Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

First time here and need some help with Malware.packer.T.


  • This topic is locked This topic is locked
7 replies to this topic

#1 Wellness

Wellness

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 13 July 2015 - 09:30 AM

Hello,

 

Long story short my Comodo antivirus detected malware in C:\windows\options\setb.exe and then clicked clean and decided to run malwarebytes as a precaution. Malwarebytes found one malware called "Malware.packer.T"....I wanted to get some expert advice on how I can safely remove this malware without harming my PC. Oh btw, the operating system that I'm using is windows 8.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-07-2015
Ran by Daniel (administrator) on GRANT on 13-07-2015 10:34:55
Running from C:\Users\Daniel\Downloads
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser path: "C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe" -- "%1")
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-07-12] (Comodo Security Solutions, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Report.lnk [2015-07-08]
ShortcutTarget: Report.lnk -> C:\report\WebForm.exe (SoftThinks SAS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2015-07-10]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-903975460-806887069-3018108079-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
HKU\S-1-5-21-903975460-806887069-3018108079-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-903975460-806887069-3018108079-1001 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-903975460-806887069-3018108079-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
SearchScopes: HKU\S-1-5-21-903975460-806887069-3018108079-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4D4E6CDD-48BF-456A-9ECC-8EAFEE9F630C}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{4D4E6CDD-48BF-456A-9ECC-8EAFEE9F630C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8D2FA9A5-6FD9-4918-BC5E-ABA341A8B12E}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{8D2FA9A5-6FD9-4918-BC5E-ABA341A8B12E}: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-10] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-10]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-10]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-10]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-10]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-10]
CHR Extension: (Google Sheets) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-10]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-10]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-10]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [1995448 2015-07-10] (Comodo)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70848 2015-07-12] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5541960 2015-06-05] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-06-05] (COMODO)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-07-12] (Comodo Security Solutions, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-07-13] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-07-13] (Malwarebytes Corporation)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-10] (SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2015-07-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-12] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows ® Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20672 2015-06-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [820928 2015-06-05] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-06-05] (COMODO)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [126696 2015-06-05] (COMODO)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-07-13] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-07-13] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2015-07-12] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-13 10:34 - 2015-07-13 10:35 - 00011439 _____ C:\Users\Daniel\Downloads\FRST.txt
2015-07-13 10:34 - 2015-07-13 10:34 - 00000000 ____D C:\FRST
2015-07-13 10:33 - 2015-07-13 10:33 - 02133504 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2015-07-13 10:09 - 2015-07-13 10:09 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-13 10:05 - 2015-07-13 10:05 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-13 10:05 - 2015-07-13 10:05 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-13 10:05 - 2015-07-13 10:05 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-13 10:05 - 2015-07-13 10:05 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-13 10:05 - 2015-07-13 10:05 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-13 10:05 - 2015-07-13 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-13 10:05 - 2015-07-13 10:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-13 10:05 - 2015-07-13 10:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-12 20:31 - 2015-07-12 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-12 20:30 - 2015-07-12 20:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-07-12 20:30 - 2015-07-12 20:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-12 20:29 - 2015-07-13 08:49 - 00303250 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-07-12 20:29 - 2015-07-12 20:29 - 00000000 ___HD C:\VTRoot
2015-07-12 17:43 - 2015-07-12 12:06 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-12 17:43 - 2015-07-12 12:06 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-12 17:24 - 2015-07-12 17:25 - 00000000 ____D C:\Windows\system32\MRT
