.exe x 11, processes posing as system


  • This topic is locked This topic is locked
24 replies to this topic

#1 SocratesPhilosophies

SocratesPhilosophies

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:06 PM

Posted 23 March 2015 - 08:53 PM

I've been transferred from the "Am I Infected?" Section, received help there and still have all of the same problems. Unwanted connections, frequently connects through IPv4 instead of IPv6, hidden connections when I typed ipconfig in command prompt. Sometimes it connects to "Unidentified Network" where I have no IPv4 or IPv6 network access, but packets are being exchanged. Two tunnel connections, various wireless connections, all hidden from me. Other users and "TrustedInstaller" and "System" : these two entities have more authority than I do and special permissions. Also there is a huge amount of outbound/inbound packets being sent back and forth, my router log is full of dos attacks and failed connections. Firewall is engaged. Fully blocking domain/private. My hosts file was corrupted I believe, not sure if it's been fixxed by one of the programs I ran, I don't know enough to do anything about it.

 

Below I'm going to list what I find when I type ipconfig, and all the processes running in Task Manager. Then the FRST logs.

 

*(_TASK MANAGER_)*
AccelerometerSt.exe
AdaptiveSleepService.exe
AERTs64.exe
atieclxx.exe
atierlxx.exe
audiodg.exe
conhost.exe
CoolSense.exe
csrss.exe
csrss.exe
Fuel.Service.exe
hpqWmiEx.exe
HPSA_Service.exe
hpservice.exe
HPWMISVC.exe
lsass.exe
mbam.exe
mbamscheduler.exe
mbamservice.exe
MsMpEng.exe
RAVBg64.exe
RTKAUDIOSERVICE64.exe
RtkNGUI64.exe
SDFSSvc.exe
SDScan.exe
SDTray.exe
SDUpdSvc.exe
SDWSCSvc.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe x 11   (<---- 11 Seperate svchost.exe programs are running simultaneously)
SynTPEnh.exe
SynTPHelper.exe
System
System Idle Process
System interrupts
SystemSettings.exe
taskhost.exe
taskhostex.exe
Taskmgr.exe
wininit.exe
winlogon.exe
wlanext.exe
WmiPrvSE.exe
 

 

*(_Command Prompt_)*

C:\Users\Soc>ipconfig

Windows IP Configuration

Ethernet adapter Ethernet :

Media State : media disconnected
Connection-specific DNS Suffix :

Wireless LAN adapter Local Area Connection* 11:

Media State : media disconnected
Connection-specific DNS Suffix :

Wireless LAN adapter WIFI

Connection-specific DNS suffix :
Link-local IPv6 Address : fe80::901e:e463:3a90:ad21%13
IPv4 Address : 192.168.1.3
Subnet Mask : 255.255.255.0
Default Gateway : 192.168.1.1

Tunnel adapter isatap.<89165EFB-82DA-4362-A39C-8BEBE229D702>:

Media State : Media disconnected
Connection-specific DNS Suffix :

Tunnel adapter Local Area Connection* 12:

Media State : Media disconnected
Connection-specific DNS Suffix :

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS suffix:
IPv6 Address : 2001:0:5ef5:79fb:3848:a50:3f57:fefc
Link-local IPv6 Address:fe80::3848:a50:3f57:fefc%18
Default Gateway : ::

C:\Users\Soc>

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Soc (administrator) on LAPTOP on 23-03-2015 21:36:13
Running from C:\Users\Soc\Downloads
Loaded Profiles: Soc (Available profiles: Soc)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015920 2013-02-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-02-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2713351260-3739553866-1922508299-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2713351260-3739553866-1922508299-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-2713351260-3739553866-1922508299-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{832CEE48-1C65-485C-AA11-6EF5E94F6D2A}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Soc\AppData\Roaming\Mozilla\Firefox\Profiles\5kv0vvmo.default
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.google.com/
FF NetworkProxy: "type", 0
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Extension: MozBar - C:\Users\Soc\AppData\Roaming\Mozilla\Firefox\Profiles\5kv0vvmo.default\Extensions\toolbar@seomoz.org.xpi [2015-03-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-04-17] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-02-01] (Hewlett-Packard Development Company, L.P.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-28] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-08] (Advanced Micro Devices, INC.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2013-06-17] (Microsoft Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3029208 2013-07-12] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31984 2013-02-06] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-23 21:36 - 2015-03-23 21:36 - 00010810 _____ () C:\Users\Soc\Downloads\FRST.txt
2015-03-23 21:33 - 2015-03-23 21:36 - 00000000 ____D () C:\FRST
2015-03-23 21:33 - 2015-03-23 21:33 - 02095616 _____ (Farbar) C:\Users\Soc\Downloads\FRST64.exe
2015-03-23 18:40 - 2015-03-23 18:40 - 00019058 _____ () C:\ComboFix.txt
2015-03-23 18:26 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-23 18:26 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-23 18:26 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-23 18:24 - 2015-03-23 18:40 - 00000000 ____D () C:\Qoobox
2015-03-23 18:23 - 2015-03-23 18:37 - 00000000 ____D () C:\Windows\erdnt
2015-03-23 18:22 - 2015-03-23 18:22 - 05616289 ____R (Swearware) C:\Users\Soc\Downloads\ComboFix.exe
2015-03-23 18:07 - 2015-03-23 18:07 - 00291288 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-23 17:56 - 2015-03-03 09:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-23 17:53 - 2015-03-23 17:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-23 17:52 - 2015-02-26 21:14 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-23 17:20 - 2014-06-10 18:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-03-23 17:20 - 2014-06-10 18:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-03-23 17:11 - 2014-04-16 14:20 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-03-23 17:11 - 2014-04-16 14:20 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-03-23 17:10 - 2014-04-16 14:20 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-03-23 17:10 - 2014-04-16 14:20 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-03-23 17:10 - 2014-04-16 14:20 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-03-23 17:10 - 2014-04-16 14:20 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-03-23 17:08 - 2013-01-28 21:57 - 00035232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-23 17:08 - 2013-01-28 19:08 - 00230904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-23 17:06 - 2013-04-09 01:17 - 01829408 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-23 17:06 - 2013-04-09 01:14 - 01455880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-03-23 17:06 - 2013-04-09 00:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-23 17:06 - 2013-04-09 00:51 - 13648384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-03-23 17:06 - 2013-04-09 00:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-03-23 17:06 - 2013-04-09 00:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-03-23 17:06 - 2013-04-09 00:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2015-03-23 17:06 - 2013-04-08 22:35 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-23 17:06 - 2013-04-08 17:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-23 17:06 - 2013-04-08 17:51 - 10789888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-03-23 17:06 - 2013-04-08 17:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-03-23 17:06 - 2013-04-08 17:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-03-23 17:05 - 2013-04-09 01:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-23 17:05 - 2013-04-09 01:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-23 17:05 - 2013-04-09 01:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-23 17:05 - 2013-04-09 01:27 - 00284424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-03-23 17:05 - 2013-04-09 01:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_10ec.dll
2015-03-23 17:05 - 2013-04-09 01:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2015-03-23 17:05 - 2013-04-09 01:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\system32\kdvm.dll
2015-03-23 17:05 - 2013-04-09 00:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-03-23 17:05 - 2013-04-09 00:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2015-03-23 17:05 - 2013-04-09 00:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-03-23 17:05 - 2013-04-09 00:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-03-23 17:05 - 2013-04-09 00:52 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2015-03-23 17:05 - 2013-04-09 00:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2015-03-23 17:05 - 2013-04-09 00:51 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-03-23 17:05 - 2013-04-09 00:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-03-23 17:05 - 2013-04-09 00:51 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-03-23 17:05 - 2013-04-09 00:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-03-23 17:05 - 2013-04-09 00:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2015-03-23 17:05 - 2013-04-09 00:48 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-23 17:05 - 2013-04-09 00:48 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2015-03-23 17:05 - 2013-04-09 00:48 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-03-23 17:05 - 2013-04-08 22:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-23 17:05 - 2013-04-08 22:34 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-03-23 17:05 - 2013-04-08 22:34 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-03-23 17:05 - 2013-04-08 22:33 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-03-23 17:05 - 2013-04-08 22:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-03-23 17:05 - 2013-04-08 22:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-23 17:05 - 2013-04-08 22:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-03-23 17:05 - 2013-04-08 22:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-03-23 17:05 - 2013-04-08 19:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2015-03-23 17:05 - 2013-04-08 19:39 - 01408896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-23 17:05 - 2013-04-08 19:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-23 17:05 - 2013-04-08 19:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-23 17:05 - 2013-04-08 17:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-03-23 17:05 - 2013-04-08 17:52 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-03-23 17:05 - 2013-04-08 17:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-03-23 17:05 - 2013-04-08 17:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-03-23 17:05 - 2013-04-08 17:52 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2015-03-23 17:05 - 2013-04-08 17:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2015-03-23 17:05 - 2013-04-08 17:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2015-03-23 17:05 - 2013-04-04 19:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-23 17:05 - 2013-03-30 14:16 - 01403784 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-23 17:05 - 2013-03-30 14:16 - 01267424 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-23 17:05 - 2013-03-28 18:09 - 01217328 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-23 17:05 - 2013-03-28 18:09 - 01093880 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-23 17:05 - 2013-03-15 18:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-03-23 17:05 - 2013-03-15 18:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-03-23 17:05 - 2013-03-02 06:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-03-23 17:05 - 2013-02-02 04:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2015-03-23 17:05 - 2013-02-02 04:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2015-03-23 17:05 - 2012-11-20 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys
2015-03-23 17:00 - 2013-08-07 01:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-03-23 17:00 - 2012-11-10 00:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-03-23 17:00 - 2012-11-10 00:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-03-23 17:00 - 2012-11-10 00:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2015-03-23 17:00 - 2012-11-10 00:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2015-03-23 17:00 - 2012-11-10 00:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2015-03-23 16:53 - 2015-01-22 02:42 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-23 16:53 - 2015-01-22 01:00 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-23 16:53 - 2014-12-19 02:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-03-23 16:50 - 2014-09-24 19:29 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-23 16:50 - 2014-09-24 19:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-03-23 16:50 - 2014-09-24 19:01 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-23 16:50 - 2014-09-24 19:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-03-23 16:45 - 2014-06-05 13:30 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-03-23 16:45 - 2014-06-05 09:12 - 08857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-03-23 16:44 - 2014-06-05 13:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-03-23 16:44 - 2014-06-05 13:29 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-23 16:44 - 2014-06-05 13:29 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-03-23 16:44 - 2014-06-05 13:28 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-23 16:44 - 2014-06-05 13:28 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-23 16:44 - 2014-06-05 09:11 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-03-23 16:44 - 2014-06-05 09:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-03-23 16:44 - 2014-06-05 09:10 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-23 16:44 - 2014-06-05 09:10 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-03-23 16:44 - 2013-03-06 02:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-03-23 16:43 - 2013-07-13 02:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-23 16:43 - 2013-07-13 02:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-23 16:43 - 2013-07-13 02:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2015-03-23 16:43 - 2013-07-13 02:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2015-03-23 16:43 - 2013-07-13 00:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-23 16:43 - 2013-07-13 00:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2015-03-23 16:43 - 2013-07-13 00:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2015-03-23 16:35 - 2014-12-18 02:52 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-03-23 16:35 - 2014-12-18 02:51 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-23 16:35 - 2014-12-18 02:20 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-03-23 16:35 - 2014-12-18 00:47 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-23 16:35 - 2014-12-18 00:15 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-23 16:35 - 2014-12-09 19:14 - 00569720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-23 16:35 - 2014-11-08 07:21 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-23 16:35 - 2014-11-08 02:56 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-23 16:35 - 2014-10-11 04:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-23 16:35 - 2014-10-11 01:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-23 16:35 - 2014-10-11 01:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-23 16:35 - 2014-05-29 19:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-03-23 16:35 - 2014-04-12 05:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-03-23 16:35 - 2014-04-12 05:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-23 16:35 - 2014-04-12 05:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-23 16:35 - 2014-04-12 05:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-23 16:35 - 2014-04-12 05:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-23 16:35 - 2014-04-12 03:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-23 16:35 - 2014-04-12 03:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-23 16:35 - 2014-04-12 03:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-23 16:35 - 2014-04-12 03:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-23 16:35 - 2014-04-12 02:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2015-03-23 16:28 - 2014-11-08 02:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-03-23 16:27 - 2014-11-08 07:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-03-23 16:19 - 2015-02-17 02:54 - 19777536 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-23 16:19 - 2015-02-17 01:13 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-23 16:18 - 2013-04-02 19:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-03-23 16:18 - 2013-04-02 19:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-03-23 16:15 - 2013-08-23 03:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-03-23 16:15 - 2013-08-22 21:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-03-23 16:14 - 2014-10-30 03:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-23 16:14 - 2014-10-30 01:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-23 16:12 - 2013-03-21 23:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-03-23 16:12 - 2013-03-21 18:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-03-23 16:11 - 2013-07-01 21:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-03-23 16:11 - 2013-07-01 21:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-03-23 16:11 - 2013-07-01 21:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2015-03-23 16:07 - 2014-06-19 19:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-03-23 16:07 - 2014-06-19 18:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-03-23 16:05 - 2014-01-12 19:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-03-23 16:05 - 2014-01-12 19:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-03-23 16:05 - 2013-11-19 20:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-03-23 16:05 - 2013-11-19 19:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-03-23 16:03 - 2014-05-29 18:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-03-23 16:00 - 2014-04-03 07:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-03-23 16:00 - 2013-03-02 05:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-03-23 15:58 - 2013-09-27 23:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-03-23 15:31 - 2015-02-23 06:52 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-23 15:31 - 2015-02-23 06:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-23 15:31 - 2015-02-23 06:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-23 15:31 - 2015-02-23 06:51 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-03-23 15:31 - 2015-02-23 06:51 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-23 15:31 - 2015-02-23 06:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-23 15:31 - 2015-02-23 06:51 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 19301888 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 15410688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 02656256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-23 15:31 - 2015-02-23 06:49 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-23 15:31 - 2015-02-23 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-23 15:31 - 2015-02-23 05:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-03-23 15:31 - 2015-02-23 04:51 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-23 15:31 - 2015-02-21 01:31 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-23 15:31 - 2015-02-21 01:31 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-23 15:31 - 2015-02-21 01:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-23 15:31 - 2015-02-21 01:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 14380544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 13768704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-23 15:31 - 2015-02-21 01:29 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-23 15:31 - 2015-02-21 01:29 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-23 15:31 - 2015-02-21 01:29 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-23 15:31 - 2015-02-21 01:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-23 15:31 - 2015-02-21 01:07 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2015-03-23 15:31 - 2015-02-21 00:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-23 15:31 - 2015-02-20 23:00 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-03-23 15:20 - 2015-01-15 17:45 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-23 15:20 - 2014-08-21 19:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-03-23 15:20 - 2014-08-21 19:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-03-23 15:15 - 2015-01-24 02:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-23 15:15 - 2015-01-24 01:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-23 15:15 - 2014-06-06 10:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-03-23 15:15 - 2014-06-06 06:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-03-23 15:14 - 2015-01-24 00:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-23 15:14 - 2014-10-11 03:44 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-23 15:13 - 2015-02-12 19:18 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-23 15:13 - 2014-12-19 00:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-03-23 15:13 - 2013-03-14 20:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-03-23 15:11 - 2014-10-23 08:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-03-23 15:11 - 2014-10-23 07:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-03-23 15:09 - 2013-11-01 01:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-03-23 15:09 - 2013-10-31 23:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-03-23 14:47 - 2014-05-14 21:02 - 00059424 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-03-23 14:47 - 2014-05-14 18:43 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-03-23 14:47 - 2014-05-14 18:43 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-03-23 14:47 - 2014-05-14 18:43 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-03-23 14:47 - 2014-05-14 18:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-03-23 14:46 - 2013-08-16 01:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-03-23 05:38 - 2015-03-23 15:40 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-23 05:37 - 2015-03-23 05:37 - 04864824 _____ (AVAST Software) C:\Users\Soc\Downloads\avast_free_antivirus_setup_online.exe
2015-03-23 03:27 - 2015-03-23 03:27 - 00000000 ____D () C:\ProgramData\Sophos
2015-03-23 03:26 - 2015-03-23 03:26 - 00002759 _____ () C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2015-03-23 03:26 - 2015-03-23 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-03-23 03:26 - 2015-03-23 03:26 - 00000000 ____D () C:\Program Files (x86)\Sophos
2015-03-23 02:48 - 2015-03-23 03:23 - 115929288 _____ (Sophos Limited) C:\Users\Soc\Downloads\Sophos Virus Removal Tool.exe
2015-03-23 00:46 - 2015-03-23 00:46 - 01388672 _____ (Thisisu) C:\Users\Soc\Downloads\JRT.exe
2015-03-23 00:39 - 2015-03-23 00:43 - 00000000 ____D () C:\AdwCleaner
2015-03-23 00:38 - 2015-03-23 00:39 - 02168320 _____ () C:\Users\Soc\Downloads\adwcleaner_4.113.exe
2015-03-23 00:35 - 2015-03-23 00:35 - 00448512 _____ (OldTimer Tools) C:\Users\Soc\Downloads\TFC.exe
2015-03-22 06:35 - 2015-03-22 06:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-22 06:34 - 2015-03-22 06:34 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-22 06:34 - 2015-03-22 06:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-03-22 06:33 - 2015-03-22 06:36 - 00000000 ____D () C:\fd4e20924646faf4bc2b63b9be51
2015-03-22 06:31 - 2015-03-22 06:33 - 13087456 _____ (Microsoft Corporation) C:\Users\Soc\Downloads\Silverlight_x64.exe
2015-03-21 05:55 - 2015-03-21 05:55 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Soc\Downloads\iExplore.exe
2015-03-21 05:53 - 2015-03-21 05:53 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Soc\Downloads\rkill.exe
2015-03-21 05:29 - 2015-03-23 14:21 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-21 05:27 - 2015-03-23 14:21 - 00000000 ____D () C:\Users\Soc\Desktop\mbar
2015-03-21 05:26 - 2015-03-21 05:26 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Soc\Downloads\mbar-1.09.1.1004.exe
2015-03-21 04:41 - 2015-03-21 04:45 - 00079542 _____ () C:\Users\Soc\Downloads\Result.txt
2015-03-21 04:40 - 2015-03-21 04:40 - 00402944 _____ (Farbar) C:\Users\Soc\Downloads\MiniToolBox.exe
2015-03-21 04:37 - 2015-03-21 04:38 - 00002633 _____ () C:\Users\Soc\Downloads\FSS.txt
2015-03-21 04:37 - 2015-03-21 04:37 - 00415232 _____ (Farbar) C:\Users\Soc\Downloads\FSS.exe
2015-03-21 04:34 - 2015-03-21 04:34 - 00852607 _____ () C:\Users\Soc\Downloads\SecurityCheck(1).exe
2015-03-21 04:32 - 2015-03-21 04:32 - 00852607 _____ () C:\Users\Soc\Downloads\SecurityCheck.exe
2015-03-21 02:19 - 2012-07-26 01:26 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20150320-231930.backup
2015-03-21 02:07 - 2015-03-21 02:07 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-21 00:28 - 2015-03-21 00:28 - 00000000 ____D () C:\Users\Soc\Documents\ProcAlyzer Dumps
2015-03-21 00:21 - 2015-03-21 02:10 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-21 00:21 - 2015-03-21 00:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-21 00:21 - 2015-03-21 00:21 - 00001362 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-03-21 00:21 - 2015-03-21 00:21 - 00001350 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-03-21 00:21 - 2015-03-21 00:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-21 00:21 - 2015-03-21 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-03-21 00:21 - 2013-09-20 13:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-03-21 00:19 - 2015-03-21 00:19 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Soc\Downloads\spybot-2.4.exe
2015-03-20 22:10 - 2015-03-20 22:11 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Mozilla
2015-03-20 22:10 - 2015-03-20 22:11 - 00000000 ____D () C:\Users\Soc\AppData\Local\Mozilla
2015-03-20 22:10 - 2015-03-20 22:10 - 00001130 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-20 22:10 - 2015-03-20 22:10 - 00001118 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-20 22:10 - 2015-03-20 22:10 - 00000000 ____D () C:\ProgramData\Mozilla
2015-03-20 22:10 - 2015-03-20 22:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-20 22:10 - 2015-03-20 22:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-20 22:03 - 2015-03-23 21:18 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-20 22:03 - 2015-03-23 13:42 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-20 22:03 - 2015-03-20 22:03 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-20 22:03 - 2015-03-20 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-20 22:03 - 2015-03-20 22:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-20 22:03 - 2015-03-20 22:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-20 22:03 - 2015-03-17 09:24 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-20 22:03 - 2015-03-17 09:24 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-20 19:11 - 2015-03-20 19:11 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Hewlett-Packard
2015-03-20 18:06 - 2015-03-20 18:06 - 00012288 _____ () C:\Users\Soc\Documents\newfirewallprofile.wfw
2015-03-20 17:38 - 2015-03-20 17:38 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Macromedia
2015-03-20 07:37 - 2015-03-20 07:37 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\hpqlog
2015-03-20 07:32 - 2015-03-21 05:07 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2713351260-3739553866-1922508299-1002
2015-03-20 07:28 - 2015-03-20 07:28 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\ATI
2015-03-20 07:28 - 2015-03-20 07:28 - 00000000 ____D () C:\Users\Soc\AppData\Local\ATI
2015-03-20 07:28 - 2015-03-20 07:28 - 00000000 ____D () C:\Users\Soc\AppData\Local\AMD
2015-03-20 07:27 - 2015-03-20 07:37 - 00000000 ____D () C:\Users\Soc\AppData\Local\Hewlett-Packard
2015-03-20 07:26 - 2015-03-23 03:03 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DDBDFE2F-A140-4D70-A706-6E220F74AA2D}
2015-03-20 07:26 - 2015-03-20 07:26 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Adobe
2015-03-20 07:25 - 2015-03-20 07:25 - 00000000 ____D () C:\Users\Soc\AppData\Local\Power2Go8
2015-03-20 07:24 - 2015-03-20 07:24 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Synaptics
2015-03-20 07:23 - 2015-03-23 21:35 - 01928606 _____ () C:\Windows\WindowsUpdate.log
2015-03-20 07:23 - 2015-03-21 02:08 - 00000000 ____D () C:\Users\Soc\AppData\Local\Packages
2015-03-20 07:23 - 2015-03-20 07:26 - 00000000 ____D () C:\Users\Soc
2015-03-20 07:23 - 2015-03-20 07:23 - 00000020 ___SH () C:\Users\Soc\ntuser.ini
2015-03-20 07:23 - 2015-03-20 07:23 - 00000000 ____D () C:\Users\Soc\AppData\Local\VirtualStore
2015-03-20 07:23 - 2013-06-17 23:56 - 00002096 _____ () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-03-20 07:23 - 2012-07-26 04:13 - 00000000 ___RD () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-20 07:23 - 2012-07-26 04:13 - 00000000 ___RD () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-20 07:23 - 2012-07-26 04:13 - 00000000 ___RD () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-20 07:23 - 2012-07-26 04:13 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-20 07:05 - 2015-03-20 07:05 - 00002324 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2713351260-3739553866-1922508299-500
2015-03-20 07:04 - 2015-03-20 07:04 - 00000000 _____ () C:\Recovery.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-23 21:35 - 2012-07-26 03:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-23 21:30 - 2012-07-26 03:28 - 00941114 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-23 21:20 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\sru
2015-03-23 18:42 - 2014-01-16 19:34 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-03-23 18:40 - 2012-07-26 01:37 - 00000000 __RHD () C:\Users\Default
2015-03-23 18:36 - 2012-07-26 01:26 - 00000215 _____ () C:\Windows\system.ini
2015-03-23 18:07 - 2012-07-26 03:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-23 18:06 - 2012-07-26 01:37 - 00000000 ____D () C:\Windows\servicing
2015-03-23 17:59 - 2012-07-26 04:12 - 00000000 ___RD () C:\Windows\ToastData
2015-03-23 17:59 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\WinStore
2015-03-23 17:58 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-23 17:58 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-23 17:58 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-23 17:58 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-23 17:57 - 2012-07-26 01:38 - 00000000 ____D () C:\Windows\system32\oobe
2015-03-23 15:40 - 2012-08-03 18:23 - 00496586 _____ () C:\Windows\PFRO.log
2015-03-23 13:44 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-23 00:43 - 2014-01-16 19:35 - 00001291 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Start Now Technology.lnk
2015-03-21 06:03 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-21 02:09 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-03-20 22:53 - 2012-07-26 04:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-20 19:51 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-20 17:35 - 2013-06-18 00:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-03-20 17:35 - 2013-06-17 23:48 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-03-20 17:34 - 2013-06-18 00:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-20 17:34 - 2013-06-17 23:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-03-20 17:32 - 2014-01-16 19:53 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-20 17:13 - 2014-01-16 19:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-03-20 17:08 - 2013-06-18 00:06 - 00000000 ____D () C:\ProgramData\WildTangent
2015-03-20 17:08 - 2013-06-18 00:06 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-03-20 16:53 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\restore
2015-03-20 07:33 - 2014-01-16 20:02 - 00000000 ____D () C:\ProgramData\Norton
2015-03-20 07:32 - 2012-07-26 04:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-20 07:26 - 2013-06-18 00:00 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2015-03-20 07:26 - 2013-06-17 23:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-03-20 07:26 - 2012-08-03 20:02 - 00000000 ____D () C:\SYSTEM.SAV
2015-03-20 07:23 - 2012-08-03 19:21 - 00000000 ____D () C:\Windows\Panther
2015-03-20 07:11 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\rescache
2015-03-20 07:07 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\Recovery
2015-03-20 07:06 - 2012-08-03 18:40 - 00010342 _____ () C:\Windows\iis.log
2015-03-20 07:06 - 2012-07-26 04:13 - 00004552 _____ () C:\Windows\DtcInstall.log
2015-03-20 07:05 - 2012-07-26 03:21 - 00032587 _____ () C:\Windows\setupact.log
2015-03-20 07:04 - 2012-07-26 04:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2015-03-04 17:24 - 2012-07-26 04:14 - 00791496 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 17:24 - 2012-07-26 04:14 - 00177608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2012-08-03 18:23

