WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93098 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Keylogger, KernelMode Rootkit SSDT hooks have plagued my PC since June

Started by BrotherPorter , Nov 26 2014 06:21 PM

Windows redirect SSDT keylogger rootkits active ssdt hooks rootkit redirecting windows directori

This topic is locked

35 replies to this topic

#1 BrotherPorter

Authentic Member

Authentic Member
24 posts

Posted 26 November 2014 - 06:21 PM

I've spent much time since June embroiled in a battle with this/these person/ who have taken away my administrative privileges. Multiple times I have reformated using winXP sp1, sp2, win Vista, win 7 and they have scripts changing all the directories to winsxs or similar. I was unsuccessful at doing a LLF of my WD sata drive. A particular link is my gmail account which they have also comandored; noted by my logging in at out public library and within minutes screen pops and I can tell they are online, no doubt using keylogging or similar. I have changed passwords mulstiple times using 2step authentication but they cleverly have created phising sites mimicking the login screens; they are online now as I'm working with you; but I've been trying KeyScrambler Personal and it shows it's encrypting my typing but I'm not certain. Even Cox my carrier was under subpoena, which I happened to discover when trying to identify geolocation of these malcontents (netstat) and so I emailed Cox abuse team relating what has been happening in case they were under subpoena by law enforcement. I filed complaint with Internet Criminal Complaint Center and local PD....the I3Cs works with FBI and other regional enforcement agencies but I haven't been directly contacted. So I'm hoping we can do something here. They've even gotten hold of my Roboform Password Manager, many which are 'dead file' to me in my circumstances but still. I've apppreciated the fact they don't appear to have done anything other than probably use my PC as a bot but I've changed all my bank accounts and credit cards. etc. I guess that is enough explanation. I'm just greatful to get it out to others that understand and don't think I'm Mel Gibson in Conspiracy Theory when they look at you with that 'BLANK STARE'.

I pray I've done this correctly but I'm sure it is out of order, my deepest apologies, it has become so overwhelming.

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}

AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)

Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)

Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)

Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.00 - Canon Inc.)

Canon MG3500 series On-screen Manual (HKLM\...\Canon MG3500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)

Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)

Creative System Information (HKLM\...\SysInfo) (Version: 1.10 - Creative Technology Limited)

Creative WaveStudio 7 (HKLM\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)

FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)

Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.)

HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)

iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)

KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.5.0.0 - QFX Software Corporation)

Malwarebytes Anti-Exploit version 1.04.1.1012 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.04.1.1012 - Malwarebytes)

Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)

Mozilla Firefox 33.1.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)

Mozilla Thunderbird 31.2.0 (x86 en-US) (HKLM\...\Mozilla Thunderbird 31.2.0 (x86 en-US)) (Version: 31.2.0 - Mozilla)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)

NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)

OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)

PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.311.0 - Tracker Software Products Ltd)

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

RoboForm 7-9-11-1 (HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\AI RoboForm) (Version: 7-9-11-1 - Siber Systems)

Skype™ 6.22 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)

Sound Blaster X-Fi Go! Pro (HKLM\...\{587B7A6F-CA1F-4639-9083-16F9BB2363B4}) (Version: 1.0 - Creative Technology Limited)

Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)

Webroot SecureAnywhere (HKLM\...\WRUNINST) (Version: 8.0.5.111 - Webroot)

WinZip (HKLM\...\WinZip) (Version: 10.0 (6667) - WinZip Computing LP)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-674551400-1475256033-2490423522-1001_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

==================== Restore Points =========================

23-11-2014 13:27:49 Windows Update

23-11-2014 15:34:39 Revo Uninstaller's restore point - Mozilla Maintenance Service

23-11-2014 15:37:54 Revo Uninstaller's restore point - Adobe Reader 9.2

23-11-2014 15:38:11 Removed Adobe Reader 9.2.