2015-07-12 17:24 - 2015-05-27 00:04 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-12 17:00 - 2015-07-13 09:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-12 17:00 - 2015-07-12 17:43 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-12 17:00 - 2015-07-12 17:01 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2015-07-12 17:00 - 2015-07-12 17:00 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-07-12 17:00 - 2015-07-12 17:00 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-12 14:08 - 2015-07-12 14:08 - 18576384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 13949440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 02143744 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 01720560 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 01530712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-07-12 14:08 - 2015-07-12 14:08 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00960512 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00842752 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00770560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2015-07-12 14:08 - 2015-07-12 14:08 - 00588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00481944 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2015-07-12 14:08 - 2015-07-12 14:08 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-07-12 14:08 - 2015-07-12 14:08 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-07-12 14:08 - 2015-07-12 14:08 - 00381168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-07-12 14:08 - 2015-07-12 14:08 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00138240 _____ C:\Windows\system32\OEMLicense.dll
2015-07-12 14:08 - 2015-07-12 14:08 - 00131160 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2015-07-12 14:08 - 2015-07-12 14:08 - 00103936 _____ C:\Windows\SysWOW64\OEMLicense.dll
2015-07-12 14:07 - 2015-07-12 14:07 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2015-07-12 14:07 - 2015-07-12 14:07 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-07-12 14:07 - 2015-07-12 14:07 - 00515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 12028416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 11366912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 08875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 08712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01662464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01534504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01455616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01245696 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01225728 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01160704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01150976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01092896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00996320 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00940544 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00934856 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00872328 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00813568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00796928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00783504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00738304 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00648648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2015-07-12 14:06 - 2015-07-12 14:06 - 00579416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe
2015-07-12 14:06 - 2015-07-12 14:06 - 00552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00534048 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00528048 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-07-12 14:06 - 2015-07-12 14:06 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-07-12 14:06 - 2015-07-12 14:06 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00427096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2015-07-12 14:06 - 2015-07-12 14:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00366688 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00365568 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\livessp.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2015-07-12 14:06 - 2015-07-12 14:06 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00312936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\fdprint.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdprint.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00236376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00205024 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\DscCoreConfProv.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00180232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00175960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VerifierExt.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00171968 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\SensorsClassExtension.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00151384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2015-07-12 14:06 - 2015-07-12 14:06 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00123480 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WorkFoldersRes.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersRes.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-07-12 14:06 - 2015-07-12 14:06 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2015-07-12 14:06 - 2015-07-12 14:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2015-07-12 14:06 - 2015-07-12 14:06 - 00066904 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2015-07-12 14:06 - 2015-07-12 14:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll
2015-07-12 14:06 - 2015-07-12 14:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll
2015-07-12 14:05 - 2015-07-12 14:05 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-12 14:05 - 2015-07-12 14:05 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-12 14:05 - 2015-07-12 14:05 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2015-07-12 14:05 - 2015-07-12 14:05 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2015-07-12 14:05 - 2015-07-12 14:05 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2015-07-12 14:05 - 2015-07-12 14:05 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2015-07-12 14:05 - 2015-07-12 14:05 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-12 14:05 - 2015-07-12 14:05 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-12 14:05 - 2015-07-12 14:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe
2015-07-12 14:01 - 2015-07-12 12:16 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-07-12 14:01 - 2015-07-12 12:16 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2015-07-12 14:01 - 2015-07-12 12:16 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-07-12 14:01 - 2015-07-12 12:16 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2015-07-12 14:01 - 2015-07-12 12:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2015-07-12 14:01 - 2015-07-12 12:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2015-07-12 14:01 - 2015-07-12 12:15 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-07-12 14:01 - 2015-07-12 12:15 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-07-12 14:01 - 2015-07-12 12:15 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-07-12 14:00 - 2015-07-12 12:15 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-12 14:00 - 2015-07-12 12:14 - 02065448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-07-12 14:00 - 2015-07-12 12:14 - 01799944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 01362944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00518656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2015-07-12 14:00 - 2015-07-12 12:14 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00235960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-07-12 14:00 - 2015-07-12 12:14 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2015-07-12 13:59 - 2015-07-12 12:15 - 03532288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-12 13:59 - 2015-07-12 12:14 - 01704448 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-12 13:59 - 2015-07-12 12:14 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2015-07-12 13:59 - 2015-07-12 12:14 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-07-12 13:59 - 2015-07-12 12:14 - 01011712 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-07-12 13:59 - 2015-07-12 12:14 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2015-07-12 13:59 - 2015-07-12 12:14 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-07-12 13:59 - 2015-07-12 12:14 - 00391512 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2015-07-12 13:59 - 2015-07-12 12:14 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-12 13:59 - 2015-07-12 12:14 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2015-07-12 13:59 - 2015-07-12 12:14 - 00317616 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-12 13:59 - 2015-07-12 12:14 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
2015-07-12 13:59 - 2015-07-12 12:14 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-07-12 13:59 - 2015-07-12 12:14 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-12 13:59 - 2015-07-12 12:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-12 13:59 - 2015-07-12 12:14 - 00057176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2015-07-12 13:59 - 2015-07-12 12:14 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-12 13:58 - 2015-07-12 12:15 - 02328872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-07-12 13:58 - 2015-07-12 12:14 - 02134120 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 01231360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-12 13:58 - 2015-07-12 12:14 - 01067080 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00708616 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00699840 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00656384 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00523096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2015-07-12 13:58 - 2015-07-12 12:14 - 00465960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00258904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2015-07-12 13:58 - 2015-07-12 12:14 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_8086.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\msched.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00104320 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2015-07-12 13:58 - 2015-07-12 12:14 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-07-12 13:58 - 2015-07-12 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2015-07-12 13:58 - 2015-07-12 12:14 - 00044936 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2015-07-12 13:57 - 2015-07-12 12:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-07-12 13:57 - 2015-07-12 12:12 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-07-12 13:57 - 2015-07-12 12:12 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-07-12 13:57 - 2015-07-12 12:12 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-07-12 13:57 - 2015-07-12 12:12 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2015-07-12 13:56 - 2015-07-12 12:12 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-12 13:56 - 2015-07-12 12:12 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-07-12 13:56 - 2015-07-12 12:12 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2015-07-12 13:56 - 2015-07-12 12:12 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-07-12 13:56 - 2015-07-12 12:12 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-07-12 13:56 - 2015-07-12 12:12 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 04106240 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 03210528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 01415680 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 01227264 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 01119064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-07-12 13:55 - 2015-07-12 12:12 - 00809872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 00745336 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-12 13:55 - 2015-07-12 12:12 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 00142680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-07-12 13:55 - 2015-07-12 12:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-07-12 13:55 - 2015-07-12 12:12 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2015-07-12 13:54 - 2015-07-12 12:12 - 02617344 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-12 13:54 - 2015-07-12 12:12 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-12 13:54 - 2015-07-12 12:12 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-07-12 13:54 - 2015-07-12 12:12 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll
2015-07-12 13:54 - 2015-07-12 12:12 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
2015-07-12 13:54 - 2015-07-12 12:12 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\bi.dll
2015-07-12 13:54 - 2015-07-12 12:12 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2015-07-12 13:54 - 2015-07-12 12:10 - 02801664 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-12 13:54 - 2015-07-12 12:10 - 01085952 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2015-07-12 13:54 - 2015-07-12 12:10 - 01019392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-12 13:54 - 2015-07-12 12:10 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2015-07-12 13:53 - 2015-07-12 12:10 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-07-12 13:53 - 2015-07-12 12:10 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-07-12 13:53 - 2015-07-12 12:09 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-12 13:53 - 2015-07-12 12:09 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2015-07-12 13:53 - 2015-07-12 12:09 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2015-07-12 13:53 - 2015-07-12 12:09 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2015-07-12 13:53 - 2015-07-12 12:09 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2015-07-12 13:53 - 2015-07-12 12:09 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2015-07-12 13:53 - 2015-07-12 12:09 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-07-12 13:53 - 2015-07-12 12:09 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2015-07-12 13:52 - 2015-07-12 12:09 - 02570240 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-07-12 13:52 - 2015-07-12 12:09 - 01756160 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2015-07-12 13:52 - 2015-07-12 12:09 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2015-07-12 13:52 - 2015-07-12 12:09 - 00565248 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-07-12 13:52 - 2015-07-12 12:09 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-07-12 13:52 - 2015-07-12 12:09 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys
2015-07-12 13:51 - 2015-07-12 12:09 - 07399256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-12 13:51 - 2015-07-12 12:09 - 02896896 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-12 13:51 - 2015-07-12 12:09 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2015-07-12 13:51 - 2015-07-12 12:09 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-07-12 13:51 - 2015-07-12 12:09 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-07-12 13:51 - 2015-07-12 12:09 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-07-12 13:51 - 2015-07-12 12:09 - 00922624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-07-12 13:51 - 2015-07-12 12:09 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-07-12 13:51 - 2015-07-12 12:09 - 00358896 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2015-07-12 13:51 - 2015-07-12 12:09 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2015-07-12 13:51 - 2015-07-12 12:09 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-07-12 13:51 - 2015-07-12 12:09 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-07-12 13:51 - 2015-07-12 12:09 - 00039768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-07-12 13:51 - 2015-07-12 12:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2015-07-12 13:50 - 2015-07-12 12:08 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-07-12 13:50 - 2015-07-12 12:08 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-07-12 12:08 - 2015-07-12 12:08 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-07-12 12:08 - 2015-07-12 12:08 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-07-12 12:08 - 2015-07-12 12:08 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-07-12 12:08 - 2015-07-12 12:08 - 02152448 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-07-12 12:08 - 2015-07-12 12:08 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-07-12 12:08 - 2015-07-12 12:08 - 01317376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 21186352 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 18644072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 13209088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 11702272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 07416832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-12 12:07 - 2015-07-12 12:07 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 04961792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-12 12:07 - 2015-07-12 12:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-12 12:07 - 2015-07-12 12:07 - 02008408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-07-12 12:07 - 2015-07-12 12:07 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-12 12:07 - 2015-07-12 12:07 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01462216 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01341288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01287576 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01202888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01109424 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-07-12 12:07 - 2015-07-12 12:07 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00830976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-07-12 12:07 - 2015-07-12 12:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-07-12 12:07 - 2015-07-12 12:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-07-12 12:07 - 2015-07-12 12:07 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-07-12 12:07 - 