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Soc at 2015-03-23 21:37:37
Running from C:\Users\Soc\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{AB1FC306-0E04-81D5-F105-C929F912CF20}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.9.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C27D60E4-3132-45A3-A71A-E3BD1DA3F794}) (Version: 1.0.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6856 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.007 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.1 - Synaptics Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

20-03-2015 16:53:06 Removed Bonjour
23-03-2015 03:25:43 Installed Sophos Virus Removal Tool.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 01:26 - 2015-03-21 02:19 - 00450771 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {28C282A4-ADA5-4607-B1A3-FF7548677209} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {37C712E7-855B-4EE9-875A-95982467F412} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {461E33F2-013E-43CE-9307-C4F1A0CC91F3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-26] (Microsoft Corporation)
Task: {58F9A3C8-A681-400A-BC3D-7E5E68CF9704} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {9A053D18-56E1-40B7-A02B-993714CE53CB} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-02-06] (Synaptics Incorporated)
Task: {C7395476-1EC3-42E3-8E5B-75B29C9AB263} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {E450765B-E35B-4ADF-9DCD-CEBC6E387AFD} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\SYSTEM32\OOBE\SETUPSQM.EXE [2012-07-25] (Microsoft Corporation)
Task: {EEC1BD5C-05AF-4790-A5E3-3925BB76BE5A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {FA10259E-C350-442C-B757-A69D85075F23} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe

==================== Loaded Modules (whitelisted) ==============

2013-04-17 03:51 - 2013-04-17 03:51 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2013-04-17 03:50 - 2013-04-17 03:50 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-03-21 00:21 - 2014-05-13 15:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-03-21 00:21 - 2014-05-13 15:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-03-21 00:21 - 2014-05-13 15:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-03-21 00:21 - 2012-08-23 13:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-21 00:21 - 2012-04-03 20:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2713351260-3739553866-1922508299-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2713351260-3739553866-1922508299-500 - Administrator - Disabled)
Guest (S-1-5-21-2713351260-3739553866-1922508299-501 - Limited - Disabled)
Soc (S-1-5-21-2713351260-3739553866-1922508299-1002 - Administrator - Enabled) => C:\Users\Soc

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/23/2015 09:18:07 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)

Error: (03/23/2015 05:55:58 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: ASP.NET_2.0.50727

Error: (03/23/2015 05:55:58 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: ASP.NET_2.0.507278

Error: (03/23/2015 02:41:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: atieclxx.exe, version: 6.14.11.1143, time stamp: 0x516e1014
Faulting module name: atieclxx.exe, version: 6.14.11.1143, time stamp: 0x516e1014
Exception code: 0xc0000005
Fault offset: 0x000000000002ea19
Faulting process id: 0x8f4
Faulting application start time: 0xatieclxx.exe0
Faulting application path: atieclxx.exe1
Faulting module path: atieclxx.exe2
Report Id: atieclxx.exe3
Faulting package full name: atieclxx.exe4
Faulting package-relative application ID: atieclxx.exe5

Error: (03/23/2015 07:15:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: atieclxx.exe, version: 6.14.11.1143, time stamp: 0x516e1014
Faulting module name: atieclxx.exe, version: 6.14.11.1143, time stamp: 0x516e1014
Exception code: 0xc0000005
Fault offset: 0x000000000002ea19
Faulting process id: 0xdc0
Faulting application start time: 0xatieclxx.exe0
Faulting application path: atieclxx.exe1
Faulting module path: atieclxx.exe2
Report Id: atieclxx.exe3
Faulting package full name: atieclxx.exe4
Faulting package-relative application ID: atieclxx.exe5

Error: (03/23/2015 06:32:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: atieclxx.exe, version: 6.14.11.1143, time stamp: 0x516e1014
Faulting module name: atieclxx.exe, version: 6.14.11.1143, time stamp: 0x516e1014
Exception code: 0xc0000005
Fault offset: 0x000000000002ea19
Faulting process id: 0xcb8
Faulting application start time: 0xatieclxx.exe0
Faulting application path: atieclxx.exe1
Faulting module path: atieclxx.exe2
Report Id: atieclxx.exe3
Faulting package full name: atieclxx.exe4
Faulting package-relative application ID: atieclxx.exe5


System errors:
=============
Error: (03/23/2015 06:36:42 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (03/23/2015 06:31:52 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (03/23/2015 05:56:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2861704).

Error: (03/23/2015 05:56:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Security Update for Windows 8 for x64-based Systems (KB2988948).

Error: (03/23/2015 05:56:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Security Update for Microsoft .NET Framework 4.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2840632).

Error: (03/23/2015 05:56:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Security Update for Windows 8 for x64-based Systems (KB2884256).

Error: (03/23/2015 05:56:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Update for Windows 8 for x64-based Systems (KB2957026).

Error: (03/23/2015 05:56:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2968295).

Error: (03/23/2015 05:56:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Security Update for Windows 8 for x64-based Systems (KB2976897).

Error: (03/23/2015 05:56:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Update for Microsoft Camera Codec Pack for Windows 8 for x64-based Systems (KB2779444).


Microsoft Office Sessions:
=========================
Error: (03/23/2015 09:18:07 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d

Error: (03/23/2015 05:55:58 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: ASP.NET_2.0.50727

Error: (03/23/2015 05:55:58 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: ASP.NET_2.0.507278

Error: (03/23/2015 02:41:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: atieclxx.exe6.14.11.1143516e1014atieclxx.exe6.14.11.1143516e1014c0000005000000000002ea198f401d06598ecfd467cC:\Windows\system32\atieclxx.exeC:\Windows\system32\atieclxx.exe2c48018e-d18c-11e4-be81-a0481c068691

Error: (03/23/2015 07:15:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: atieclxx.exe6.14.11.1143516e1014atieclxx.exe6.14.11.1143516e1014c0000005000000000002ea19dc001d0655a9ac0b9b3C:\Windows\system32\atieclxx.exeC:\Windows\system32\atieclxx.exed8eea759-d14d-11e4-be80-a0481c068691

Error: (03/23/2015 06:32:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: atieclxx.exe6.14.11.1143516e1014atieclxx.exe6.14.11.1143516e1014c0000005000000000002ea19cb801d06554b7e61af1C:\Windows\system32\atieclxx.exeC:\Windows\system32\atieclxx.exef6158e9e-d147-11e4-be80-a0481c068691


==================== Memory info ===========================

Processor: AMD A6-5200 APU with Radeon™ HD Graphics
Percentage of memory in use: 46%
Total physical RAM: 3548.14 MB
Available physical RAM: 1915.67 MB
Total Pagefile: 6876.14 MB
Available Pagefile: 4882.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:674.19 GB) (Free:632 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:23.24 GB) (Free:2.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 500B6A65)

Partition: GPT Partition Type.

==================== End Of Log ============================



BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:06 AM

Posted 25 March 2015 - 09:44 AM

Hey, :)

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Iconic_normal.png Please download Malwarebytes Anti-Malware to your desktop
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Enable free trial of Malwarebytes Anti-Malware Premium
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

The log is available throughout History ->Application logs. Please post it contents in your next reply.
Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

Edited by Machiavelli, 25 March 2015 - 09:44 AM.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 SocratesPhilosophies

SocratesPhilosophies
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:06 PM

Posted 25 March 2015 - 10:31 AM

I should let you know that I've already run all of those. Here's a link to my previous post before I was directed to malware removal : http://www.bleepingcomputer.com/forums/t/570791/suspicious-connections-apps-in-task-manager-dos-attacks/

 

Let me know if you still want me to run those.