23-11-2014 18:41:53 Windows Update

24-11-2014 20:32:53 Revo Uninstaller's restore point - KeyScrambler

25-11-2014 16:24:06 Revo Uninstaller's restore point - Sound Blaster X-Fi Go! Pro

25-11-2014 16:24:37 Removed Sound Blaster X-Fi Go! Pro

25-11-2014 16:25:22 Removed Host OpenAL

26-11-2014 14:06:26 Installed Sound Blaster X-Fi Go! Pro

26-11-2014 21:40:20 Windows Update

26-11-2014 23:32:09 Installed DirectX

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:04 - 2009-06-10 15:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {41698F6D-9A17-4953-A718-064B671D5BA7} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform....GJKJMIBNKJHIKJ"

Task: {565B1EEB-82ED-42AD-A98E-738202B8C78B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)

Task: {8252635C-C411-4481-ACD9-D8EEF6157FDA} - System32\Tasks\SUPERAntiSpyware Scheduled Task 828c1455-990b-449d-a054-fa6632f3566c => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)

Task: {863512DD-560C-4ACF-BF55-008E03A99CA9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)

Task: {B3BCE635-231D-4F7D-A340-B24C0D7A1863} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-19] (Google Inc.)

Task: {D2E455B4-6241-4E3F-AD15-B931FC35CE51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-19] (Google Inc.)

Task: {D9131DBA-7C9B-4EF3-8E7D-FDCDEF38F626} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {E30E32B9-6307-400A-8939-19D831B1E34F} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-11-20] (Siber Systems)

Task: {FED4D7D6-815E-4D85-A847-2297DA02CAEF} - System32\Tasks\SUPERAntiSpyware Scheduled Task e0342571-d149-42b9-a590-c405e8897b8d => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 828c1455-990b-449d-a054-fa6632f3566c.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e0342571-d149-42b9-a590-c405e8897b8d.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2014-11-17 13:53 - 2014-07-02 13:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll

2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2014-11-26 08:09 - 2009-12-29 16:50 - 00073728 _____ () C:\Windows\SYSTEM32\CmdRtr.DLL

2014-11-26 08:09 - 2010-07-22 16:45 - 00181760 _____ () C:\Windows\SYSTEM32\APOMngr.DLL

2014-11-25 20:54 - 2014-11-25 00:39 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll

2014-11-25 20:54 - 2014-11-25 00:39 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll

2014-11-24 11:09 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll

2014-11-24 11:09 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!

HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!

HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!

HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!

HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!

HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Creative ALchemy AL6 Licensing Service => 3

MSCONFIG\Services: Creative Audio Engine Licensing Service => 3

========================= Accounts: ==========================

Administrator (S-1-5-21-674551400-1475256033-2490423522-500 - Administrator - Disabled)

Guest (S-1-5-21-674551400-1475256033-2490423522-501 - Limited - Disabled)

Rickey (S-1-5-21-674551400-1475256033-2490423522-1001 - Administrator - Enabled) => C:\Users\Rickey

==================== Faulty Device Manager Devices =============

Name: NVIDIA nForce 10/100 Mbps Ethernet

Description: NVIDIA nForce Networking Controller

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: NVIDIA

Service: NVNET

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standard PS/2 Keyboard

Description: Standard PS/2 Keyboard

Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard keyboards)

Service: i8042prt

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:

==================

Error: (11/26/2014 08:06:26 AM) (Source: VSS) (EventID: 8194) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.

This is often caused by incorrect security settings in either the writer or requestor process.

Operation:

Gathering Writer Data

Context:

Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

Writer Name: System Writer

Writer Instance ID: {af35b232-a4b7-41b4-84e7-583895660a24}

Error: (11/25/2014 10:25:45 AM) (Source: SideBySide) (EventID: 75) (User: )

Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.

Multiple requestedPrivileges elements are not allowed in manifest.

Error: (11/25/2014 10:25:12 AM) (Source: Creative Labs SC) (EventID: 101) (User: )

Description: 98-164

Error: (11/25/2014 10:25:11 AM) (Source: Creative Labs SC) (EventID: 101) (User: )

Description: 98-164

Error: (11/25/2014 10:24:06 AM) (Source: VSS) (EventID: 8194) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.

This is often caused by incorrect security settings in either the writer or requestor process.

Operation:

Gathering Writer Data

Context:

Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

Writer Name: System Writer

Writer Instance ID: {2e9792de-4463-4d9f-aca7-8b6863c10a4f}

Error: (11/24/2014 02:32:52 PM) (Source: VSS) (EventID: 8194) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.

This is often caused by incorrect security settings in either the writer or requestor process.