2015-07-12 12:07 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00311640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-07-12 12:07 - 2015-07-12 12:07 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-07-12 12:07 - 2015-07-12 12:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-12 12:07 - 2015-07-12 12:07 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2015-07-12 12:07 - 2015-07-12 12:07 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-12 12:07 - 2015-07-12 12:07 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2015-07-12 12:07 - 2015-07-12 12:07 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-07-12 12:07 - 2015-07-12 12:07 - 00124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-07-12 12:07 - 2015-07-12 12:07 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-12 12:07 - 2015-07-12 12:07 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-12 12:07 - 2015-07-12 12:07 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-07-12 12:07 - 2015-07-12 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-07-12 12:07 - 2015-07-12 12:07 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-12 12:07 - 2015-07-12 12:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-12 12:07 - 2014-02-06 07:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-12 12:07 - 2014-02-06 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-12 12:07 - 2014-01-27 07:45 - 00386722 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-12 12:07 - 2013-12-20 22:10 - 00009701 _____ C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2015-07-12 12:07 - 2013-12-20 22:10 - 00009701 _____ C:\Windows\system32\connectedsearch-results.searchconnector-ms
2015-07-12 12:06 - 2015-07-12 12:06 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-12 12:06 - 2015-07-12 12:06 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-12 12:06 - 2015-07-12 12:06 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-12 12:06 - 2015-07-12 12:06 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-07-12 12:06 - 2015-07-12 12:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-07-12 12:06 - 2015-07-12 12:06 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-07-12 12:06 - 2015-07-12 12:06 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-12 12:06 - 2015-07-12 12:06 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-07-12 12:06 - 2015-07-12 12:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-12 12:06 - 2015-07-12 12:06 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2015-07-12 12:06 - 2015-07-12 12:06 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2015-07-12 12:06 - 2015-07-12 12:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-07-12 12:06 - 2015-07-12 12:06 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-07-12 12:06 - 2015-07-12 12:06 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2015-07-12 12:06 - 2015-07-12 12:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2015-07-10 17:12 - 2015-07-10 17:12 - 00000000 ____D C:\ProgramData\Dell
2015-07-10 17:12 - 2015-07-10 17:12 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2015-07-10 17:08 - 2015-07-10 17:08 - 00417064 _____ () C:\Users\Daniel\Downloads\DellSystemDetectLauncher.exe
2015-07-10 17:08 - 2015-07-10 17:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2015-07-10 14:52 - 2015-07-10 14:53 - 226607664 _____ (COMODO) C:\Users\Daniel\Downloads\cispro_30day_installer_1150_8d.exe
2015-07-10 14:50 - 2015-07-10 14:50 - 00002277 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-10 14:50 - 2015-07-10 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-10 14:49 - 2015-07-13 10:00 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-10 14:49 - 2015-07-13 07:35 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-10 14:49 - 2015-07-10 17:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\Deployment
2015-07-10 14:49 - 2015-07-10 16:55 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-10 14:49 - 2015-07-10 16:55 - 00003654 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-10 14:49 - 2015-07-10 14:50 - 00000000 ____D C:\Users\Daniel\AppData\Local\Google
2015-07-10 14:49 - 2015-07-10 14:50 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-10 14:49 - 2015-07-10 14:49 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apps\2.0
2015-07-10 14:37 - 2015-07-10 14:37 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Macromedia
2015-07-10 14:33 - 2015-07-10 14:33 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-07-10 11:55 - 2015-07-13 10:28 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-07-10 11:55 - 2015-07-10 11:55 - 00001904 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2015-07-10 11:55 - 2015-07-10 11:55 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2015-07-10 11:55 - 2015-07-10 11:55 - 00000000 ____D C:\ProgramData\Shared Space
2015-07-10 11:54 - 2015-07-12 13:58 - 00002031 _____ C:\Users\Public\Desktop\GeekBuddy.lnk
2015-07-10 11:54 - 2015-07-12 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-07-10 11:54 - 2015-07-10 11:55 - 00000000 ____D C:\Program Files\COMODO
2015-07-10 11:54 - 2015-07-10 11:54 - 00001140 _____ C:\Users\Public\Desktop\Internet (Chromodo).lnk
2015-07-10 11:54 - 2015-07-10 11:54 - 00000000 ____D C:\Users\Daniel\AppData\Local\Comodo
2015-07-10 11:54 - 2015-07-10 11:54 - 00000000 ____D C:\Program Files (x86)\Comodo
2015-07-10 11:53 - 2015-07-10 11:55 - 00000000 ____D C:\ProgramData\Comodo
2015-07-10 00:11 - 2015-07-10 00:11 - 00000401 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-07-10 00:10 - 2015-07-10 00:10 - 00000000 _____ C:\Recovery.txt
2015-07-09 14:12 - 2015-07-09 14:12 - 12354934 _____ C:\Users\Daniel\Downloads\BlanccoUsbCreator2.zip
2015-07-09 14:11 - 2015-07-09 14:11 - 19253248 _____ C:\Users\Daniel\Downloads\Blancco-PC-edition.iso