 

Thanks



#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:06 AM

Posted 25 March 2015 - 11:11 AM

Run it again that we can be sure everything is good.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 SocratesPhilosophies

SocratesPhilosophies
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:06 PM

Posted 25 March 2015 - 01:32 PM

# AdwCleaner v4.113 - Logfile created 25/03/2015 at 13:05:41
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [Server]
# Operating system : Windows 8  (x64)
# Username : Soc - LAPTOP
# Running from : C:\Users\Soc\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v10.0.9200.17267


-\\ Mozilla Firefox v36.0.1 (x86 en-US)


*************************

AdwCleaner[R0].txt - [835 bytes] - [23/03/2015 00:40:01]
AdwCleaner[R1].txt - [837 bytes] - [25/03/2015 13:01:38]
AdwCleaner[S0].txt - [1008 bytes] - [23/03/2015 00:43:03]
AdwCleaner[S1].txt - [765 bytes] - [25/03/2015 13:05:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [823  bytes] ##########
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/25/2015
Scan Time: 1:28:52 PM
Logfile: adsf.txt
Administrator: Yes

Version: 2.01.4.1018
Malware Database: v2015.03.25.05
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Soc

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356532
Time Elapsed: 20 min, 36 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.6 (03.22.2015:1)
OS: Windows 8 x64
Ran by Soc on Wed 03/25/2015 at 14:13:00.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 03/25/2015 at 14:23:53.41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Soc (administrator) on LAPTOP on 25-03-2015 14:28:43
Running from C:\Users\Soc\Downloads
Loaded Profiles: Soc (Available profiles: Soc)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015920 2013-02-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-02-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-24] (Avast Software s.r.o.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2713351260-3739553866-1922508299-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2713351260-3739553866-1922508299-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-2713351260-3739553866-1922508299-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-24] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-24] (Avast Software s.r.o.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{832CEE48-1C65-485C-AA11-6EF5E94F6D2A}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Soc\AppData\Roaming\Mozilla\Firefox\Profiles\5kv0vvmo.default
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.google.com/
FF NetworkProxy: "type", 0
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Extension: MozBar - C:\Users\Soc\AppData\Roaming\Mozilla\Firefox\Profiles\5kv0vvmo.default\Extensions\toolbar@seomoz.org.xpi [2015-03-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-24]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-04-17] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-24] (Avast Software s.r.o.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-02-01] (Hewlett-Packard Development Company, L.P.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-08] (Advanced Micro Devices, INC.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2013-06-17] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-24] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-24] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-24] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-24] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-24] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-24] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3029208 2013-07-12] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31984 2013-02-06] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 14:23 - 2015-03-25 14:23 - 00000618 _____ () C:\Users\Soc\Desktop\JRT.txt
2015-03-25 14:11 - 2015-03-25 14:11 - 01388782 _____ (Thisisu) C:\Users\Soc\Downloads\JRT(1).exe
2015-03-25 13:54 - 2015-03-25 13:54 - 00000337 _____ () C:\Users\Soc\Desktop\asd.txt
2015-03-25 13:49 - 2015-03-25 13:49 - 00001040 _____ () C:\Users\Soc\Desktop\adsf.txt
2015-03-25 13:28 - 2015-03-25 13:52 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 13:28 - 2015-03-25 13:28 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-25 13:28 - 2015-03-25 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 13:28 - 2015-03-25 13:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-25 13:28 - 2015-03-25 13:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 13:28 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-25 13:28 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-25 13:28 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-25 13:22 - 2015-03-25 13:22 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Soc\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-25 13:19 - 2015-03-25 13:19 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Soc\Downloads\mbam-clean-2.1.1.1001.exe
2015-03-25 13:00 - 2015-03-25 13:00 - 02168320 _____ () C:\Users\Soc\Downloads\AdwCleaner.exe
2015-03-25 11:20 - 2015-03-25 11:20 - 00291856 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-25 00:48 - 2014-07-12 00:41 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2015-03-25 00:48 - 2014-07-12 00:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-03-25 00:48 - 2014-07-12 00:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-03-25 00:48 - 2014-07-12 00:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-03-25 00:48 - 2014-07-12 00:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-03-25 00:48 - 2014-07-12 00:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-03-25 00:48 - 2014-07-12 00:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2015-03-25 00:48 - 2014-07-12 00:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-03-25 00:48 - 2014-07-12 00:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-03-25 00:48 - 2014-07-12 00:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-03-25 00:48 - 2014-07-12 00:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-03-25 00:48 - 2014-07-12 00:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-03-25 00:48 - 2014-07-08 18:33 - 00181248 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2015-03-25 00:48 - 2014-07-08 18:32 - 01539584 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2015-03-25 00:48 - 2014-07-08 18:32 - 00340480 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2015-03-25 00:48 - 2014-07-08 18:30 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2015-03-25 00:48 - 2014-07-07 01:52 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-03-25 00:48 - 2014-07-07 01:52 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-03-25 00:48 - 2014-07-04 06:52 - 00328000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-03-25 00:48 - 2014-07-02 21:59 - 01824784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-25 00:48 - 2014-07-02 20:30 - 01408952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-25 00:48 - 2014-06-28 03:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-03-25 00:48 - 2014-06-28 02:56 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-03-25 00:48 - 2014-06-17 19:27 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-03-25 00:48 - 2014-06-17 19:23 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-03-25 00:48 - 2014-06-11 10:47 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-03-25 00:48 - 2014-06-11 00:40 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-03-25 00:48 - 2014-06-10 18:44 - 01403896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-25 00:48 - 2014-02-04 06:57 - 01271664 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-24 22:25 - 2015-03-25 13:25 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-24 22:25 - 2015-03-24 22:25 - 00001929 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-24 22:25 - 2015-03-24 22:25 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\AVAST Software
2015-03-24 22:25 - 2015-03-24 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-24 22:24 - 2015-03-24 22:25 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-24 22:24 - 2015-03-24 22:24 - 00000000 ____D () C:\Users\Soc\AppData\Local\Google
2015-03-24 22:24 - 2015-03-24 22:23 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-24 22:24 - 2015-03-24 22:23 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-24 22:23 - 2015-03-24 22:23 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-24 22:22 - 2015-03-24 22:22 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-24 17:19 - 2015-03-24 17:19 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2015-03-24 16:33 - 2015-03-24 17:18 - 00002970 _____ () C:\Users\Soc\Desktop\Courses at Gville Tech.txt
2015-03-24 15:02 - 2015-03-04 03:26 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2015-03-24 15:02 - 2015-03-04 03:26 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2015-03-24 15:02 - 2015-03-04 03:26 - 00011105 _____ () C:\Windows\system32\AutoconfigV2.cab
2015-03-24 15:02 - 2015-03-04 02:41 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-24 15:02 - 2015-03-04 02:41 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-24 15:02 - 2015-03-04 00:53 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-24 15:02 - 2015-03-04 00:53 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-24 15:02 - 2014-10-21 21:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-24 15:02 - 2014-10-21 21:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-03-23 23:01 - 2014-10-09 00:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-03-23 23:01 - 2014-10-09 00:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-03-23 23:01 - 2014-10-09 00:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-03-23 23:01 - 2014-10-08 23:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-03-23 23:01 - 2014-10-08 23:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-03-23 22:30 - 2015-01-09 02:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-03-23 22:30 - 2015-01-09 01:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-03-23 22:30 - 2015-01-08 19:52 - 00478296 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-23 22:30 - 2015-01-08 19:52 - 00478296 _____ () C:\Windows\system32\locale.nls
2015-03-23 22:27 - 2014-07-15 18:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-03-23 22:10 - 2013-06-01 07:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-23 22:10 - 2013-06-01 06:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-23 22:10 - 2013-06-01 05:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2015-03-23 22:10 - 2013-06-01 05:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-03-23 22:10 - 2013-06-01 05:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2015-03-23 22:10 - 2013-06-01 05:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2015-03-23 22:10 - 2013-06-01 05:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-23 22:10 - 2013-06-01 05:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2015-03-23 22:10 - 2013-06-01 05:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2015-03-23 22:10 - 2013-06-01 05:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2015-03-23 22:10 - 2013-06-01 05:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-03-23 22:10 - 2013-06-01 05:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2015-03-23 22:10 - 2013-06-01 05:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-23 22:10 - 2013-06-01 05:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-03-23 22:10 - 2013-06-01 05:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2015-03-23 22:10 - 2013-06-01 05:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2015-03-23 22:10 - 2013-06-01 05:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2015-03-23 22:10 - 2013-05-31 23:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2015-03-23 22:10 - 2013-05-24 18:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-23 22:10 - 2013-05-24 18:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-23 22:09 - 2014-02-03 19:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-03-23 22:09 - 2014-02-03 19:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-03-23 22:09 - 2014-01-30 20:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-03-23 22:09 - 2014-01-30 20:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-03-23 22:09 - 2014-01-26 23:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-03-23 22:09 - 2014-01-15 19:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-03-23 22:09 - 2014-01-02 19:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-03-23 22:09 - 2014-01-02 19:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-03-23 22:09 - 2013-06-16 18:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-23 22:06 - 2014-03-24 19:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2015-03-23 22:06 - 2014-03-24 18:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-03-23 22:00 - 2013-10-05 02:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-03-23 22:00 - 2013-08-30 01:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2015-03-23 22:00 - 2013-08-30 01:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2015-03-23 22:00 - 2013-08-29 19:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2015-03-23 22:00 - 2013-08-29 19:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2015-03-23 21:58 - 2013-08-30 01:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2015-03-23 21:58 - 2013-08-30 01:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-03-23 21:58 - 2013-08-29 19:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-03-23 21:58 - 2013-08-21 02:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-03-23 21:58 - 2013-08-10 02:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-03-23 21:58 - 2013-07-24 19:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-03-23 21:58 - 2013-07-24 19:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-03-23 21:55 - 2013-07-09 04:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2015-03-23 21:55 - 2013-07-08 23:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2015-03-23 21:55 - 2013-07-08 18:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-03-23 21:55 - 2013-07-08 18:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-03-23 21:55 - 2013-07-08 18:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2015-03-23 21:55 - 2013-07-08 18:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2015-03-23 21:55 - 2013-07-02 20:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-03-23 21:55 - 2013-07-02 20:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-23 21:55 - 2013-07-02 20:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-03-23 21:55 - 2013-07-02 20:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-23 21:55 - 2013-06-30 18:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2015-03-23 21:55 - 2013-06-30 18:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2015-03-23 21:55 - 2013-06-29 02:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-03-23 21:55 - 2013-06-29 02:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-03-23 21:55 - 2013-06-25 23:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-03-23 21:55 - 2013-06-25 22:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2015-03-23 21:55 - 2013-06-24 18:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-03-23 21:55 - 2013-06-19 01:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2015-03-23 21:55 - 2013-06-19 01:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2015-03-23 21:55 - 2013-06-18 18:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2015-03-23 21:55 - 2013-06-18 18:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2015-03-23 21:55 - 2013-06-11 19:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-03-23 21:55 - 2013-06-11 19:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-03-23 21:55 - 2013-06-06 04:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-03-23 21:46 - 2014-04-29 18:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2015-03-23 21:46 - 2014-04-29 18:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2015-03-23 21:46 - 2014-01-30 20:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-23 21:45 - 2013-10-31 01:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-03-23 21:45 - 2013-10-31 01:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2015-03-23 21:45 - 2013-10-31 00:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2015-03-23 21:45 - 2013-10-30 23:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2015-03-23 21:45 - 2013-10-13 16:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2015-03-23 21:45 - 2013-08-27 01:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-03-23 21:45 - 2013-08-27 01:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-03-23 21:45 - 2013-08-26 18:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-03-23 21:45 - 2013-08-26 18:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-03-23 21:40 - 2014-07-24 09:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-03-23 21:40 - 2014-07-16 19:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2015-03-23 21:40 - 2014-07-16 18:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-03-23 21:40 - 2014-07-16 18:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2015-03-23 21:40 - 2014-07-12 02:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-03-23 21:40 - 2014-07-12 00:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-03-23 21:40 - 2014-07-12 00:36 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-03-23 21:40 - 2014-07-12 00:34 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-03-23 21:40 - 2014-07-12 00:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-03-23 21:40 - 2014-06-28 02:57 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-03-23 21:40 - 2014-06-27 22:23 - 01126400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-03-23 21:40 - 2014-06-12 19:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-03-23 21:40 - 2014-06-12 19:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-23 21:40 - 2012-11-20 01:24 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2015-03-23 21:40 - 2012-11-20 01:17 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2015-03-23 21:40 - 2012-11-20 01:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2015-03-23 21:40 - 2012-11-20 00:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDKURD.DLL
2015-03-23 21:40 - 2012-11-20 00:56 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-03-23 21:39 - 2015-03-23 21:39 - 00072860 _____ () C:\Users\Soc\Desktop\REPLY.txt
2015-03-23 21:39 - 2013-08-10 01:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-03-23 21:39 - 2013-08-10 01:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2015-03-23 21:39 - 2013-08-09 23:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-03-23 21:39 - 2013-08-03 02:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-03-23 21:39 - 2013-08-03 02:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2015-03-23 21:39 - 2013-08-02 02:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-03-23 21:39 - 2013-08-02 01:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-03-23 21:39 - 2013-07-24 19:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2015-03-23 21:39 - 2013-07-24 19:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2015-03-23 21:39 - 2013-03-02 04:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2015-03-23 21:38 - 2014-05-29 00:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-23 21:38 - 2014-03-01 05:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-03-23 21:38 - 2014-03-01 05:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-03-23 21:38 - 2014-03-01 04:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2015-03-23 21:38 - 2014-03-01 02:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-03-23 21:38 - 2014-02-15 00:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2015-03-23 21:38 - 2013-11-25 19:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-03-23 21:38 - 2013-08-03 02:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-03-23 21:38 - 2013-08-03 01:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2015-03-23 21:38 - 2013-08-03 01:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2015-03-23 21:38 - 2013-08-03 01:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2015-03-23 21:38 - 2013-06-28 23:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-03-23 21:38 - 2013-05-04 00:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-03-23 21:37 - 2015-03-23 21:38 - 00018453 _____ () C:\Users\Soc\Downloads\Addition.txt
2015-03-23 21:36 - 2015-03-25 14:28 - 00011888 _____ () C:\Users\Soc\Downloads\FRST.txt
2015-03-23 21:33 - 2015-03-25 14:28 - 00000000 ____D () C:\FRST
2015-03-23 21:33 - 2015-03-23 21:33 - 02095616 _____ (Farbar) C:\Users\Soc\Downloads\FRST64.exe
2015-03-23 18:40 - 2015-03-23 18:40 - 00019058 _____ () C:\ComboFix.txt
2015-03-23 18:26 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-23 18:26 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-23 18:26 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-23 18:24 - 2015-03-23 18:40 - 00000000 ____D () C:\Qoobox
2015-03-23 18:23 - 2015-03-23 18:37 - 00000000 ____D () C:\Windows\erdnt
2015-03-23 18:22 - 2015-03-23 18:22 - 05616289 ____R (Swearware) C:\Users\Soc\Downloads\ComboFix.exe
2015-03-23 18:20 - 2014-08-09 04:30 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-03-23 18:20 - 2014-08-09 04:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-03-23 17:56 - 2015-03-03 09:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-23 17:53 - 2015-03-23 17:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-23 17:52 - 2015-02-26 21:14 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-23 17:20 - 2014-06-10 18:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-03-23 17:20 - 2014-06-10 18:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-03-23 17:10 - 2014-04-16 14:20 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-03-23 17:10 - 2014-04-16 14:20 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-03-23 17:09 - 2013-07-05 20:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-03-23 17:08 - 2014-11-05 02:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-23 17:08 - 2014-11-05 02:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-23 17:08 - 2014-11-01 02:28 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-03-23 17:08 - 2014-10-29 10:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-03-23 17:08 - 2014-08-28 02:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-03-23 17:08 - 2013-07-03 22:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-03-23 17:07 - 2014-11-15 02:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-03-23 17:07 - 2014-11-15 01:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-03-23 17:07 - 2014-11-15 01:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-03-23 17:07 - 2014-11-15 01:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-03-23 17:07 - 2014-11-15 01:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-03-23 17:07 - 2014-11-15 01:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-03-23 17:07 - 2014-11-15 01:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-03-23 17:07 - 2014-11-15 01:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-03-23 17:07 - 2014-11-15 01:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-03-23 17:07 - 2014-11-14 23:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-03-23 17:07 - 2014-11-14 23:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-03-23 17:07 - 2014-11-14 23:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-03-23 17:07 - 2014-11-14 23:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-03-23 17:06 - 2013-04-09 00:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-23 17:06 - 2013-04-09 00:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-03-23 17:06 - 2013-04-09 00:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-03-23 17:06 - 2013-04-09 00:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2015-03-23 17:06 - 2013-04-08 17:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-23 17:06 - 2013-04-08 17:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-03-23 17:06 - 2013-04-08 17:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-03-23 17:05 - 2013-04-09 01:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-23 17:05 - 2013-04-09 01:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-23 17:05 - 2013-04-09 01:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-23 17:05 - 2013-04-09 01:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_10ec.dll
2015-03-23 17:05 - 2013-04-09 01:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2015-03-23 17:05 - 2013-04-09 01:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\system32\kdvm.dll
2015-03-23 17:05 - 2013-04-09 00:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-03-23 17:05 - 2013-04-09 00:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2015-03-23 17:05 - 2013-04-09 00:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-03-23 17:05 - 2013-04-09 00:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-03-23 17:05 - 2013-04-09 00:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2015-03-23 17:05 - 2013-04-09 00:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-03-23 17:05 - 2013-04-09 00:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-03-23 17:05 - 2013-04-09 00:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2015-03-23 17:05 - 2013-04-08 22:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-23 17:05 - 2013-04-08 22:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-03-23 17:05 - 2013-04-08 22:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-23 17:05 - 2013-04-08 22:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-03-23 17:05 - 2013-04-08 19:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2015-03-23 17:05 - 2013-04-08 19:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-23 17:05 - 2013-04-08 19:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-23 17:05 - 2013-04-08 17:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-03-23 17:05 - 2013-04-08 17:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-03-23 17:05 - 2013-04-08 17:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-03-23 17:05 - 2013-04-08 17:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2015-03-23 17:05 - 2013-04-04 19:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-23 17:05 - 2013-03-15 18:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-03-23 17:05 - 2013-03-15 18:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-03-23 17:05 - 2013-03-02 06:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-03-23 17:05 - 2013-02-02 04:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2015-03-23 17:05 - 2013-02-02 04:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2015-03-23 17:05 - 2012-11-20 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys
2015-03-23 17:02 - 2014-06-12 21:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-03-23 17:02 - 2014-06-12 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-03-23 17:02 - 2014-06-04 21:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-03-23 17:02 - 2014-06-03 19:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-03-23 17:02 - 2013-10-19 01:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-03-23 17:02 - 2013-10-19 00:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-03-23 17:02 - 2013-05-04 02:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-03-23 17:02 - 2013-05-04 02:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2015-03-23 17:02 - 2013-05-04 02:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-03-23 17:02 - 2013-05-04 02:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2015-03-23 17:02 - 2013-05-04 00:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-03-23 17:01 - 2013-05-04 03:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-03-23 17:01 - 2013-05-04 02:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2015-03-23 17:01 - 2013-05-04 02:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-03-23 17:01 - 2013-05-04 02:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2015-03-23 17:01 - 2013-05-04 02:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2015-03-23 17:01 - 2013-05-04 02:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-03-23 17:01 - 2013-05-04 02:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-03-23 17:01 - 2013-05-04 02:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-03-23 17:01 - 2013-05-04 02:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-03-23 17:01 - 2013-05-04 02:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-03-23 17:01 - 2013-05-04 02:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2015-03-23 17:01 - 2013-05-04 02:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2015-03-23 17:01 - 2013-05-04 02:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2015-03-23 17:01 - 2013-05-04 00:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2015-03-23 17:01 - 2013-05-04 00:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2015-03-23 17:01 - 2013-05-04 00:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2015-03-23 17:01 - 2013-05-04 00:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2015-03-23 17:01 - 2013-05-04 00:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2015-03-23 17:01 - 2013-05-04 00:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2015-03-23 17:01 - 2013-05-04 00:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-03-23 17:01 - 2013-05-04 00:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-03-23 17:01 - 2013-05-04 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2015-03-23 17:01 - 2013-05-04 00:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2015-03-23 17:01 - 2013-05-04 00:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2015-03-23 17:01 - 2013-05-04 00:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2015-03-23 17:01 - 2013-05-04 00:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2015-03-23 17:01 - 2013-03-01 22:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-03-23 17:01 - 2013-03-01 22:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2015-03-23 17:01 - 2013-02-02 04:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2015-03-23 17:01 - 2013-02-02 04:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2015-03-23 17:00 - 2012-11-10 00:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-03-23 17:00 - 2012-11-10 00:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2015-03-23 17:00 - 2012-11-10 00:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2015-03-23 17:00 - 2012-11-10 00:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2015-03-23 16:59 - 2015-01-24 02:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-23 16:59 - 2015-01-24 01:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-23 16:59 - 2013-03-02 06:57 - 00077544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2015-03-23 16:59 - 2013-03-02 04:23 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-03-23 16:59 - 2013-03-02 04:23 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2015-03-23 16:59 - 2013-03-02 04:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-03-23 16:59 - 2013-03-02 04:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2015-03-23 16:59 - 2013-03-02 04:21 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2015-03-23 16:59 - 2013-03-02 04:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\WSDPrintProxy.DLL
2015-03-23 16:59 - 2013-03-01 22:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2015-03-23 16:59 - 2013-03-01 22:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-03-23 16:59 - 2013-03-01 22:44 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2015-03-23 16:59 - 2013-03-01 22:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\NdisImPlatform.dll
2015-03-23 16:59 - 2013-03-01 22:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\DevDispItemProvider.dll