Operation:

Gathering Writer Data

Context:

Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

Writer Name: System Writer

Writer Instance ID: {db56a493-905e-40cd-acfa-fedc9dc6b254}

Error: (11/24/2014 01:19:48 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: chrome.exe, version: 39.0.2171.65, time stamp: 0x546659db

Faulting module name: KeyScramblerIE.DLL_unloaded, version: 0.0.0.0, time stamp: 0x544d0aa6

Exception code: 0xc0000005

Fault offset: 0x723e5798

Faulting process id: 0x1138

Faulting application start time: 0xchrome.exe0

Faulting application path: chrome.exe1

Faulting module path: chrome.exe2

Report Id: chrome.exe3

Error: (11/24/2014 00:22:34 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: plugin-container.exe, version: 33.1.1.5430, time stamp: 0x54656826

Faulting module name: mozalloc.dll, version: 33.1.1.5430, time stamp: 0x54654321

Exception code: 0x80000003

Fault offset: 0x00001425

Faulting process id: 0x14d8

Faulting application start time: 0xplugin-container.exe0

Faulting application path: plugin-container.exe1

Faulting module path: plugin-container.exe2

Report Id: plugin-container.exe3

Error: (11/24/2014 00:21:39 PM) (Source: Creative Labs SC) (EventID: 101) (User: )

Description: 98-164

Error: (11/24/2014 11:28:47 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: rundll32.exe_sbavmon.dll, version: 6.1.7600.16385, time stamp: 0x4a5bc637

Faulting module name: KSVSPI32.dll, version: 1.0.312.0, time stamp: 0x4c4fa162

Exception code: 0xc0000005

Fault offset: 0x000163bb

Faulting process id: 0xf90

Faulting application start time: 0xrundll32.exe_sbavmon.dll0

Faulting application path: rundll32.exe_sbavmon.dll1

Faulting module path: rundll32.exe_sbavmon.dll2

Report Id: rundll32.exe_sbavmon.dll3

System errors:

=============

Error: (11/26/2014 08:04:18 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

Reported by component: Processor Core

Error Source: 3

Error Type: 256

Processor ID: 3

The details view of this entry contains further information.

Error: (11/26/2014 08:04:18 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

Reported by component: Processor Core

Error Source: 3

Error Type: 256

Processor ID: 3

The details view of this entry contains further information.

Error: (11/26/2014 08:04:18 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

Reported by component: Processor Core

Error Source: 3

Error Type: 256

Processor ID: 3

The details view of this entry contains further information.

Error: (11/26/2014 08:04:18 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

Reported by component: Processor Core

Error Source: 3

Error Type: 256

Processor ID: 3

The details view of this entry contains further information.

Error: (11/26/2014 08:04:18 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

Reported by component: Processor Core

Error Source: 3

Error Type: 11

Processor ID: 2

The details view of this entry contains further information.

Error: (11/26/2014 08:04:18 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

Reported by component: Processor Core

Error Source: 3

Error Type: 256

Processor ID: 2

The details view of this entry contains further information.

Error: (11/26/2014 08:04:18 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

Reported by component: Processor Core

Error Source: 3

Error Type: 256

Processor ID: 1

The details view of this entry contains further information.

Error: (11/26/2014 08:04:18 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

Reported by component: Processor Core

Error Source: 3

Error Type: 256

Processor ID: 1

The details view of this entry contains further information.

Error: (11/26/2014 08:04:18 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

Reported by component: Processor Core

Error Source: 3

Error Type: 256

Processor ID: 1

The details view of this entry contains further information.

Error: (11/26/2014 08:04:18 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

Reported by component: Processor Core

Error Source: 3

Error Type: 256

Processor ID: 1

The details view of this entry contains further information.

Microsoft Office Sessions:

=========================

Error: (11/26/2014 08:06:26 AM) (Source: VSS) (EventID: 8194) (User: )

Description: 0x80070005, Access is denied.