2015-07-09 14:09 - 2015-07-09 14:09 - 00003980 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-07-09 14:09 - 2015-07-09 14:09 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-07-09 14:09 - 2015-07-09 14:09 - 00003192 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-07-09 14:08 - 2015-07-09 14:08 - 01941744 _____ C:\Users\Daniel\Downloads\winrar-x64-521.exe
2015-07-09 14:08 - 2015-07-09 14:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-09 14:08 - 2015-07-09 14:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\softthinks
2015-07-09 14:08 - 2015-07-09 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-09 14:08 - 2015-07-09 14:08 - 00000000 ____D C:\Program Files\WinRAR
2015-07-09 14:06 - 2015-07-13 10:14 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-903975460-806887069-3018108079-1001
2015-07-09 14:06 - 2015-07-09 14:06 - 00000000 ____D C:\Program Files\Intel
2015-07-09 14:06 - 2015-03-19 21:02 - 00086528 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2015-07-09 14:06 - 2015-03-19 21:02 - 00082432 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2015-07-09 14:05 - 2015-07-09 14:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-07-09 14:01 - 2015-07-13 10:27 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D5F174E5-70BA-47B4-B404-4F2026D292B9}
2015-07-08 16:15 - 2015-07-12 17:45 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-07-08 16:15 - 2015-07-08 16:15 - 00000000 ____D C:\report
2015-07-08 16:13 - 2015-07-08 15:16 - 00000248 __RSH C:\MSSTBJ.CAT
2015-07-08 16:13 - 2013-08-28 20:13 - 00644968 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2015-07-08 16:13 - 2013-08-28 20:13 - 00028008 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2015-07-08 15:27 - 2015-07-13 10:30 - 01412096 _____ C:\Windows\WindowsUpdate.log
2015-07-08 15:27 - 2015-07-11 14:55 - 00000000 ____D C:\Users\Daniel
2015-07-08 15:27 - 2015-07-08 15:28 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2015-07-08 15:27 - 2015-07-08 15:27 - 00001444 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-08 15:27 - 2015-07-08 15:27 - 00000020 ___SH C:\Users\Daniel\ntuser.ini
2015-07-08 15:27 - 2015-07-08 15:27 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-08 15:27 - 2015-07-08 15:27 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Adobe
2015-07-08 15:27 - 2015-07-08 15:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\VirtualStore
2015-07-08 15:27 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-08 15:27 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-08 15:27 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-07-08 15:27 - 2013-08-22 11:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-08 15:24 - 2015-07-08 15:24 - 00000000 ____D C:\Windows\SysWOW64\SYSPREP
2015-07-08 15:21 - 2015-07-08 15:21 - 00001098 _____ C:\Users\Public\Desktop\Dell Backup and Recovery.lnk
2015-07-08 15:21 - 2015-07-08 15:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-08 15:21 - 2015-07-08 15:21 - 00000000 ____D C:\Temp
2015-07-08 15:20 - 2015-07-10 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-07-08 15:20 - 2015-07-09 14:09 - 00000000 ____D C:\ProgramData\PCDr
2015-07-08 15:20 - 2015-07-09 14:06 - 00000000 ____D C:\Program Files (x86)\Intel
2015-07-08 15:20 - 2015-07-08 15:20 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-07-08 15:20 - 2015-07-08 15:20 - 00000000 ____D C:\Program Files\My Dell
2015-07-08 15:20 - 2015-07-08 15:20 - 00000000 ____D C:\Program Files\Dell Support Center
2015-07-08 15:20 - 2015-07-08 15:20 - 00000000 ____D C:\Intel
2015-07-08 15:20 - 2015-07-08 15:20 - 00000000 ____D C:\Dell
2015-07-08 15:20 - 2013-08-21 20:16 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-07-08 15:17 - 2015-07-08 15:24 - 00000000 ____D C:\Windows\I386
2015-07-08 15:17 - 2015-07-08 15:17 - 00002324 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-903975460-806887069-3018108079-500
2015-07-08 15:17 - 2013-08-15 19:28 - 00830680 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-07-08 15:17 - 2013-08-15 19:28 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-13 10:00 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-13 09:55 - 2013-09-20 07:40 - 00000000 ____D C:\Windows\options
2015-07-13 08:50 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-12 20:50 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache
2015-07-12 20:37 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-12 17:48 - 2013-09-20 07:17 - 01150728 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-12 17:43 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-12 17:43 - 2013-08-22 10:44 - 00335784 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\WinStore
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\migwiz
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\MediaViewer
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\FileManager
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Camera
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-12 17:41 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-07-12 17:41 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-07-12 17:41 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\oobe
2015-07-12 17:41 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\Dism
2015-07-10 12:05 - 2013-09-20 07:08 - 00000710 _____ C:\Windows\PFRO.log
2015-07-10 00:12 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-10 00:10 - 2013-08-22 11:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2015-07-09 14:06 - 2013-08-22 10:46 - 00013967 _____ C:\Windows\setupact.log
2015-07-08 15:24 - 2013-09-20 08:08 - 00000000 ____D C:\Windows\Panther
2015-07-08 15:24 - 2013-08-22 11:37 - 00002899 _____ C:\Windows\DtcInstall.log
2015-07-08 15:24 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-07-08 15:24 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\Sysprep
2015-07-08 15:21 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\Recovery
2015-07-08 15:20 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\restore
2015-07-08 15:18 - 2013-09-20 07:09 - 00000000 __SHD C:\Recovery
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2013-09-20 07:08
 