2015-03-23 16:59 - 2013-03-01 22:43 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2015-03-23 16:59 - 2013-03-01 22:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-03-23 16:59 - 2013-03-01 00:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2015-03-23 16:58 - 2015-02-20 09:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-23 16:58 - 2015-02-20 07:56 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-23 16:58 - 2015-02-20 04:10 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-23 16:58 - 2015-02-20 03:24 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-23 16:57 - 2013-08-16 01:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-03-23 16:57 - 2013-08-16 01:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2015-03-23 16:57 - 2013-08-16 01:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-03-23 16:57 - 2013-08-16 01:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-03-23 16:57 - 2013-08-16 01:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-03-23 16:57 - 2013-08-16 01:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2015-03-23 16:57 - 2013-08-16 01:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2015-03-23 16:57 - 2013-08-16 01:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2015-03-23 16:57 - 2013-08-16 01:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2015-03-23 16:57 - 2013-08-15 18:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2015-03-23 16:57 - 2013-08-15 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2015-03-23 16:57 - 2013-08-15 18:43 - 00083968 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2015-03-23 16:57 - 2013-08-15 18:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2015-03-23 16:57 - 2013-08-15 18:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2015-03-23 16:56 - 2014-07-31 19:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-03-23 16:56 - 2014-06-17 19:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-03-23 16:56 - 2014-06-17 19:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-03-23 16:54 - 2015-03-06 03:39 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-23 16:54 - 2015-03-06 03:39 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-23 16:54 - 2015-03-06 01:48 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-23 16:54 - 2015-03-06 01:48 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-23 16:54 - 2015-02-26 00:35 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-23 16:54 - 2015-02-02 19:18 - 00569712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-23 16:54 - 2015-01-15 07:44 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-03-23 16:54 - 2015-01-15 07:43 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-23 16:54 - 2015-01-15 06:00 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-03-23 16:54 - 2015-01-15 05:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-23 16:54 - 2015-01-15 05:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-23 16:53 - 2015-01-31 09:48 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-23 16:53 - 2015-01-31 01:55 - 00275712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-23 16:53 - 2014-12-19 02:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-03-23 16:53 - 2014-12-11 02:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-03-23 16:53 - 2014-09-02 22:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-03-23 16:53 - 2014-09-02 22:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-03-23 16:51 - 2013-06-22 01:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-03-23 16:51 - 2013-06-22 01:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-03-23 16:50 - 2014-09-24 19:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-03-23 16:50 - 2014-09-24 19:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-03-23 16:49 - 2014-07-23 23:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-03-23 16:49 - 2014-07-23 23:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-03-23 16:48 - 2014-10-08 23:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-03-23 16:48 - 2014-10-08 23:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-03-23 16:48 - 2014-10-08 23:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-03-23 16:48 - 2014-09-22 01:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-03-23 16:48 - 2014-09-21 23:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-03-23 16:46 - 2014-09-13 02:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-03-23 16:46 - 2014-09-02 22:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2015-03-23 16:46 - 2014-09-02 22:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-03-23 16:46 - 2014-08-29 00:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-03-23 16:46 - 2014-08-29 00:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-03-23 16:46 - 2014-08-29 00:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-03-23 16:46 - 2014-08-29 00:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-03-23 16:46 - 2014-08-28 02:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2015-03-23 16:46 - 2014-08-28 02:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-03-23 16:46 - 2014-08-28 01:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-03-23 16:46 - 2014-08-28 01:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-03-23 16:46 - 2014-08-28 01:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
2015-03-23 16:46 - 2014-07-24 09:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2015-03-23 16:45 - 2014-08-28 01:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2015-03-23 16:45 - 2013-04-23 19:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-03-23 16:45 - 2013-04-23 19:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-23 16:45 - 2013-04-23 18:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-03-23 16:45 - 2013-04-23 18:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-23 16:44 - 2014-07-07 01:53 - 01125376 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-03-23 16:44 - 2014-07-07 01:52 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-03-23 16:44 - 2014-07-07 01:52 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-03-23 16:44 - 2014-07-07 01:51 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-03-23 16:44 - 2014-07-07 00:01 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-03-23 16:44 - 2014-07-07 00:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-03-23 16:44 - 2014-07-07 00:00 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-03-23 16:44 - 2014-07-06 23:59 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-03-23 16:44 - 2014-06-05 13:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-03-23 16:44 - 2013-03-06 02:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-03-23 16:43 - 2013-07-13 02:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-23 16:43 - 2013-07-13 02:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-23 16:43 - 2013-07-13 02:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2015-03-23 16:43 - 2013-07-13 02:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2015-03-23 16:43 - 2013-07-13 00:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-23 16:43 - 2013-07-13 00:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2015-03-23 16:43 - 2013-07-13 00:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2015-03-23 16:43 - 2013-02-02 04:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2015-03-23 16:43 - 2013-02-02 04:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2015-03-23 16:43 - 2013-02-02 04:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2015-03-23 16:43 - 2013-02-02 04:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2015-03-23 16:43 - 2013-02-02 04:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2015-03-23 16:43 - 2013-02-02 04:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2015-03-23 16:43 - 2013-02-02 04:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2015-03-23 16:43 - 2013-02-02 04:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2015-03-23 16:43 - 2013-02-02 04:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2015-03-23 16:43 - 2013-02-02 04:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll
2015-03-23 16:43 - 2013-02-02 04:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2015-03-23 16:43 - 2013-02-02 04:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2015-03-23 16:43 - 2013-02-02 04:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2015-03-23 16:43 - 2013-02-02 04:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2015-03-23 16:43 - 2013-02-02 04:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll
2015-03-23 16:43 - 2013-02-02 03:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-03-23 16:41 - 2015-01-29 04:45 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-23 16:39 - 2014-10-11 03:45 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-03-23 16:39 - 2014-10-11 03:44 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-23 16:39 - 2014-10-11 03:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-03-23 16:39 - 2014-10-11 03:43 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-23 16:39 - 2014-10-11 01:58 - 08858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-03-23 16:39 - 2014-10-11 01:57 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-03-23 16:39 - 2014-10-11 01:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-03-23 16:39 - 2014-10-11 01:56 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-23 16:38 - 2014-11-26 02:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-23 16:38 - 2014-11-26 00:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-23 16:38 - 2014-03-10 23:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-23 16:38 - 2014-03-10 20:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-03-23 16:38 - 2014-03-10 20:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-03-23 16:38 - 2014-03-10 20:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-23 16:38 - 2014-03-10 20:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-03-23 16:38 - 2014-03-10 20:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-03-23 16:38 - 2014-03-10 20:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-03-23 16:38 - 2014-03-10 20:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-23 16:38 - 2014-03-10 20:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-03-23 16:38 - 2014-03-10 20:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-23 16:38 - 2014-03-09 23:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-03-23 16:38 - 2014-03-09 21:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-23 16:37 - 2013-12-04 19:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-03-23 16:37 - 2013-12-04 19:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-03-23 16:35 - 2014-11-08 07:21 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-23 16:35 - 2014-11-08 02:56 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-23 16:35 - 2014-10-11 04:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-23 16:35 - 2014-10-11 01:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-23 16:35 - 2014-10-11 01:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-23 16:35 - 2014-05-29 19:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-03-23 16:35 - 2014-04-12 05:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-03-23 16:35 - 2014-04-12 05:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-23 16:35 - 2014-04-12 05:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-23 16:35 - 2014-04-12 05:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-23 16:35 - 2014-04-12 05:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-23 16:35 - 2014-04-12 03:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-23 16:35 - 2014-04-12 03:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-23 16:35 - 2014-04-12 03:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-23 16:35 - 2014-04-12 03:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-23 16:35 - 2014-04-12 02:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2015-03-23 16:28 - 2014-11-08 02:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-03-23 16:28 - 2013-07-01 18:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2015-03-23 16:27 - 2014-11-08 07:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-03-23 16:25 - 2015-01-29 04:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-23 16:25 - 2015-01-29 02:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-23 16:25 - 2013-05-14 22:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2015-03-23 16:25 - 2013-05-14 22:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-03-23 16:25 - 2013-05-14 22:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2015-03-23 16:25 - 2013-05-14 22:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-03-23 16:20 - 2014-06-02 18:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-03-23 16:19 - 2015-02-17 02:54 - 19777536 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-23 16:19 - 2015-02-17 01:13 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-23 16:19 - 2015-01-20 02:41 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-23 16:19 - 2015-01-20 01:10 - 00892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-23 16:18 - 2013-04-02 19:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-03-23 16:18 - 2013-04-02 19:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-03-23 16:16 - 2014-12-18 04:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-03-23 16:16 - 2014-12-18 02:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-03-23 16:16 - 2014-12-18 02:51 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-03-23 16:16 - 2014-12-18 02:50 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-03-23 16:16 - 2014-12-18 02:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-03-23 16:16 - 2013-06-10 15:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-03-23 16:16 - 2013-06-10 15:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-03-23 16:15 - 2013-08-23 03:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-03-23 16:15 - 2013-08-22 21:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-03-23 16:15 - 2012-10-23 23:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2015-03-23 16:15 - 2012-10-23 22:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2015-03-23 16:14 - 2014-10-30 03:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-23 16:14 - 2014-10-30 01:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-23 16:12 - 2013-03-21 23:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-03-23 16:12 - 2013-03-21 18:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-03-23 16:12 - 2013-03-02 04:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-03-23 16:12 - 2013-03-01 22:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-03-23 16:12 - 2012-12-15 00:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-03-23 16:11 - 2013-07-05 18:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-03-23 16:11 - 2013-07-05 18:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-03-23 16:11 - 2013-07-01 21:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-03-23 16:11 - 2013-07-01 21:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2015-03-23 16:11 - 2013-06-30 21:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-03-23 16:11 - 2013-06-30 21:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-03-23 16:11 - 2013-06-30 21:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-03-23 16:11 - 2013-06-30 21:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-03-23 16:11 - 2013-06-28 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-03-23 16:11 - 2013-06-28 23:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-03-23 16:10 - 2013-04-11 18:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-03-23 16:10 - 2013-04-11 18:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-03-23 16:08 - 2014-12-08 02:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-23 16:08 - 2014-12-08 01:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-03-23 16:07 - 2014-06-19 19:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-03-23 16:07 - 2014-06-19 18:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-03-23 16:05 - 2013-11-19 20:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-03-23 16:05 - 2013-11-19 19:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-03-23 16:04 - 2013-07-19 18:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-23 16:04 - 2013-07-19 18:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-23 16:03 - 2014-12-06 03:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-03-23 16:03 - 2014-12-06 03:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-03-23 16:03 - 2014-12-06 03:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-03-23 16:03 - 2014-12-06 02:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-03-23 16:03 - 2014-05-29 18:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-03-23 16:02 - 2014-12-06 03:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-03-23 16:02 - 2014-12-06 03:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-03-23 16:02 - 2014-12-06 03:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-03-23 16:02 - 2014-12-06 03:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-23 16:02 - 2014-12-06 03:50 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-23 16:02 - 2014-12-06 02:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-03-23 16:02 - 2014-12-06 02:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-03-23 16:02 - 2014-12-06 02:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-03-23 16:02 - 2014-10-02 21:21 - 00522728 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-23 16:02 - 2014-10-02 18:29 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-03-23 16:02 - 2013-07-09 02:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-03-23 16:02 - 2013-07-09 00:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-03-23 16:00 - 2013-03-02 05:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-03-23 15:58 - 2013-09-27 23:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-03-23 15:57 - 2013-02-11 20:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-03-23 15:57 - 2013-02-02 01:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-03-23 15:57 - 2013-02-02 01:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-03-23 15:56 - 2013-10-10 05:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-03-23 15:56 - 2013-10-10 05:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2015-03-23 15:56 - 2013-10-10 05:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-03-23 15:56 - 2013-10-10 05:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-03-23 15:56 - 2013-10-10 05:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-03-23 15:56 - 2013-10-10 05:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2015-03-23 15:56 - 2013-10-10 05:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-03-23 15:45 - 2014-07-15 19:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-03-23 15:45 - 2014-07-11 22:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-03-23 15:31 - 2015-02-23 06:52 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-23 15:31 - 2015-02-23 06:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-23 15:31 - 2015-02-23 06:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-23 15:31 - 2015-02-23 06:51 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-03-23 15:31 - 2015-02-23 06:51 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-23 15:31 - 2015-02-23 06:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-23 15:31 - 2015-02-23 06:51 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 19301888 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 15410688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 02656256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-23 15:31 - 2015-02-23 06:49 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-23 15:31 - 2015-02-23 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-23 15:31 - 2015-02-23 05:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-03-23 15:31 - 2015-02-23 04:51 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-23 15:31 - 2015-02-21 01:31 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-23 15:31 - 2015-02-21 01:31 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-23 15:31 - 2015-02-21 01:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-23 15:31 - 2015-02-21 01:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 14380544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 13768704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-23 15:31 - 2015-02-21 01:29 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-23 15:31 - 2015-02-21 01:29 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-23 15:31 - 2015-02-21 01:29 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-23 15:31 - 2015-02-21 01:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-23 15:31 - 2015-02-21 01:07 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2015-03-23 15:31 - 2015-02-21 00:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-23 15:31 - 2015-02-20 23:00 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-03-23 15:20 - 2014-08-21 19:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-03-23 15:20 - 2014-08-21 19:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-03-23 15:15 - 2015-01-24 02:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-23 15:15 - 2015-01-24 01:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-23 15:15 - 2014-06-06 10:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-03-23 15:15 - 2014-06-06 06:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-03-23 15:14 - 2015-01-24 00:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-23 15:14 - 2014-10-11 03:44 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-23 15:13 - 2015-02-12 19:18 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-23 15:13 - 2014-12-19 00:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-03-23 15:13 - 2013-03-14 20:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-03-23 15:11 - 2014-10-23 08:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-03-23 15:11 - 2014-10-23 07:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-03-23 15:09 - 2013-11-01 01:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-03-23 15:09 - 2013-10-31 23:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-03-23 14:47 - 2013-08-15 18:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-03-23 14:46 - 2013-08-16 01:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-03-23 14:46 - 2013-08-16 01:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-03-23 05:38 - 2015-03-24 22:19 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-23 05:37 - 2015-03-23 05:37 - 04864824 _____ (AVAST Software) C:\Users\Soc\Downloads\avast_free_antivirus_setup_online.exe
2015-03-23 03:27 - 2015-03-23 03:27 - 00000000 ____D () C:\ProgramData\Sophos
2015-03-23 03:26 - 2015-03-23 03:26 - 00002759 _____ () C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2015-03-23 03:26 - 2015-03-23 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-03-23 03:26 - 2015-03-23 03:26 - 00000000 ____D () C:\Program Files (x86)\Sophos
2015-03-23 02:48 - 2015-03-23 03:23 - 115929288 _____ (Sophos Limited) C:\Users\Soc\Downloads\Sophos Virus Removal Tool.exe
2015-03-23 00:46 - 2015-03-23 00:46 - 01388672 _____ (Thisisu) C:\Users\Soc\Downloads\JRT.exe
2015-03-23 00:39 - 2015-03-25 13:05 - 00000000 ____D () C:\AdwCleaner
2015-03-23 00:35 - 2015-03-23 00:35 - 00448512 _____ (OldTimer Tools) C:\Users\Soc\Downloads\TFC.exe
2015-03-22 06:35 - 2015-03-22 06:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-22 06:34 - 2015-03-22 06:34 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-22 06:34 - 2015-03-22 06:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-03-22 06:33 - 2015-03-22 06:36 - 00000000 ____D () C:\fd4e20924646faf4bc2b63b9be51
2015-03-22 06:31 - 2015-03-22 06:33 - 13087456 _____ (Microsoft Corporation) C:\Users\Soc\Downloads\Silverlight_x64.exe
2015-03-21 05:55 - 2015-03-21 05:55 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Soc\Downloads\iExplore.exe
2015-03-21 05:53 - 2015-03-21 05:53 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Soc\Downloads\rkill.exe
2015-03-21 05:29 - 2015-03-23 14:21 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-21 05:27 - 2015-03-23 14:21 - 00000000 ____D () C:\Users\Soc\Desktop\mbar
2015-03-21 05:26 - 2015-03-21 05:26 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Soc\Downloads\mbar-1.09.1.1004.exe
2015-03-21 04:41 - 2015-03-21 04:45 - 00079542 _____ () C:\Users\Soc\Downloads\Result.txt
2015-03-21 04:40 - 2015-03-21 04:40 - 00402944 _____ (Farbar) C:\Users\Soc\Downloads\MiniToolBox.exe
2015-03-21 04:37 - 2015-03-21 04:38 - 00002633 _____ () C:\Users\Soc\Downloads\FSS.txt
2015-03-21 04:37 - 2015-03-21 04:37 - 00415232 _____ (Farbar) C:\Users\Soc\Downloads\FSS.exe
2015-03-21 04:34 - 2015-03-21 04:34 - 00852607 _____ () C:\Users\Soc\Downloads\SecurityCheck(1).exe
2015-03-21 04:32 - 2015-03-21 04:32 - 00852607 _____ () C:\Users\Soc\Downloads\SecurityCheck.exe
2015-03-21 02:19 - 2012-07-26 01:26 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20150320-231930.backup
2015-03-21 02:07 - 2015-03-21 02:07 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-21 00:28 - 2015-03-21 00:28 - 00000000 ____D () C:\Users\Soc\Documents\ProcAlyzer Dumps
2015-03-21 00:21 - 2015-03-21 02:10 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-21 00:21 - 2015-03-21 00:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-21 00:21 - 2015-03-21 00:21 - 00001362 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-03-21 00:21 - 2015-03-21 00:21 - 00001350 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-03-21 00:21 - 2015-03-21 00:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-21 00:21 - 2015-03-21 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-03-21 00:21 - 2013-09-20 13:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-03-21 00:19 - 2015-03-21 00:19 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Soc\Downloads\spybot-2.4.exe
2015-03-20 22:10 - 2015-03-25 14:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-20 22:10 - 2015-03-25 14:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-20 22:10 - 2015-03-20 22:11 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Mozilla
2015-03-20 22:10 - 2015-03-20 22:11 - 00000000 ____D () C:\Users\Soc\AppData\Local\Mozilla
2015-03-20 22:10 - 2015-03-20 22:10 - 00001130 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-20 22:10 - 2015-03-20 22:10 - 00001118 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-20 22:10 - 2015-03-20 22:10 - 00000000 ____D () C:\ProgramData\Mozilla
2015-03-20 19:11 - 2015-03-20 19:11 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Hewlett-Packard
2015-03-20 18:06 - 2015-03-20 18:06 - 00012288 _____ () C:\Users\Soc\Documents\newfirewallprofile.wfw
2015-03-20 17:38 - 2015-03-20 17:38 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Macromedia
2015-03-20 07:37 - 2015-03-20 07:37 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\hpqlog
2015-03-20 07:32 - 2015-03-25 14:22 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2713351260-3739553866-1922508299-1002
2015-03-20 07:28 - 2015-03-20 07:28 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\ATI
2015-03-20 07:28 - 2015-03-20 07:28 - 00000000 ____D () C:\Users\Soc\AppData\Local\ATI
2015-03-20 07:28 - 2015-03-20 07:28 - 00000000 ____D () C:\Users\Soc\AppData\Local\AMD
2015-03-20 07:27 - 2015-03-20 07:37 - 00000000 ____D () C:\Users\Soc\AppData\Local\Hewlett-Packard
2015-03-20 07:26 - 2015-03-24 10:50 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DDBDFE2F-A140-4D70-A706-6E220F74AA2D}
2015-03-20 07:26 - 2015-03-20 07:26 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Adobe
2015-03-20 07:25 - 2015-03-20 07:25 - 00000000 ____D () C:\Users\Soc\AppData\Local\Power2Go8
2015-03-20 07:24 - 2015-03-20 07:24 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Synaptics
2015-03-20 07:23 - 2015-03-25 14:10 - 01416478 _____ () C:\Windows\WindowsUpdate.log
2015-03-20 07:23 - 2015-03-21 02:08 - 00000000 ____D () C:\Users\Soc\AppData\Local\Packages
2015-03-20 07:23 - 2015-03-20 07:26 - 00000000 ____D () C:\Users\Soc
2015-03-20 07:23 - 2015-03-20 07:23 - 00000020 ___SH () C:\Users\Soc\ntuser.ini
2015-03-20 07:23 - 2015-03-20 07:23 - 00000000 ____D () C:\Users\Soc\AppData\Local\VirtualStore
2015-03-20 07:23 - 2013-06-17 23:56 - 00002096 _____ () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-03-20 07:23 - 2012-07-26 04:13 - 00000000 ___RD () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-20 07:23 - 2012-07-26 04:13 - 00000000 ___RD () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-20 07:23 - 2012-07-26 04:13 - 00000000 ___RD () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-20 07:23 - 2012-07-26 04:13 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-20 07:05 - 2015-03-20 07:05 - 00002324 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2713351260-3739553866-1922508299-500
2015-03-20 07:04 - 2015-03-20 07:04 - 00000000 _____ () C:\Recovery.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 14:17 - 2012-07-26 03:28 - 00941114 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-25 14:09 - 2012-08-03 18:23 - 00515828 _____ () C:\Windows\PFRO.log
2015-03-25 14:09 - 2012-07-26 03:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-25 12:52 - 2014-01-16 19:34 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-03-25 12:00 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\sru
2015-03-25 01:00 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2015-03-25 00:51 - 2012-07-26 03:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-24 22:18 - 2012-07-26 03:21 - 00033383 _____ () C:\Windows\setupact.log
2015-03-24 17:19 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\WinStore
2015-03-24 15:53 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\rescache
2015-03-24 15:03 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-03-23 23:50 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-23 23:50 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-23 23:49 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-23 23:49 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-23 23:49 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-23 23:49 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-23 23:49 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-23 23:49 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-23 23:48 - 2012-07-26 04:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-23 23:48 - 2012-07-26 03:52 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-23 23:48 - 2012-07-26 01:38 - 00000000 ____D () C:\Windows\system32\oobe
2015-03-23 23:47 - 2012-07-26 04:12 - 00000000 ___RD () C:\Windows\ToastData
2015-03-23 23:45 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-23 23:45 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-03-23 23:45 - 2012-07-26 01:38 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-23 23:45 - 2012-07-26 01:38 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-23 18:40 - 2012-07-26 01:37 - 00000000 __RHD () C:\Users\Default
2015-03-23 18:36 - 2012-07-26 01:26 - 00000215 _____ () C:\Windows\system.ini
2015-03-23 18:06 - 2012-07-26 01:37 - 00000000 ____D () C:\Windows\servicing
2015-03-23 13:44 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-23 00:43 - 2014-01-16 19:35 - 00001291 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Start Now Technology.lnk
2015-03-21 06:03 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-20 19:51 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-20 17:35 - 2013-06-18 00:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-03-20 17:35 - 2013-06-17 23:48 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-03-20 17:34 - 2013-06-18 00:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-20 17:34 - 2013-06-17 23:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-03-20 17:32 - 2014-01-16 19:53 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-20 17:13 - 2014-01-16 19:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-03-20 17:08 - 2013-06-18 00:06 - 00000000 ____D () C:\ProgramData\WildTangent
2015-03-20 17:08 - 2013-06-18 00:06 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-03-20 16:53 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\restore
2015-03-20 07:33 - 2014-01-16 20:02 - 00000000 ____D () C:\ProgramData\Norton
2015-03-20 07:32 - 2012-07-26 04:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-20 07:26 - 2013-06-18 00:00 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2015-03-20 07:26 - 2013-06-17 23:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-03-20 07:26 - 2012-08-03 20:02 - 00000000 ____D () C:\SYSTEM.SAV
2015-03-20 07:23 - 2012-08-03 19:21 - 00000000 ____D () C:\Windows\Panther
2015-03-20 07:07 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\Recovery
2015-03-20 07:06 - 2012-08-03 18:40 - 00010342 _____ () C:\Windows\iis.log
2015-03-20 07:06 - 2012-07-26 04:13 - 00004552 _____ () C:\Windows\DtcInstall.log
2015-03-20 07:04 - 2012-07-26 04:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2015-03-04 17:24 - 2012-07-26 04:14 - 00791496 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 17:24 - 2012-07-26 04:14 - 00177608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Soc\AppData\Local\temp\Quarantine.exe
C:\Users\Soc\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2012-08-03 18:23