Operation:

Gathering Writer Data

Context:

Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

Writer Name: System Writer

Writer Instance ID: {af35b232-a4b7-41b4-84e7-583895660a24}

Error: (11/25/2014 10:25:45 AM) (Source: SideBySide) (EventID: 75) (User: )

Description: C:\Program Files\Creative\Audio Device Selection Unicode\CTAudSeu.exeC:\Program Files\Creative\Audio Device Selection Unicode\CTAudSeu.exe2

Error: (11/25/2014 10:25:12 AM) (Source: Creative Labs SC) (EventID: 101) (User: )

Description: 98-164

Error: (11/25/2014 10:25:11 AM) (Source: Creative Labs SC) (EventID: 101) (User: )

Description: 98-164

Error: (11/25/2014 10:24:06 AM) (Source: VSS) (EventID: 8194) (User: )

Description: 0x80070005, Access is denied.

Operation:

Gathering Writer Data

Context:

Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

Writer Name: System Writer

Writer Instance ID: {2e9792de-4463-4d9f-aca7-8b6863c10a4f}

Error: (11/24/2014 02:32:52 PM) (Source: VSS) (EventID: 8194) (User: )

Description: 0x80070005, Access is denied.

Operation:

Gathering Writer Data

Context:

Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

Writer Name: System Writer

Writer Instance ID: {db56a493-905e-40cd-acfa-fedc9dc6b254}

Error: (11/24/2014 01:19:48 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: chrome.exe39.0.2171.65546659dbKeyScramblerIE.DLL_unloaded0.0.0.0544d0aa6c0000005723e5798113801d0080e9656f530C:\Program Files\Google\Chrome\Application\chrome.exeKeyScramblerIE.DLLda70b0a0-740e-11e4-9733-c43dc78040dd

Error: (11/24/2014 00:22:34 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: plugin-container.exe33.1.1.543054656826mozalloc.dll33.1.1.543054654321800000030000142514d801d0080c34a9fe10C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dlldbedad50-7406-11e4-9733-c43dc78040dd

Error: (11/24/2014 00:21:39 PM) (Source: Creative Labs SC) (EventID: 101) (User: )

Description: 98-164

Error: (11/24/2014 11:28:47 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: rundll32.exe_sbavmon.dll6.1.7600.163854a5bc637KSVSPI32.dll1.0.312.04c4fa162c0000005000163bbf9001d0080c177b3a70C:\Windows\System32\rundll32.exeC:\Windows\system32\KSVSPI32.dll585cffb0-73ff-11e4-9733-c43dc78040dd

CodeIntegrity Errors:

===================================

Date: 2014-11-26 17:15:58.804

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-26 16:51:55.858

Date: 2014-11-26 16:10:24.576

Date: 2014-11-26 16:00:54.054

Date: 2014-11-26 15:08:58.461

Date: 2014-11-26 15:05:25.784

Date: 2014-11-26 14:21:14.017

==================== Memory info ===========================

Processor: AMD Phenom™ 9550 Quad-Core Processor

Percentage of memory in use: 45%

Total physical RAM: 3071.3 MB

Available physical RAM: 1669.93 MB

Total Pagefile: 6140.9 MB

Available Pagefile: 4481.98 MB

Total Virtual: 2047.88 MB

Available Virtual: 1898.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:262.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 7CC2FB56)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01

Ran by Rickey (administrator) on MAVERICK on 26-11-2014 17:37:45

Running from C:\Users\Rickey\Downloads

Loaded Profile: Rickey (Available profiles: Rickey)

Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Webroot) C:\Program Files\Webroot\WRSA.exe

(SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe

(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(Webroot) C:\Program Files\Webroot\WRSA.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe

(QFX Software Corporation) C:\Program Files\KeyScrambler\KeyScrambler.exe

(Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi Go Pro\Volume Panel\VolPanlu.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

(Microsoft Corporation) C:\Windows\System32\msiexec.exe

(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [768656 2014-11-23] (Webroot)

HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [440632 2014-08-29] (Malwarebytes Corporation)

HKLM\...\Run: [KeyScrambler] => C:\Program Files\KeyScrambler\keyscrambler.exe [508744 2014-10-26] (QFX Software Corporation)

HKLM\...\Run: [VolPanel] => C:\Program Files\Creative\Sound Blaster X-Fi Go Pro\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd)

HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)

HKLM\...\Policies\Explorer: [NoFolderOptions] 0

HKLM\...\Policies\Explorer: [NoViewOnDrive] 0

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKLM\...\Policies\Explorer: [NoViewContextMenu] 0