==================== End of log ============================

Attached Files


Edited by Wellness, 13 July 2015 - 09:40 AM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:40 PM

Posted 15 July 2015 - 08:17 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Nothing suspicious was found on your logs.

Please run the Malwarebytes programs and post the log for my review.

#3 Wellness

Wellness
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 15 July 2015 - 08:32 AM

Hello Nasdaq,

 

Since I've posted about my problem I have reinstalled windows I believe about twice, and every single time I run a virus scanner either setb.exe shows up or Vipre virus scanner brings it up as Trojan.win32.generic.

 

The file was quarantined but as an extra safety precaution I deleted it. Here is the Malwarebytes log file.  Also when I double click on the Malwarebytes icon on my desktop it will not load. Only when I go to the system tray and right click on Malwarebytes in order to select open Malwarebytes anti-malware,will then malwarebytes open.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/15/2015
Scan Time: 8:58 AM
Logfile: Malwarebytes log.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.07.15.03
Rootkit Database: v2015.07.14.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Nasdaq
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 332024
Time Elapsed: 13 min, 50 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Edited by Wellness, 15 July 2015 - 08:33 AM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:40 PM

Posted 15 July 2015 - 12:11 PM

Also when I double click on the Malwarebytes icon on my desktop it will not load

Delete the shotcut on your Desktop.

Rght click on the malwarebytes.exe and create a new shortcut.
===

You can used the Farbar tool to find any remnant of the setb.exe file.

Run the Farbar Recovery Scan Tool. Enter setb.exe in the Search Box and hit the File Search button.
Post the content of the Search.txt in your next reply.

Edited by nasdaq, 15 July 2015 - 12:11 PM.


#5 Wellness

Wellness
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 15 July 2015 - 05:56 PM

Long story short my PC started acting up, freezing, taking a long to to load ect. So I reinstalled the OS, and after downloaded hitmanPro.Alert which again found the setb.exe file as a virus and quarantined it. Ran malwarebytes again and Comdo but nothing came up. Here is the search log from farbar:

 

Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by Nasdaq at 2015-07-15 21:06:22
Running from C:\Users\Nasdaq\Downloads
Boot Mode: Normal
 
================== Search Files: "setb.exe" =============
 
====== End of Search ======
 
Note mouse started moving on it's own after setb.exe was quarantined, don't know what else to do.

Edited by Wellness, 15 July 2015 - 05:56 PM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:40 PM

Posted 16 July 2015 - 07:20 AM

Note mouse started moving on it's own after setb.exe was quarantined

I suggest you de-quarantine the file.
Hitmanpro may be giving you a false positive.

With the file restored do you have any problems with this computer?

#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:40 PM

Posted 22 July 2015 - 07:22 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:40 PM

Posted 28 July 2015 - 07:20 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users