==================== End Of Log ============================



#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:06 AM

Posted 25 March 2015 - 03:33 PM

Hey,
well done. :)

Step 1: FRST Fix
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
    HKU\S-1-5-21-2713351260-3739553866-1922508299-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    FF NetworkProxy: "type", 0
    EmptyTemp:
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!
  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 SocratesPhilosophies

SocratesPhilosophies
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:06 PM

Posted 25 March 2015 - 10:01 PM

Stuck on step 3, can't find a secure download of internet explorer. Microsoft only gives me the option to upgrade to Windows 8.1 to get IE 11. Can you please provide a secure updated IE for Windows 8?



#8 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:06 AM

Posted 26 March 2015 - 12:51 PM

Can't you use your IE? :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#9 SocratesPhilosophies

SocratesPhilosophies
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:06 PM

Posted 26 March 2015 - 01:20 PM

I uninstalled it after the reinstall because I don't trust internet explorer and only use firefox.

 



#10 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:06 AM

Posted 26 March 2015 - 03:24 PM

Then use FireFox.

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your currently installed Anti-Virus, how to do so can be read here.

Vista/Windows 7 users: You will need to right-click on either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
  • Please go here to run the scan.

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: EOLS2.gif
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: EOLS4.gif
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#11 SocratesPhilosophies

SocratesPhilosophies
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:06 PM

Posted 27 March 2015 - 05:59 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Soc at 2015-03-25 22:40:40 Run:1
Running from C:\Users\Soc\Desktop
Loaded Profiles: Soc (Available profiles: Soc)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
HKU\S-1-5-21-2713351260-3739553866-1922508299-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
FF NetworkProxy: "type", 0
EmptyTemp:
*****************

"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => Key deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found.
"HKU\S-1-5-21-2713351260-3739553866-1922508299-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
Firefox Proxy settings were reset.
EmptyTemp: => Removed 53.2 MB temporary data.


The system needed a reboot.