HKLM\...\Policies\Explorer: [NoShellSearchButton] 0

HKLM\...\Policies\Explorer: [NoFind] 0

HKLM\...\Policies\Explorer: [NoFile] 0

HKLM\...\Policies\Explorer: [HideClock] 0

HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0

HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKLM\...\Policies\Explorer: [NoSetFolders] 0

HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKLM\...\Policies\Explorer: [NoSetTaskbar] 0

HKLM\...\Policies\Explorer: [NoDeletePrinter] 0

HKLM\...\Policies\Explorer: [NoDFSTab] 0

HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0

HKLM\...\Policies\Explorer: [NoLogoff] 0

HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0

HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0

HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKLM\...\Policies\Explorer: [NoResolveSearch] 0

HKLM\...\Policies\Explorer: [NoSaveSettings] 0

HKLM\...\Policies\Explorer: [NoHardwareTab] 0

HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKLM\...\Policies\Explorer: [NoDesktop] 0

HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0

HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0

HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0

HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0

HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0

HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0

HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0

HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0

HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-30] (Piriform Ltd)

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Run: [RoboForm] => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2014-11-20] (Siber Systems)

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30521952 2014-11-24] (Skype Technologies S.A.)

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6697752 2014-11-13] (SUPERAntiSpyware)

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\system: [DisableCMD] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\system: [NoDispAppearancePage] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\system: [NoDispBackgroundPage] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\system: [NoDispSettingsPage] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoFile] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoSetFolders] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoDFSTab] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoLogoff] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoResolveSearch] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoHardwareTab] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\MountPoints2: D - D:\setup.exe

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\MountPoints2: {d6b51267-6e66-11e4-826b-806e6f6e6963} - D:\SetupAssistant.exe

HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-11-17] (Microsoft Corporation)

HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0

HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0

HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0

HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0

HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-674551400-1475256033-2490423522-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://drudgereport.com/

BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)

BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)

Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com...ols/pcmatic.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...30321/CTPID.cab

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.2

FireFox:

========

FF ProfilePath: C:\Users\Rickey\AppData\Roaming\Mozilla\Firefox\Profiles\yjbaetqq.default

FF Homepage: hxxp://drudgereport.com|hxxp://breitbart.com

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()

FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-674551400-1475256033-2490423522-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF Extension: Webroot Password Manager - C:\Users\Rickey\AppData\Roaming\Mozilla\Firefox\Profiles\yjbaetqq.default\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} [2014-11-23]

FF HKLM\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer

FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014-11-17]

FF HKU\S-1-5-21-674551400-1475256033-2490423522-1001\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox

FF Extension: RoboForm Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox [2014-11-20]

Chrome:

=======

CHR HomePage: Default -> hxxp://www.drudgereport.com/

CHR StartupUrls: Default -> "hxxp://help.comodo.com/topic-120-1-279-2590-Displaying-Hiding-Application-buttons-on-the-Toolbar.html", "hxxp://manhattan.lib.ks.us/", "https://www.yahoo.co...t&type=avastbcl", "hxxp://www.google.com/"

CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll ()

CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.71\internal-nacl-plugin No File

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll ()

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll No File

CHR Profile: C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Drive) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-19]

CHR Extension: (Bookmark Sentry (scanner)) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga [2014-11-19]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-19]

CHR Extension: (Pop Block Pro - The Ultimate Popup Blocker) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjmjkdknjeokcmgjmdpkccpmahfmiib [2014-11-24]

CHR Extension: (Poper Blocker) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2014-11-19]

CHR Extension: (YouTube) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-19]

CHR Extension: (CancanIT SEO & Website Analysis) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdpkkcoifgekomfdnhgmhdbandakmped [2014-11-19]

CHR Extension: (Adblock Plus) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-19]

CHR Extension: (TrafficLight) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2014-11-23]

CHR Extension: (Link to Google Analytics | Shortcut) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbofdajbjpegicggccpealogclcdiap [2014-11-19]

CHR Extension: (Alexa Traffic Rank) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel [2014-11-19]

CHR Extension: (Google Search) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-19]

CHR Extension: (Netflix) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2014-11-19]