==== End of Fixlog 22:40:46 ====
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Soc (administrator) on LAPTOP on 25-03-2015 22:45:46
Running from C:\Users\Soc\Desktop
Loaded Profiles: Soc (Available profiles: Soc)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015920 2013-02-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-02-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-24] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2713351260-3739553866-1922508299-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-2713351260-3739553866-1922508299-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-24] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-24] (Avast Software s.r.o.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{832CEE48-1C65-485C-AA11-6EF5E94F6D2A}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Soc\AppData\Roaming\Mozilla\Firefox\Profiles\5kv0vvmo.default
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.google.com/
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Extension: MozBar - C:\Users\Soc\AppData\Roaming\Mozilla\Firefox\Profiles\5kv0vvmo.default\Extensions\toolbar@seomoz.org.xpi [2015-03-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-24]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-04-17] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-24] (Avast Software s.r.o.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-02-01] (Hewlett-Packard Development Company, L.P.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-08] (Advanced Micro Devices, INC.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2013-06-17] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-24] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-24] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-24] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-24] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-24] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-24] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3029208 2013-07-12] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31984 2013-02-06] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 22:45 - 2015-03-25 22:46 - 00011147 _____ () C:\Users\Soc\Desktop\FRST.txt
2015-03-25 22:45 - 2015-03-25 22:45 - 00002622 _____ () C:\Users\Soc\Desktop\replynewest.txt
2015-03-25 14:23 - 2015-03-25 14:23 - 00000618 _____ () C:\Users\Soc\Desktop\JRT.txt
2015-03-25 14:11 - 2015-03-25 14:11 - 01388782 _____ (Thisisu) C:\Users\Soc\Downloads\JRT(1).exe
2015-03-25 13:54 - 2015-03-25 13:54 - 00000337 _____ () C:\Users\Soc\Desktop\asd.txt
2015-03-25 13:49 - 2015-03-25 13:49 - 00001040 _____ () C:\Users\Soc\Desktop\adsf.txt
2015-03-25 13:28 - 2015-03-25 13:52 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 13:28 - 2015-03-25 13:28 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-25 13:28 - 2015-03-25 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 13:28 - 2015-03-25 13:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-25 13:28 - 2015-03-25 13:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 13:28 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-25 13:28 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-25 13:28 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-25 13:22 - 2015-03-25 13:22 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Soc\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-25 13:19 - 2015-03-25 13:19 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Soc\Downloads\mbam-clean-2.1.1.1001.exe
2015-03-25 13:00 - 2015-03-25 13:00 - 02168320 _____ () C:\Users\Soc\Downloads\AdwCleaner.exe
2015-03-25 11:20 - 2015-03-25 11:20 - 00291856 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-25 00:48 - 2014-07-12 00:41 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2015-03-25 00:48 - 2014-07-12 00:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-03-25 00:48 - 2014-07-12 00:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-03-25 00:48 - 2014-07-12 00:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-03-25 00:48 - 2014-07-12 00:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-03-25 00:48 - 2014-07-12 00:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-03-25 00:48 - 2014-07-12 00:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2015-03-25 00:48 - 2014-07-12 00:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-03-25 00:48 - 2014-07-12 00:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-03-25 00:48 - 2014-07-12 00:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-03-25 00:48 - 2014-07-12 00:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-03-25 00:48 - 2014-07-12 00:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-03-25 00:48 - 2014-07-08 18:33 - 00181248 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2015-03-25 00:48 - 2014-07-08 18:32 - 01539584 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2015-03-25 00:48 - 2014-07-08 18:32 - 00340480 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2015-03-25 00:48 - 2014-07-08 18:30 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2015-03-25 00:48 - 2014-07-07 01:52 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-03-25 00:48 - 2014-07-07 01:52 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-03-25 00:48 - 2014-07-04 06:52 - 00328000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-03-25 00:48 - 2014-07-02 21:59 - 01824784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-25 00:48 - 2014-07-02 20:30 - 01408952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-25 00:48 - 2014-06-28 03:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-03-25 00:48 - 2014-06-28 02:56 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-03-25 00:48 - 2014-06-17 19:27 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-03-25 00:48 - 2014-06-17 19:23 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-03-25 00:48 - 2014-06-11 10:47 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-03-25 00:48 - 2014-06-11 00:40 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-03-25 00:48 - 2014-06-10 18:44 - 01403896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-25 00:48 - 2014-02-04 06:57 - 01271664 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-24 22:25 - 2015-03-25 13:25 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-24 22:25 - 2015-03-24 22:25 - 00001929 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-24 22:25 - 2015-03-24 22:25 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\AVAST Software
2015-03-24 22:25 - 2015-03-24 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-24 22:24 - 2015-03-24 22:25 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-24 22:24 - 2015-03-24 22:24 - 00000000 ____D () C:\Users\Soc\AppData\Local\Google
2015-03-24 22:24 - 2015-03-24 22:23 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-24 22:24 - 2015-03-24 22:23 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-24 22:24 - 2015-03-24 22:23 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-24 22:23 - 2015-03-24 22:23 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-24 22:22 - 2015-03-24 22:22 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-24 17:19 - 2015-03-24 17:19 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2015-03-24 16:33 - 2015-03-24 17:18 - 00002970 _____ () C:\Users\Soc\Desktop\Courses at Gville Tech.txt
2015-03-24 15:02 - 2015-03-04 03:26 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2015-03-24 15:02 - 2015-03-04 03:26 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2015-03-24 15:02 - 2015-03-04 03:26 - 00011105 _____ () C:\Windows\system32\AutoconfigV2.cab
2015-03-24 15:02 - 2015-03-04 02:41 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-24 15:02 - 2015-03-04 02:41 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-24 15:02 - 2015-03-04 00:53 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-24 15:02 - 2015-03-04 00:53 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-24 15:02 - 2014-10-21 21:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-24 15:02 - 2014-10-21 21:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-03-23 23:01 - 2014-10-09 00:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-03-23 23:01 - 2014-10-09 00:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-03-23 23:01 - 2014-10-09 00:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-03-23 23:01 - 2014-10-08 23:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-03-23 23:01 - 2014-10-08 23:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-03-23 22:30 - 2015-01-09 02:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-03-23 22:30 - 2015-01-09 01:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-03-23 22:30 - 2015-01-08 19:52 - 00478296 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-23 22:30 - 2015-01-08 19:52 - 00478296 _____ () C:\Windows\system32\locale.nls
2015-03-23 22:27 - 2014-07-15 18:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-03-23 22:10 - 2013-06-01 07:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-23 22:10 - 2013-06-01 06:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-23 22:10 - 2013-06-01 05:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2015-03-23 22:10 - 2013-06-01 05:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-03-23 22:10 - 2013-06-01 05:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2015-03-23 22:10 - 2013-06-01 05:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2015-03-23 22:10 - 2013-06-01 05:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-23 22:10 - 2013-06-01 05:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2015-03-23 22:10 - 2013-06-01 05:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2015-03-23 22:10 - 2013-06-01 05:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2015-03-23 22:10 - 2013-06-01 05:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-03-23 22:10 - 2013-06-01 05:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2015-03-23 22:10 - 2013-06-01 05:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-23 22:10 - 2013-06-01 05:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-03-23 22:10 - 2013-06-01 05:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2015-03-23 22:10 - 2013-06-01 05:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2015-03-23 22:10 - 2013-06-01 05:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2015-03-23 22:10 - 2013-05-31 23:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2015-03-23 22:10 - 2013-05-24 18:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-23 22:10 - 2013-05-24 18:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-23 22:09 - 2014-02-03 19:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-03-23 22:09 - 2014-02-03 19:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-03-23 22:09 - 2014-01-30 20:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-03-23 22:09 - 2014-01-30 20:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-03-23 22:09 - 2014-01-26 23:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-03-23 22:09 - 2014-01-15 19:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-03-23 22:09 - 2014-01-02 19:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-03-23 22:09 - 2014-01-02 19:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-03-23 22:09 - 2013-06-16 18:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-23 22:06 - 2014-03-24 19:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2015-03-23 22:06 - 2014-03-24 18:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-03-23 22:00 - 2013-10-05 02:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-03-23 22:00 - 2013-08-30 01:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2015-03-23 22:00 - 2013-08-30 01:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2015-03-23 22:00 - 2013-08-29 19:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2015-03-23 22:00 - 2013-08-29 19:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2015-03-23 21:58 - 2013-08-30 01:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2015-03-23 21:58 - 2013-08-30 01:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-03-23 21:58 - 2013-08-29 19:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-03-23 21:58 - 2013-08-21 02:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-03-23 21:58 - 2013-08-10 02:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-03-23 21:58 - 2013-07-24 19:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-03-23 21:58 - 2013-07-24 19:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-03-23 21:55 - 2013-07-09 04:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2015-03-23 21:55 - 2013-07-08 23:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2015-03-23 21:55 - 2013-07-08 18:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-03-23 21:55 - 2013-07-08 18:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-03-23 21:55 - 2013-07-08 18:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2015-03-23 21:55 - 2013-07-08 18:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2015-03-23 21:55 - 2013-07-02 20:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-03-23 21:55 - 2013-07-02 20:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-23 21:55 - 2013-07-02 20:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-03-23 21:55 - 2013-07-02 20:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-23 21:55 - 2013-06-30 18:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2015-03-23 21:55 - 2013-06-30 18:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2015-03-23 21:55 - 2013-06-29 02:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-03-23 21:55 - 2013-06-29 02:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-03-23 21:55 - 2013-06-25 23:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-03-23 21:55 - 2013-06-25 22:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2015-03-23 21:55 - 2013-06-24 18:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-03-23 21:55 - 2013-06-19 01:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2015-03-23 21:55 - 2013-06-19 01:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2015-03-23 21:55 - 2013-06-18 18:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2015-03-23 21:55 - 2013-06-18 18:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2015-03-23 21:55 - 2013-06-11 19:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-03-23 21:55 - 2013-06-11 19:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-03-23 21:55 - 2013-06-06 04:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-03-23 21:46 - 2014-04-29 18:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2015-03-23 21:46 - 2014-04-29 18:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2015-03-23 21:46 - 2014-01-30 20:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-23 21:45 - 2013-10-31 01:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-03-23 21:45 - 2013-10-31 01:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2015-03-23 21:45 - 2013-10-31 00:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2015-03-23 21:45 - 2013-10-30 23:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2015-03-23 21:45 - 2013-10-13 16:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2015-03-23 21:45 - 2013-08-27 01:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-03-23 21:45 - 2013-08-27 01:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-03-23 21:45 - 2013-08-26 18:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-03-23 21:45 - 2013-08-26 18:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-03-23 21:40 - 2014-07-24 09:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-03-23 21:40 - 2014-07-16 19:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2015-03-23 21:40 - 2014-07-16 18:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-03-23 21:40 - 2014-07-16 18:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2015-03-23 21:40 - 2014-07-12 02:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-03-23 21:40 - 2014-07-12 00:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-03-23 21:40 - 2014-07-12 00:36 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-03-23 21:40 - 2014-07-12 00:34 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-03-23 21:40 - 2014-07-12 00:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-03-23 21:40 - 2014-06-28 02:57 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-03-23 21:40 - 2014-06-27 22:23 - 01126400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-03-23 21:40 - 2014-06-12 19:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-03-23 21:40 - 2014-06-12 19:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-23 21:40 - 2012-11-20 01:24 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2015-03-23 21:40 - 2012-11-20 01:17 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2015-03-23 21:40 - 2012-11-20 01:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2015-03-23 21:40 - 2012-11-20 00:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDKURD.DLL
2015-03-23 21:40 - 2012-11-20 00:56 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-03-23 21:39 - 2015-03-23 21:39 - 00072860 _____ () C:\Users\Soc\Desktop\REPLY.txt
2015-03-23 21:39 - 2013-08-10 01:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-03-23 21:39 - 2013-08-10 01:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2015-03-23 21:39 - 2013-08-09 23:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-03-23 21:39 - 2013-08-03 02:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-03-23 21:39 - 2013-08-03 02:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2015-03-23 21:39 - 2013-08-02 02:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-03-23 21:39 - 2013-08-02 01:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-03-23 21:39 - 2013-07-24 19:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2015-03-23 21:39 - 2013-07-24 19:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2015-03-23 21:39 - 2013-03-02 04:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2015-03-23 21:38 - 2014-05-29 00:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-23 21:38 - 2014-03-01 05:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-03-23 21:38 - 2014-03-01 05:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-03-23 21:38 - 2014-03-01 04:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2015-03-23 21:38 - 2014-03-01 02:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-03-23 21:38 - 2014-02-15 00:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2015-03-23 21:38 - 2013-11-25 19:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-03-23 21:38 - 2013-08-03 02:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-03-23 21:38 - 2013-08-03 01:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2015-03-23 21:38 - 2013-08-03 01:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2015-03-23 21:38 - 2013-08-03 01:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2015-03-23 21:38 - 2013-06-28 23:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-03-23 21:38 - 2013-05-04 00:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-03-23 21:37 - 2015-03-23 21:38 - 00018453 _____ () C:\Users\Soc\Downloads\Addition.txt
2015-03-23 21:36 - 2015-03-25 14:29 - 00100986 _____ () C:\Users\Soc\Downloads\FRST.txt
2015-03-23 21:33 - 2015-03-25 22:45 - 00000000 ____D () C:\FRST
2015-03-23 21:33 - 2015-03-23 21:33 - 02095616 _____ (Farbar) C:\Users\Soc\Desktop\FRST64.exe
2015-03-23 18:40 - 2015-03-23 18:40 - 00019058 _____ () C:\ComboFix.txt
2015-03-23 18:26 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-23 18:26 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-23 18:26 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-23 18:26 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-23 18:24 - 2015-03-23 18:40 - 00000000 ____D () C:\Qoobox
2015-03-23 18:23 - 2015-03-23 18:37 - 00000000 ____D () C:\Windows\erdnt
2015-03-23 18:22 - 2015-03-23 18:22 - 05616289 ____R (Swearware) C:\Users\Soc\Downloads\ComboFix.exe
2015-03-23 18:20 - 2014-08-09 04:30 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-03-23 18:20 - 2014-08-09 04:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-03-23 17:56 - 2015-03-03 09:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-23 17:53 - 2015-03-23 17:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-23 17:52 - 2015-02-26 21:14 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-23 17:20 - 2014-06-10 18:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-03-23 17:20 - 2014-06-10 18:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-03-23 17:10 - 2014-04-16 14:20 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-03-23 17:10 - 2014-04-16 14:20 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-03-23 17:09 - 2013-07-05 20:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-03-23 17:08 - 2014-11-05 02:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-23 17:08 - 2014-11-05 02:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-23 17:08 - 2014-11-01 02:28 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-03-23 17:08 - 2014-10-29 10:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-03-23 17:08 - 2014-08-28 02:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-03-23 17:08 - 2013-07-03 22:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-03-23 17:07 - 2014-11-15 02:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-03-23 17:07 - 2014-11-15 01:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-03-23 17:07 - 2014-11-15 01:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-03-23 17:07 - 2014-11-15 01:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-03-23 17:07 - 2014-11-15 01:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-03-23 17:07 - 2014-11-15 01:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-03-23 17:07 - 2014-11-15 01:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-03-23 17:07 - 2014-11-15 01:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-03-23 17:07 - 2014-11-15 01:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-03-23 17:07 - 2014-11-14 23:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-03-23 17:07 - 2014-11-14 23:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-03-23 17:07 - 2014-11-14 23:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-03-23 17:07 - 2014-11-14 23:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-03-23 17:06 - 2013-04-09 00:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-23 17:06 - 2013-04-09 00:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-03-23 17:06 - 2013-04-09 00:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-03-23 17:06 - 2013-04-09 00:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2015-03-23 17:06 - 2013-04-08 17:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-23 17:06 - 2013-04-08 17:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-03-23 17:06 - 2013-04-08 17:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-03-23 17:05 - 2013-04-09 01:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-23 17:05 - 2013-04-09 01:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-23 17:05 - 2013-04-09 01:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-23 17:05 - 2013-04-09 01:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_10ec.dll
2015-03-23 17:05 - 2013-04-09 01:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2015-03-23 17:05 - 2013-04-09 01:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\system32\kdvm.dll
2015-03-23 17:05 - 2013-04-09 00:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-03-23 17:05 - 2013-04-09 00:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2015-03-23 17:05 - 2013-04-09 00:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-03-23 17:05 - 2013-04-09 00:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-03-23 17:05 - 2013-04-09 00:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2015-03-23 17:05 - 2013-04-09 00:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-03-23 17:05 - 2013-04-09 00:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-03-23 17:05 - 2013-04-09 00:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-03-23 17:05 - 2013-04-09 00:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2015-03-23 17:05 - 2013-04-09 00:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2015-03-23 17:05 - 2013-04-08 22:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-23 17:05 - 2013-04-08 22:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-03-23 17:05 - 2013-04-08 22:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-23 17:05 - 2013-04-08 22:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-03-23 17:05 - 2013-04-08 19:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2015-03-23 17:05 - 2013-04-08 19:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-23 17:05 - 2013-04-08 19:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-23 17:05 - 2013-04-08 17:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-03-23 17:05 - 2013-04-08 17:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-03-23 17:05 - 2013-04-08 17:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-03-23 17:05 - 2013-04-08 17:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2015-03-23 17:05 - 2013-04-08 17:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2015-03-23 17:05 - 2013-04-04 19:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-23 17:05 - 2013-03-15 18:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-03-23 17:05 - 2013-03-15 18:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-03-23 17:05 - 2013-03-02 06:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-03-23 17:05 - 2013-02-02 04:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2015-03-23 17:05 - 2013-02-02 04:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2015-03-23 17:05 - 2012-11-20 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys
2015-03-23 17:02 - 2014-06-12 21:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-03-23 17:02 - 2014-06-12 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-03-23 17:02 - 2014-06-04 21:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-03-23 17:02 - 2014-06-03 19:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-03-23 17:02 - 2013-10-19 01:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-03-23 17:02 - 2013-10-19 00:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-03-23 17:02 - 2013-05-04 02:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-03-23 17:02 - 2013-05-04 02:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2015-03-23 17:02 - 2013-05-04 02:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-03-23 17:02 - 2013-05-04 02:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2015-03-23 17:02 - 2013-05-04 00:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-03-23 17:01 - 2013-05-04 03:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-03-23 17:01 - 2013-05-04 02:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2015-03-23 17:01 - 2013-05-04 02:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-03-23 17:01 - 2013-05-04 02:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2015-03-23 17:01 - 2013-05-04 02:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2015-03-23 17:01 - 2013-05-04 02:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-03-23 17:01 - 2013-05-04 02:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-03-23 17:01 - 2013-05-04 02:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-03-23 17:01 - 2013-05-04 02:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-03-23 17:01 - 2013-05-04 02:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-03-23 17:01 - 2013-05-04 02:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2015-03-23 17:01 - 2013-05-04 02:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2015-03-23 17:01 - 2013-05-04 02:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2015-03-23 17:01 - 2013-05-04 00:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2015-03-23 17:01 - 2013-05-04 00:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2015-03-23 17:01 - 2013-05-04 00:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2015-03-23 17:01 - 2013-05-04 00:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2015-03-23 17:01 - 2013-05-04 00:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2015-03-23 17:01 - 2013-05-04 00:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2015-03-23 17:01 - 2013-05-04 00:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-03-23 17:01 - 2013-05-04 00:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-03-23 17:01 - 2013-05-04 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2015-03-23 17:01 - 2013-05-04 00:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2015-03-23 17:01 - 2013-05-04 00:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2015-03-23 17:01 - 2013-05-04 00:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2015-03-23 17:01 - 2013-05-04 00:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2015-03-23 17:01 - 2013-03-01 22:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-03-23 17:01 - 2013-03-01 22:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2015-03-23 17:01 - 2013-02-02 04:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2015-03-23 17:01 - 2013-02-02 04:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2015-03-23 17:00 - 2012-11-10 00:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-03-23 17:00 - 2012-11-10 00:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2015-03-23 17:00 - 2012-11-10 00:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2015-03-23 17:00 - 2012-11-10 00:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2015-03-23 16:59 - 2015-01-24 02:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-23 16:59 - 2015-01-24 01:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-23 16:59 - 2013-03-02 06:57 - 00077544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2015-03-23 16:59 - 2013-03-02 04:23 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-03-23 16:59 - 2013-03-02 04:23 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2015-03-23 16:59 - 2013-03-02 04:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-03-23 16:59 - 2013-03-02 04:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2015-03-23 16:59 - 2013-03-02 04:21 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2015-03-23 16:59 - 2013-03-02 04:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2015-03-23 16:59 - 2013-03-01 22:45 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\WSDPrintProxy.DLL
2015-03-23 16:59 - 2013-03-01 22:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2015-03-23 16:59 - 2013-03-01 22:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-03-23 16:59 - 2013-03-01 22:44 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2015-03-23 16:59 - 2013-03-01 22:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\NdisImPlatform.dll
2015-03-23 16:59 - 2013-03-01 22:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\DevDispItemProvider.dll
2015-03-23 16:59 - 2013-03-01 22:43 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2015-03-23 16:59 - 2013-03-01 22:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-03-23 16:59 - 2013-03-01 00:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2015-03-23 16:58 - 2015-02-20 09:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-23 16:58 - 2015-02-20 07:56 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-23 16:58 - 2015-02-20 04:10 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-23 16:58 - 2015-02-20 03:24 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-23 16:57 - 2013-08-16 01:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-03-23 16:57 - 2013-08-16 01:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2015-03-23 16:57 - 2013-08-16 01:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-03-23 16:57 - 2013-08-16 01:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-03-23 16:57 - 2013-08-16 01:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-03-23 16:57 - 2013-08-16 01:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2015-03-23 16:57 - 2013-08-16 01:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2015-03-23 16:57 - 2013-08-16 01:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2015-03-23 16:57 - 2013-08-16 01:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2015-03-23 16:57 - 2013-08-15 18:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2015-03-23 16:57 - 2013-08-15 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2015-03-23 16:57 - 2013-08-15 18:43 - 00083968 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2015-03-23 16:57 - 2013-08-15 18:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2015-03-23 16:57 - 2013-08-15 18:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2015-03-23 16:56 - 2014-07-31 19:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-03-23 16:56 - 2014-06-17 19:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-03-23 16:56 - 2014-06-17 19:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-03-23 16:54 - 2015-03-06 03:39 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-23 16:54 - 2015-03-06 03:39 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-23 16:54 - 2015-03-06 01:48 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-23 16:54 - 2015-03-06 01:48 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-23 16:54 - 2015-02-26 00:35 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-23 16:54 - 2015-02-02 19:18 - 00569712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-23 16:54 - 2015-01-15 07:44 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-03-23 16:54 - 2015-01-15 07:43 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-23 16:54 - 2015-01-15 06:00 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-03-23 16:54 - 2015-01-15 05:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-23 16:54 - 2015-01-15 05:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-23 16:53 - 2015-01-31 09:48 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-23 16:53 - 2015-01-31 01:55 - 00275712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-23 16:53 - 2014-12-19 02:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-03-23 16:53 - 2014-12-11 02:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-03-23 16:53 - 2014-09-02 22:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-03-23 16:53 - 2014-09-02 22:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-03-23 16:51 - 2013-06-22 01:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-03-23 16:51 - 2013-06-22 01:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-03-23 16:50 - 2014-09-24 19:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-03-23 16:50 - 2014-09-24 19:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-03-23 16:49 - 2014-07-23 23:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-03-23 16:49 - 2014-07-23 23:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-03-23 16:48 - 2014-10-08 23:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-03-23 16:48 - 2014-10-08 23:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-03-23 16:48 - 2014-10-08 23:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-03-23 16:48 - 2014-09-22 01:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-03-23 16:48 - 2014-09-21 23:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-03-23 16:46 - 2014-09-13 02:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-03-23 16:46 - 2014-09-02 22:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2015-03-23 16:46 - 2014-09-02 22:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-03-23 16:46 - 2014-08-29 00:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-03-23 16:46 - 2014-08-29 00:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-03-23 16:46 - 2014-08-29 00:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-03-23 16:46 - 2014-08-29 00:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-03-23 16:46 - 2014-08-28 02:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2015-03-23 16:46 - 2014-08-28 02:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-03-23 16:46 - 2014-08-28 01:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-03-23 16:46 - 2014-08-28 01:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-03-23 16:46 - 2014-08-28 01:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
2015-03-23 16:46 - 2014-07-24 09:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2015-03-23 16:45 - 2014-08-28 01:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2015-03-23 16:45 - 2013-04-23 19:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-03-23 16:45 - 2013-04-23 19:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-23 16:45 - 2013-04-23 18:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-03-23 16:45 - 2013-04-23 18:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-23 16:44 - 2014-07-07 01:53 - 01125376 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-03-23 16:44 - 2014-07-07 01:52 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-03-23 16:44 - 2014-07-07 01:52 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-03-23 16:44 - 2014-07-07 01:51 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-03-23 16:44 - 2014-07-07 00:01 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-03-23 16:44 - 2014-07-07 00:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-03-23 16:44 - 2014-07-07 00:00 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-03-23 16:44 - 2014-07-06 23:59 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-03-23 16:44 - 2014-06-05 13:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-03-23 16:44 - 2013-03-06 02:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-03-23 16:43 - 2013-07-13 02:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-23 16:43 - 2013-07-13 02:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-23 16:43 - 2013-07-13 02:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2015-03-23 16:43 - 2013-07-13 02:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2015-03-23 16:43 - 2013-07-13 00:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-23 16:43 - 2013-07-13 00:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2015-03-23 16:43 - 2013-07-13 00:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2015-03-23 16:43 - 2013-02-02 04:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2015-03-23 16:43 - 2013-02-02 04:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2015-03-23 16:43 - 2013-02-02 04:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2015-03-23 16:43 - 2013-02-02 04:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2015-03-23 16:43 - 2013-02-02 04:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2015-03-23 16:43 - 2013-02-02 04:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2015-03-23 16:43 - 2013-02-02 04:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2015-03-23 16:43 - 2013-02-02 04:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2015-03-23 16:43 - 2013-02-02 04:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2015-03-23 16:43 - 2013-02-02 04:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll
2015-03-23 16:43 - 2013-02-02 04:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2015-03-23 16:43 - 2013-02-02 04:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2015-03-23 16:43 - 2013-02-02 04:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2015-03-23 16:43 - 2013-02-02 04:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2015-03-23 16:43 - 2013-02-02 04:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll
2015-03-23 16:43 - 2013-02-02 03:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-03-23 16:41 - 2015-01-29 04:45 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-23 16:39 - 2014-10-11 03:45 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-03-23 16:39 - 2014-10-11 03:44 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-23 16:39 - 2014-10-11 03:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-03-23 16:39 - 2014-10-11 03:43 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-23 16:39 - 2014-10-11 01:58 - 08858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-03-23 16:39 - 2014-10-11 01:57 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-03-23 16:39 - 2014-10-11 01:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-03-23 16:39 - 2014-10-11 01:56 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-23 16:38 - 2014-11-26 02:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-23 16:38 - 2014-11-26 00:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-23 16:38 - 2014-03-10 23:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-23 16:38 - 2014-03-10 20:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-03-23 16:38 - 2014-03-10 20:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-03-23 16:38 - 2014-03-10 20:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-23 16:38 - 2014-03-10 20:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-03-23 16:38 - 2014-03-10 20:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-03-23 16:38 - 2014-03-10 20:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-03-23 16:38 - 2014-03-10 20:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-23 16:38 - 2014-03-10 20:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-03-23 16:38 - 2014-03-10 20:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-23 16:38 - 2014-03-09 23:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-03-23 16:38 - 2014-03-09 21:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-23 16:37 - 2013-12-04 19:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-03-23 16:37 - 2013-12-04 19:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-03-23 16:35 - 2014-11-08 07:21 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-23 16:35 - 2014-11-08 02:56 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-23 16:35 - 2014-10-11 04:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-23 16:35 - 2014-10-11 01:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-23 16:35 - 2014-10-11 01:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-23 16:35 - 2014-05-29 19:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-03-23 16:35 - 2014-04-12 05:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-03-23 16:35 - 2014-04-12 05:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-23 16:35 - 2014-04-12 05:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-23 16:35 - 2014-04-12 05:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-23 16:35 - 2014-04-12 05:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-23 16:35 - 2014-04-12 03:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-23 16:35 - 2014-04-12 03:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-23 16:35 - 2014-04-12 03:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-23 16:35 - 2014-04-12 03:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-23 16:35 - 2014-04-12 02:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2015-03-23 16:28 - 2014-11-08 02:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-03-23 16:28 - 2013-07-01 18:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2015-03-23 16:27 - 2014-11-08 07:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-03-23 16:25 - 2015-01-29 04:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-23 16:25 - 2015-01-29 02:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-23 16:25 - 2013-05-14 22:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2015-03-23 16:25 - 2013-05-14 22:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-03-23 16:25 - 2013-05-14 22:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2015-03-23 16:25 - 2013-05-14 22:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-03-23 16:20 - 2014-06-02 18:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-03-23 16:19 - 2015-02-17 02:54 - 19777536 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-23 16:19 - 2015-02-17 01:13 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-23 16:19 - 2015-01-20 02:41 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-23 16:19 - 2015-01-20 01:10 - 00892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-23 16:18 - 2013-04-02 19:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-03-23 16:18 - 2013-04-02 19:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-03-23 16:16 - 2014-12-18 04:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-03-23 16:16 - 2014-12-18 02:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-03-23 16:16 - 2014-12-18 02:51 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-03-23 16:16 - 2014-12-18 02:50 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-03-23 16:16 - 2014-12-18 02:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-03-23 16:16 - 2013-06-10 15:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-03-23 16:16 - 2013-06-10 15:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-03-23 16:15 - 2013-08-23 03:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-03-23 16:15 - 2013-08-22 21:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-03-23 16:15 - 2012-10-23 23:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2015-03-23 16:15 - 2012-10-23 22:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2015-03-23 16:14 - 2014-10-30 03:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-23 16:14 - 2014-10-30 01:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-23 16:12 - 2013-03-21 23:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-03-23 16:12 - 2013-03-21 18:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-03-23 16:12 - 2013-03-02 04:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-03-23 16:12 - 2013-03-01 22:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-03-23 16:12 - 2012-12-15 00:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-03-23 16:11 - 2013-07-05 18:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-03-23 16:11 - 2013-07-05 18:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-03-23 16:11 - 2013-07-01 21:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-03-23 16:11 - 2013-07-01 21:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2015-03-23 16:11 - 2013-06-30 21:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-03-23 16:11 - 2013-06-30 21:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-03-23 16:11 - 2013-06-30 21:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-03-23 16:11 - 2013-06-30 21:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-03-23 16:11 - 2013-06-28 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-03-23 16:11 - 2013-06-28 23:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-03-23 16:10 - 2013-04-11 18:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-03-23 16:10 - 2013-04-11 18:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-03-23 16:08 - 2014-12-08 02:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-23 16:08 - 2014-12-08 01:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-03-23 16:07 - 2014-06-19 19:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-03-23 16:07 - 2014-06-19 18:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-03-23 16:05 - 2013-11-19 20:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-03-23 16:05 - 2013-11-19 19:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-03-23 16:04 - 2013-07-19 18:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-23 16:04 - 2013-07-19 18:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-23 16:03 - 2014-12-06 03:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-03-23 16:03 - 2014-12-06 03:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-03-23 16:03 - 2014-12-06 03:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-03-23 16:03 - 2014-12-06 02:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-03-23 16:03 - 2014-05-29 18:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-03-23 16:02 - 2014-12-06 03:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-03-23 16:02 - 2014-12-06 03:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-03-23 16:02 - 2014-12-06 03:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-03-23 16:02 - 2014-12-06 03:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-23 16:02 - 2014-12-06 03:50 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-23 16:02 - 2014-12-06 02:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-03-23 16:02 - 2014-12-06 02:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-03-23 16:02 - 2014-12-06 02:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-03-23 16:02 - 2014-10-02 21:21 - 00522728 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-23 16:02 - 2014-10-02 18:29 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-03-23 16:02 - 2013-07-09 02:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-03-23 16:02 - 2013-07-09 00:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-03-23 16:00 - 2013-03-02 05:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-03-23 15:58 - 2013-09-27 23:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-03-23 15:57 - 2013-02-11 20:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-03-23 15:57 - 2013-02-02 01:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-03-23 15:57 - 2013-02-02 01:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-03-23 15:56 - 2013-10-10 05:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-03-23 15:56 - 2013-10-10 05:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2015-03-23 15:56 - 2013-10-10 05:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-03-23 15:56 - 2013-10-10 05:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-03-23 15:56 - 2013-10-10 05:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-03-23 15:56 - 2013-10-10 05:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2015-03-23 15:56 - 2013-10-10 05:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-03-23 15:45 - 2014-07-15 19:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-03-23 15:45 - 2014-07-11 22:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-03-23 15:31 - 2015-02-23 06:52 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-23 15:31 - 2015-02-23 06:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-23 15:31 - 2015-02-23 06:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-23 15:31 - 2015-02-23 06:51 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-03-23 15:31 - 2015-02-23 06:51 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-23 15:31 - 2015-02-23 06:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-23 15:31 - 2015-02-23 06:51 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 19301888 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 15410688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 02656256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-23 15:31 - 2015-02-23 06:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-23 15:31 - 2015-02-23 06:49 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-23 15:31 - 2015-02-23 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-23 15:31 - 2015-02-23 05:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-03-23 15:31 - 2015-02-23 04:51 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-23 15:31 - 2015-02-21 01:31 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-23 15:31 - 2015-02-21 01:31 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-23 15:31 - 2015-02-21 01:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-23 15:31 - 2015-02-21 01:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 14380544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 13768704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-23 15:31 - 2015-02-21 01:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-23 15:31 - 2015-02-21 01:29 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-23 15:31 - 2015-02-21 01:29 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-23 15:31 - 2015-02-21 01:29 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-23 15:31 - 2015-02-21 01:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-23 15:31 - 2015-02-21 01:07 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2015-03-23 15:31 - 2015-02-21 00:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-23 15:31 - 2015-02-20 23:00 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-03-23 15:20 - 2014-08-21 19:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-03-23 15:20 - 2014-08-21 19:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-03-23 15:15 - 2015-01-24 02:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-23 15:15 - 2015-01-24 01:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-23 15:15 - 2014-06-06 10:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-03-23 15:15 - 2014-06-06 06:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-03-23 15:14 - 2015-01-24 00:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-23 15:14 - 2014-10-11 03:44 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-23 15:13 - 2015-02-12 19:18 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-23 15:13 - 2014-12-19 00:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-03-23 15:13 - 2013-03-14 20:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-03-23 15:11 - 2014-10-23 08:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-03-23 15:11 - 2014-10-23 07:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-03-23 15:09 - 2013-11-01 01:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-03-23 15:09 - 2013-10-31 23:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-03-23 14:47 - 2013-08-15 18:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-03-23 14:46 - 2013-08-16 01:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-03-23 14:46 - 2013-08-16 01:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-03-23 05:38 - 2015-03-24 22:19 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-23 05:37 - 2015-03-23 05:37 - 04864824 _____ (AVAST Software) C:\Users\Soc\Downloads\avast_free_antivirus_setup_online.exe
2015-03-23 03:27 - 2015-03-23 03:27 - 00000000 ____D () C:\ProgramData\Sophos
2015-03-23 03:26 - 2015-03-23 03:26 - 00002759 _____ () C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2015-03-23 03:26 - 2015-03-23 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-03-23 03:26 - 2015-03-23 03:26 - 00000000 ____D () C:\Program Files (x86)\Sophos
2015-03-23 02:48 - 2015-03-23 03:23 - 115929288 _____ (Sophos Limited) C:\Users\Soc\Downloads\Sophos Virus Removal Tool.exe
2015-03-23 00:46 - 2015-03-23 00:46 - 01388672 _____ (Thisisu) C:\Users\Soc\Downloads\JRT.exe
2015-03-23 00:39 - 2015-03-25 13:05 - 00000000 ____D () C:\AdwCleaner
2015-03-23 00:35 - 2015-03-23 00:35 - 00448512 _____ (OldTimer Tools) C:\Users\Soc\Downloads\TFC.exe
2015-03-22 06:35 - 2015-03-22 06:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-22 06:34 - 2015-03-22 06:34 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-22 06:34 - 2015-03-22 06:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-03-22 06:33 - 2015-03-22 06:36 - 00000000 ____D () C:\fd4e20924646faf4bc2b63b9be51
2015-03-22 06:31 - 2015-03-22 06:33 - 13087456 _____ (Microsoft Corporation) C:\Users\Soc\Downloads\Silverlight_x64.exe
2015-03-21 05:55 - 2015-03-21 05:55 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Soc\Downloads\iExplore.exe
2015-03-21 05:53 - 2015-03-21 05:53 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Soc\Downloads\rkill.exe
2015-03-21 05:29 - 2015-03-23 14:21 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-21 05:27 - 2015-03-23 14:21 - 00000000 ____D () C:\Users\Soc\Desktop\mbar
2015-03-21 05:26 - 2015-03-21 05:26 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Soc\Downloads\mbar-1.09.1.1004.exe
2015-03-21 04:41 - 2015-03-21 04:45 - 00079542 _____ () C:\Users\Soc\Downloads\Result.txt
2015-03-21 04:40 - 2015-03-21 04:40 - 00402944 _____ (Farbar) C:\Users\Soc\Downloads\MiniToolBox.exe
2015-03-21 04:37 - 2015-03-21 04:38 - 00002633 _____ () C:\Users\Soc\Downloads\FSS.txt
2015-03-21 04:37 - 2015-03-21 04:37 - 00415232 _____ (Farbar) C:\Users\Soc\Downloads\FSS.exe
2015-03-21 04:34 - 2015-03-21 04:34 - 00852607 _____ () C:\Users\Soc\Downloads\SecurityCheck(1).exe
2015-03-21 04:32 - 2015-03-21 04:32 - 00852607 _____ () C:\Users\Soc\Downloads\SecurityCheck.exe
2015-03-21 02:19 - 2012-07-26 01:26 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20150320-231930.backup
2015-03-21 02:07 - 2015-03-21 02:07 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-21 00:28 - 2015-03-21 00:28 - 00000000 ____D () C:\Users\Soc\Documents\ProcAlyzer Dumps
2015-03-21 00:21 - 2015-03-21 02:10 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-21 00:21 - 2015-03-21 00:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-21 00:21 - 2015-03-21 00:21 - 00001362 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-03-21 00:21 - 2015-03-21 00:21 - 00001350 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-03-21 00:21 - 2015-03-21 00:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-21 00:21 - 2015-03-21 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-03-21 00:21 - 2013-09-20 13:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-03-21 00:19 - 2015-03-21 00:19 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Soc\Downloads\spybot-2.4.exe
2015-03-20 22:10 - 2015-03-25 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-20 22:10 - 2015-03-25 14:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-20 22:10 - 2015-03-20 22:11 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Mozilla
2015-03-20 22:10 - 2015-03-20 22:11 - 00000000 ____D () C:\Users\Soc\AppData\Local\Mozilla
2015-03-20 22:10 - 2015-03-20 22:10 - 00001130 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-20 22:10 - 2015-03-20 22:10 - 00001118 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-20 22:10 - 2015-03-20 22:10 - 00000000 ____D () C:\ProgramData\Mozilla
2015-03-20 19:11 - 2015-03-20 19:11 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Hewlett-Packard
2015-03-20 18:06 - 2015-03-20 18:06 - 00012288 _____ () C:\Users\Soc\Documents\newfirewallprofile.wfw
2015-03-20 17:38 - 2015-03-20 17:38 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Macromedia
2015-03-20 07:37 - 2015-03-20 07:37 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\hpqlog
2015-03-20 07:32 - 2015-03-25 21:45 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2713351260-3739553866-1922508299-1002
2015-03-20 07:28 - 2015-03-20 07:28 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\ATI
2015-03-20 07:28 - 2015-03-20 07:28 - 00000000 ____D () C:\Users\Soc\AppData\Local\ATI
2015-03-20 07:28 - 2015-03-20 07:28 - 00000000 ____D () C:\Users\Soc\AppData\Local\AMD
2015-03-20 07:27 - 2015-03-20 07:37 - 00000000 ____D () C:\Users\Soc\AppData\Local\Hewlett-Packard
2015-03-20 07:26 - 2015-03-25 21:33 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DDBDFE2F-A140-4D70-A706-6E220F74AA2D}
2015-03-20 07:26 - 2015-03-20 07:26 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Adobe
2015-03-20 07:25 - 2015-03-20 07:25 - 00000000 ____D () C:\Users\Soc\AppData\Local\Power2Go8
2015-03-20 07:24 - 2015-03-20 07:24 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Synaptics
2015-03-20 07:23 - 2015-03-25 22:43 - 01490716 _____ () C:\Windows\WindowsUpdate.log
2015-03-20 07:23 - 2015-03-21 02:08 - 00000000 ____D () C:\Users\Soc\AppData\Local\Packages
2015-03-20 07:23 - 2015-03-20 07:26 - 00000000 ____D () C:\Users\Soc
2015-03-20 07:23 - 2015-03-20 07:23 - 00000020 ___SH () C:\Users\Soc\ntuser.ini
2015-03-20 07:23 - 2015-03-20 07:23 - 00000000 ____D () C:\Users\Soc\AppData\Local\VirtualStore
2015-03-20 07:23 - 2013-06-17 23:56 - 00002096 _____ () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-03-20 07:23 - 2012-07-26 04:13 - 00000000 ___RD () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-20 07:23 - 2012-07-26 04:13 - 00000000 ___RD () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-20 07:23 - 2012-07-26 04:13 - 00000000 ___RD () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-20 07:23 - 2012-07-26 04:13 - 00000000 ____D () C:\Users\Soc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-20 07:05 - 2015-03-20 07:05 - 00002324 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2713351260-3739553866-1922508299-500
2015-03-20 07:04 - 2015-03-20 07:04 - 00000000 _____ () C:\Recovery.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 22:41 - 2012-07-26 03:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-25 22:33 - 2014-01-16 19:34 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-03-25 22:10 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\sru
2015-03-25 17:05 - 2012-07-26 03:28 - 00941114 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-25 14:09 - 2012-08-03 18:23 - 00515828 _____ () C:\Windows\PFRO.log
2015-03-25 01:00 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2015-03-25 00:51 - 2012-07-26 03:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-24 22:18 - 2012-07-26 03:21 - 00033383 _____ () C:\Windows\setupact.log
2015-03-24 17:19 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\WinStore
2015-03-24 15:53 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\rescache
2015-03-24 15:03 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-03-23 23:50 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-23 23:50 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-23 23:49 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-23 23:49 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-23 23:49 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-23 23:49 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-23 23:49 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-23 23:49 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-23 23:48 - 2012-07-26 04:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-23 23:48 - 2012-07-26 03:52 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-23 23:48 - 2012-07-26 01:38 - 00000000 ____D () C:\Windows\system32\oobe
2015-03-23 23:47 - 2012-07-26 04:12 - 00000000 ___RD () C:\Windows\ToastData
2015-03-23 23:45 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-23 23:45 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-03-23 23:45 - 2012-07-26 01:38 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-23 23:45 - 2012-07-26 01:38 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-23 18:40 - 2012-07-26 01:37 - 00000000 __RHD () C:\Users\Default
2015-03-23 18:36 - 2012-07-26 01:26 - 00000215 _____ () C:\Windows\system.ini
2015-03-23 18:06 - 2012-07-26 01:37 - 00000000 ____D () C:\Windows\servicing
2015-03-23 13:44 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-23 00:43 - 2014-01-16 19:35 - 00001291 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Start Now Technology.lnk
2015-03-21 06:03 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-20 19:51 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-20 17:35 - 2013-06-18 00:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-03-20 17:35 - 2013-06-17 23:48 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-03-20 17:34 - 2013-06-18 00:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-20 17:34 - 2013-06-17 23:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-03-20 17:32 - 2014-01-16 19:53 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-20 17:13 - 2014-01-16 19:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-03-20 17:08 - 2013-06-18 00:06 - 00000000 ____D () C:\ProgramData\WildTangent
2015-03-20 17:08 - 2013-06-18 00:06 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-03-20 16:53 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\restore
2015-03-20 07:33 - 2014-01-16 20:02 - 00000000 ____D () C:\ProgramData\Norton
2015-03-20 07:32 - 2012-07-26 04:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-20 07:26 - 2013-06-18 00:00 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2015-03-20 07:26 - 2013-06-17 23:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-03-20 07:26 - 2012-08-03 20:02 - 00000000 ____D () C:\SYSTEM.SAV
2015-03-20 07:23 - 2012-08-03 19:21 - 00000000 ____D () C:\Windows\Panther
2015-03-20 07:07 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\Recovery
2015-03-20 07:06 - 2012-08-03 18:40 - 00010342 _____ () C:\Windows\iis.log
2015-03-20 07:06 - 2012-07-26 04:13 - 00004552 _____ () C:\Windows\DtcInstall.log
2015-03-20 07:04 - 2012-07-26 04:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2015-03-04 17:24 - 2012-07-26 04:14 - 00791496 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 17:24 - 2012-07-26 04:14 - 00177608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2012-08-03 18:23

==================== End Of Log ============================
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=2a40e0ff0044d14c928eab38295760e1
# engine=23121
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-03-27 10:52:14
# local_time=2015-03-27 06:52:14 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 0 0 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 0 3895030 0 0
# scanned=186482
# found=0
# cleaned=0
# scan_time=3473
 

it looks like I'm on version 6.2 windows?? I feel like firefox keeps redirecting me to sites without certificates and a pop-up keeps coming across my whole screen that looks like windows saying "Finish updating windows 8.1" with a dropdown menu "Now, 1hr, 2hrs, 3hrs, 4hrs" and an OK button. Not sure if it's legitimate or not. I want to upgrade to 8.1, should I wait to do that?



#12 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:06 AM

Posted 28 March 2015 - 07:39 AM

No, it is normal, select Now and then on OK.

Reset your router. :)

Then:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#13 SocratesPhilosophies

SocratesPhilosophies
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:06 PM

Posted 28 March 2015 - 02:46 PM

MiniToolBox by Farbar  Version: 09-03-2015
Ran by Soc (administrator) on 28-03-2015 at 15:38:46
Running from "C:\Users\Soc\Desktop"
Microsoft Windows 8.1  (X64)
Model: HP Pavilion 15 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


========================= IP Configuration: ================================

Realtek RTL8188EE 802.11bgn Wi-Fi Adapter = Wi-Fi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : laptop
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 0C-84-DC-86-B4-49
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : A0-48-1C-06-86-91
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8188EE 802.11bgn Wi-Fi Adapter
   Physical Address. . . . . . . . . : 0C-84-DC-86-B4-49
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::901e:e463:3a90:ad21%2(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, March 28, 2015 1:57:25 PM
   Lease Expires . . . . . . . . . . : Sunday, March 29, 2015 3:34:26 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 353141980
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-9E-64-E7-0C-84-DC-86-B4-49
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{89165EFB-82DA-4362-A39C-8BEBE229D702}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:3cd3:26fe:3f57:fefc(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3cd3:26fe:3f57:fefc%8(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 134217728
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-9E-64-E7-0C-84-DC-86-B4-49
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4002:c06::65
      64.233.185.139
      64.233.185.101
      64.233.185.138
      64.233.185.100
      64.233.185.113
      64.233.185.102


Pinging google.com [74.125.21.100] with 32 bytes of data:
Reply from 74.125.21.100: bytes=32 time=30ms TTL=42
Reply from 74.125.21.100: bytes=32 time=26ms TTL=42

Ping statistics for 74.125.21.100:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 26ms, Maximum = 30ms, Average = 28ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=121ms TTL=50
Reply from 98.139.183.24: bytes=32 time=239ms TTL=50

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 121ms, Maximum = 239ms, Average = 180ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...0c 84 dc 86 b4 49 ......Microsoft Wi-Fi Direct Virtual Adapter
  4...a0 48 1c 06 86 91 ......Realtek PCIe FE Family Controller
  2...0c 84 dc 86 b4 49 ......Realtek RTL8188EE 802.11bgn Wi-Fi Adapter
  1...........................Software Loopback Interface 1
  5...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  8...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    281
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  8    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  8    306 2001::/32                On-link
  8    306 2001:0:5ef5:79fb:3cd3:26fe:3f57:fefc/128
                                    On-link
  2    281 fe80::/64                On-link
  8    306 fe80::/64                On-link
  8    306 fe80::3cd3:26fe:3f57:fefc/128
                                    On-link
  2    281 fe80::901e:e463:3a90:ad21/128
                                    On-link
  1    306 ff00::/8                 On-link
  2    281 ff00::/8                 On-link
  8    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/28/2015 02:46:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/28/2015 02:46:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/28/2015 01:21:40 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestart; Description = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727; Error = 0x80042302).

Error: (03/28/2015 01:21:40 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.


Operation:
   Instantiating VSS server

Error: (03/28/2015 01:21:40 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Instantiating VSS server

Error: (03/28/2015 01:21:25 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\AMD\WU-CCC2\ccc2_install\VC12RTx86\vcredist_x86.exe /q /norestart; Description = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727; Error = 0x80042302).

Error: (03/28/2015 01:21:25 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.


Operation:
   Instantiating VSS server

Error: (03/28/2015 01:21:25 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Instantiating VSS server

Error: (03/28/2015 01:21:25 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.

Error: (03/28/2015 01:21:25 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} and name Coordinator cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


System errors:
=============
Error: (03/28/2015 01:58:17 PM) (Source: NETLOGON) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (03/28/2015 01:57:31 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (03/28/2015 01:57:31 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (03/28/2015 01:57:31 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (03/28/2015 01:57:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (03/28/2015 01:57:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (03/28/2015 01:57:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (03/28/2015 01:57:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (03/28/2015 01:57:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (03/28/2015 01:57:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (03/28/2015 02:46:38 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Soc\Downloads\esetsmartinstaller_enu.exe

Error: (03/28/2015 02:46:38 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Soc\Downloads\esetsmartinstaller_enu(1).exe

Error: (03/28/2015 01:21:40 PM) (Source: System Restore)(User: )
Description: C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestartMicrosoft Visual C++ 2012 Redistributable (x64) - 11.0.507270x80042302

Error: (03/28/2015 01:21:40 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Instantiating VSS server

Error: (03/28/2015 01:21:40 PM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Instantiating VSS server

Error: (03/28/2015 01:21:25 PM) (Source: System Restore)(User: )
Description: C:\AMD\WU-CCC2\ccc2_install\VC12RTx86\vcredist_x86.exe /q /norestartMicrosoft Visual C++ 2012 Redistributable (x86) - 11.0.507270x80042302

Error: (03/28/2015 01:21:25 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Instantiating VSS server

Error: (03/28/2015 01:21:25 PM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Instantiating VSS server

Error: (03/28/2015 01:21:25 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/28/2015 01:21:25 PM) (Source: VSS)(User: )
Description: {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f}Coordinator0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.



=========================== Installed Programs ============================
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30416 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{AB1FC306-0E04-81D5-F105-C929F912CF20}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
AMD Start Now (Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
FileZilla Client 3.10.2 (HKCU\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.9.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Recovery Manager (x32 Version: 9.00 - Hewlett-Packard) Hidden
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C27D60E4-3132-45A3-A71A-E3BD1DA3F794}) (Version: 1.0.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6856 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.007 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.1 - Synaptics Incorporated)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

========================= Devices: ================================

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\4&BACA84D&0

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C09\1

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&13EC5F25&0

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1531&SUBSYS_00000000&REV_00\3&2411E6FE&0&C1

Name: Realtek RTL8188EE 802.11bgn Wi-Fi Adapter
Description: Realtek RTL8188EE 802.11bgn Wi-Fi Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTWlanE
Device ID: PCI\VEN_10EC&DEV_8179&SUBSYS_197D103C&REV_01\4&367E2265&0&0014

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0200\4&BACA84D&0

Name: Root Print Queue
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\PRINTQUEUES

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: volmgr
Device ID: ROOT\VOLMGR\0000

Name: hp DVD-RAM UJ8DB SATA CdRom Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Device ID: SCSI\CDROM&VEN_HP&PROD_DVD-RAM_UJ8DB\4&D7415AB&0&010000

Name: Microphone (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Device ID: SWD\MMDEVAPI\{0.0.1.00000000}.{7CC48F1B-DFC6-49DE-8E7D-D8FF696900D4}

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0B00\4&BACA84D&0

Name: PCI standard ISA bridge
Description: PCI standard ISA bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: msisadrv
Device ID: PCI\VEN_1022&DEV_780E&SUBSYS_2139103C&REV_11\3&2411E6FE&0&A3

Name: AMD SATA Controller
Description: AMD SATA Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: AMD
Service: amdsata
Device ID: PCI\VEN_1022&DEV_7804&SUBSYS_2139103C&REV_00\3&2411E6FE&0&88

Name: Microsoft Basic Display Driver
Description: Microsoft Basic Display Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: BasicDisplay
Device ID: ROOT\BASICDISPLAY\0000

Name: HP Wireless Button Driver
Description: HP Wireless Button Driver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Hewlett-Packard
Service: WirelessButtonDriver
Device ID: ACPI\HPQ6001\2&DABA3FF&2

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\THERMALZONE\THRM

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&2CCDB8D0&0

Name: AMD SMBus
Description: AMD SMBus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: AMD
Service:
Device ID: PCI\VEN_1022&DEV_780B&SUBSYS_2139103C&REV_3A\3&2411E6FE&0&A0

Name: Microsoft IPv4 IPv6 Transition Adapter Bus
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\IP_TUNNEL_VBUS\IP_TUNNEL_DEVICE_ROOT

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: SWD\IP_TUNNEL_VBUS\TEREDOTUNNELINGPSEUDOINTERFACE_0

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Device ID: ACPI\SYN1E96\4&BACA84D&0

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB\4&368DAAF8&0

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\0

Name: HID-compliant wireless radio controls
Description: HID-compliant wireless radio controls
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
Device ID: HID\HPQ6001\3&9489F59&0&0000

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C01\4&BACA84D&0

Name: TOSHIBA MQ01ABD075 SATA Disk Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: SCSI\DISK&VEN_TOSHIBA&PROD_MQ01ABD075\4&D7415AB&0&000000

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1536&SUBSYS_2139103C&REV_00\3&2411E6FE&0&00

Name: Speaker/HP (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Device ID: SWD\MMDEVAPI\{0.0.0.00000000}.{BEDB8D70-A58C-4692-B95D-943A6D28B39B}

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Device ID: ROOT\COMPOSITEBUS\0000

Name: Microsoft Virtual Drive Enumerator
Description: Microsoft Virtual Drive Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vdrvroot
Device ID: ROOT\VDRVROOT\0000

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: SWD\IP_TUNNEL_VBUS\ISATAP_0

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\ACPI0003\2&DABA3FF&2

Name: Microsoft Storage Spaces Controller
Description: Microsoft Storage Spaces Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: spaceport
Device ID: ROOT\SPACEPORT\0000

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Device ID: ACPI\HPQ8001\4&BACA84D&0

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1533&SUBSYS_00000000&REV_00\3&2411E6FE&0&C3

Name: Microsoft Kernel Debug Network Adapter
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Device ID: ROOT\KDNIC\0000

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_1002&DEV_9840&SUBSYS_2139103C&REV_00\3&2411E6FE&0&09

Name: Microsoft XPS Document Writer
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\{D943D8D8-F7EB-4400-8EEE-A8CFF8C894B5}

Name: AmdAS4 Device
Description: AmdAS4 Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Mirco Devices, Inc
Service: AmdAS4
Device ID: ACPI\ASD0001\2&DABA3FF&2

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C0D\2&DABA3FF&2

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_0BDA&PID_571C\200901010001

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci
Device ID: PCI\VEN_1022&DEV_7808&SUBSYS_2139103C&REV_39\3&2411E6FE&0&92

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci
Device ID: PCI\VEN_1022&DEV_7808&SUBSYS_2139103C&REV_39\3&2411E6FE&0&9A

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1530&SUBSYS_00000000&REV_00\3&2411E6FE&0&C0

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0000\4&BACA84D&0

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0103\3&2411E6FE&0

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1538&SUBSYS_00000000&REV_00\3&2411E6FE&0&10

Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Device ID: ROOT\ACPI_HAL\0000

Name: PCI Express Root Complex
Description: PCI Express Root Complex
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: ACPI\PNP0A08\1

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_1022&DEV_1439&SUBSYS_12341022&REV_00\3&2411E6FE&0&12

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_1022&DEV_1439&SUBSYS_12341022&REV_00\3&2411E6FE&0&13

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_1022&DEV_1439&SUBSYS_12341022&REV_00\3&2411E6FE&0&14

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C0C\2&DABA3FF&2

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Device ID: ACPI_HAL\PNP0C08\0

Name:
Description:
Class Guid:
Manufacturer:
Service:
Device ID: HTREE\ROOT\0

Name: Microsoft Basic Render Driver
Description: Microsoft Basic Render Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BasicRender
Device ID: ROOT\BASICRENDER\0000

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1535&SUBSYS_00000000&REV_00\3&2411E6FE&0&C5

Name: Fax
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\{9D7DBACD-D102-4149-B2DB-FFEC94371EAB}

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{4BE9D089-D56E-11E4-824F-806E6F6E6963}#0000000000100000

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C04\4&BACA84D&0

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&2

Name: AMD A6-5200 APU with Radeon™ HD Graphics    
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM
Device ID: ACPI\AUTHENTICAMD_-_AMD64_FAMILY_22_MODEL_0_-_AMD_A6-5200_APU_WITH_RADEON™_HD_GRAPHICS____\_0

Name: AMD A6-5200 APU with Radeon™ HD Graphics    
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM
Device ID: ACPI\AUTHENTICAMD_-_AMD64_FAMILY_22_MODEL_0_-_AMD_A6-5200_APU_WITH_RADEON™_HD_GRAPHICS____\_1

Name: AMD A6-5200 APU with Radeon™ HD Graphics    
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM
Device ID: ACPI\AUTHENTICAMD_-_AMD64_FAMILY_22_MODEL_0_-_AMD_A6-5200_APU_WITH_RADEON™_HD_GRAPHICS____\_2

Name: AMD A6-5200 APU with Radeon™ HD Graphics    
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM
Device ID: ACPI\AUTHENTICAMD_-_AMD64_FAMILY_22_MODEL_0_-_AMD_A6-5200_APU_WITH_RADEON™_HD_GRAPHICS____\_3

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{4BE9D089-D56E-11E4-824F-806E6F6E6963}#000000A8D9A00000

Name: HP ePrint
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: HP
Service:
Device ID: SWD\PRINTENUM\{1F2E5796-779A-4477-ACB3-3D79D8A94E62}

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\90

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1532&SUBSYS_00000000&REV_00\3&2411E6FE&0&C2

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB\4&23A51029&0

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{4BE9D089-D56E-11E4-824F-806E6F6E6963}#000000A8BD700000

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{4BE9D089-D56E-11E4-824F-806E6F6E6963}#0000000031500000

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Device ID: DISPLAY\SDC4551\4&7BDF3D9&0&UID256

Name: Microsoft Wi-Fi Direct Virtual Adapter
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&11160657&0&01

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0100\4&BACA84D&0

Name: HP Mobile Data Protection Sensor
Description: HP Mobile Data Protection Sensor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: Accelerometer
Device ID: ACPI\HPQ6007\3&2411E6FE&0

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{4BE9D089-D56E-11E4-824F-806E6F6E6963}#0000000029500000

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci
Device ID: PCI\VEN_1022&DEV_7807&SUBSYS_2139103C&REV_39\3&2411E6FE&0&90

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci
Device ID: PCI\VEN_1022&DEV_7807&SUBSYS_2139103C&REV_39\3&2411E6FE&0&98

Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8168
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_2139103C&REV_07\4&23C471C0&0&0013

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{4BE9D089-D56E-11E4-824F-806E6F6E6963}#0000000019100000

Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1005\4&1538C4F6&0&0001

Name: NDIS Virtual Network Adapter Enumerator
Description: NDIS Virtual Network Adapter Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisVirtualBus
Device ID: ROOT\NDISVIRTUALBUS\0000

Name: USB Root Hub (xHCI)
Description: USB Root Hub (xHCI)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB HUBs)
Service: USBHUB3
Device ID: USB\ROOT_HUB30\4&1DA44110&0&0

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_1022&DEV_780D&SUBSYS_2139103C&REV_02\3&2411E6FE&0&A2

Name: Realtek PCIE CardReader
Description: Realtek PCIE CardReader
Class Guid: {4d36e970-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconduct Corp.
Service: RSP2STOR
Device ID: PCI\VEN_10EC&DEV_5229&SUBSYS_2139103C&REV_01\4&110AC11B&0&0012

Name: Stereo Mix (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Device ID: SWD\MMDEVAPI\{0.0.1.00000000}.{A36E36ED-9E7B-4B58-8E39-B0778D09DCE9}

Name: AMD USB 3.0 eXtensible Host Controller - 0100 (Microsoft)
Description: USB xHCI Compliant Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generic USB xHCI Host Controller
Service: USBXHCI
Device ID: PCI\VEN_1022&DEV_7814&SUBSYS_2139103C&REV_01\3&2411E6FE&0&80

Name: HP Truevision HD
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Device ID: USB\VID_0BDA&PID_571C&MI_00\6&482E83D&0&0000

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Device ID: ROOT\MSSMBIOS\0000

Name: AMD Radeon HD 8400
Description: AMD Radeon HD 8400
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc.
Service: amdkmdap
Device ID: PCI\VEN_1002&DEV_9830&SUBSYS_2139103C&REV_00\3&2411E6FE&0&08

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1534&SUBSYS_00000000&REV_00\3&2411E6FE&0&C4

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Device ID: ROOT\SYSTEM\0000

Name: System speaker
Description: System speaker
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0800\4&BACA84D&0

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\3&2411E6FE&0

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0282&SUBSYS_103C2139&REV_1000\4&357D43EB&0&0001

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\PNP0C0A\2&DABA3FF&2

Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Device ID: ROOT\RDPBUS\0000


========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 3548.14 MB
Available physical RAM: 2473.23 MB
Total Pagefile: 4892.14 MB
Available Pagefile: 3705.48 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.45 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:674.19 GB) (Free:639.16 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:23.24 GB) (Free:2.32 GB) NTFS

========================= Users: ========================================

User accounts for \\LAPTOP

Administrator            Guest                    Soc                      

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
 



#14 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:06 AM

Posted 28 March 2015 - 08:17 PM

Still issues?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#15 SocratesPhilosophies

SocratesPhilosophies
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:06 PM

Posted 28 March 2015 - 11:08 PM

When you told me to reset my router did you mean complete factory reset? I turned it off and then back on after

 

I'm still concerned about all the processes running, and the connections in ipconfig that don't appear anywhere else, like the tunnel connections. The only ones I use are "WIFI" and "Ethernet."

 

Also, it takes on average 6-10 seconds for firefox to open, and it's almost constant that the websites I'm visiting aren't supplying identity information like a certificate. AND even though I've only been on this page a couple times today it says I've been to this page 27 times today.

 

What should be in my hosts file?

 

Why does my internet connection always connect IPv4 and not IPv6?

 

Thank you for all of your help and patience.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users