CHR Extension: (Good News) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\deegloljmdbfbjhlimieancmcfombgjj [2014-11-19]

CHR Extension: (Lucidchart Diagrams - Desktop) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\djejicklhojeokkfmdelnempiecmdomj [2014-11-19]

CHR Extension: (Business Card Maker) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpchnngplfnmejdkfgpmfhifccngoiih [2014-11-19]

CHR Extension: (Reverse Phone Lookup) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\eccacjpoadkkkichonipjpkjoklpdacg [2014-11-19]

CHR Extension: (Typing Races Student) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhoalfilhjkgjphcbnhnnjmhgbcmgeg [2014-11-19]

CHR Extension: (Google Calendar) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-11-19]

CHR Extension: (Antavo - Contest & Activation Suite) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ennfopamliahhindmboeiainjeanckib [2014-11-19]

CHR Extension: (Blur (Formerly DoNotTrackMe)) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-11-19]

CHR Extension: (AdBlock Premium) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-11-19]

CHR Extension: (Chrome Web Store Launcher (by Google)) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gecgipfabdickgidpmbicneamekgbaej [2014-11-21]

CHR Extension: (Planetarium) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2014-11-19]

CHR Extension: (AdBlock) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-19]

CHR Extension: (DocuSign - Sign Documents for Free) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\goblijolcnempeilmnkmfbhohlpngemd [2014-11-19]

CHR Extension: (IE Tab) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2014-11-19]

CHR Extension: (Similar Sites Pro) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl [2014-11-23]

CHR Extension: (AWeber) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiecooifilpmabeidiegjiekkngdhhkc [2014-11-19]

CHR Extension: (How To Make Money) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\imojecgofbipiadfdmggpminpkpfdddg [2014-11-19]

CHR Extension: (Dropbox) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-11-19]

CHR Extension: (Typing Test - KeyHero) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2014-11-19]

CHR Extension: (RightSignature) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkhcpgjhhebecogfbaelmpmpcccdofep [2014-11-19]

CHR Extension: (Webroot Filtering Extension) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-11-19]

CHR Extension: (StayFocusd) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2014-11-19]

CHR Extension: (Presefy Presentation) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\laceanlcibahaedgdbmaehhdemabnppf [2014-11-19]

CHR Extension: (Currency Converter) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbhghjdcfghfhlogkgdklfgmpodeglno [2014-11-19]

CHR Extension: (Webcam Toy) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-11-19]

CHR Extension: (Simplebooklet) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhfhnhfkmicpmbafobnpegjhaihjinph [2014-11-19]

CHR Extension: (Classic Popup Blocker) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp [2014-11-19]

CHR Extension: (Payable form: add Paypal to your Google Form) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkdpfjbplbappibihpepdcpikflmlnfb [2014-11-19]

CHR Extension: (Google Maps) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-11-19]

CHR Extension: (PayPal Transactions) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnoilgegkhenejdjcejnkkcklcdfibbd [2014-11-19]

CHR Extension: (Rain Alarm) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\meaikaglpfemjncbioflellmppndgmok [2014-11-19]

CHR Extension: (Ghostery Fixer) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaegpmdlhnpldpoadmnnbddbkcdmbhb [2014-11-19]

CHR Extension: (Ghostery) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-11-19]

CHR Extension: (ClearCheckbook Money Management) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncgheejpeplfmifkibfifpdhceopaifp [2014-11-19]

CHR Extension: (Similar Sites) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\necpbmbhhdiplmfhmjicabdeighkndkn [2014-11-19]

CHR Extension: (GData Centers 9 Hamina, Finland) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nellajllheicipgipifopnhjjhiljnpi [2014-11-26]

CHR Extension: (Google Wallet) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-19]

CHR Extension: (Adblock Pro) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2014-11-19]

CHR Extension: (Webroot Password Manager) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-11-19]

CHR Extension: (Click&Clean App) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-11-19]

CHR Extension: (HackerTarget.com IP Tools) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\phjkepckmcnjohilmbjlcoblenhgpjmo [2014-11-19]

CHR Extension: (Gmail) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-19]

CHR Extension: (Popout for YouTube™) - C:\Users\Rickey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pofekaindcmmojfnfgbpklepkjfilcep [2014-11-19]

CHR HKLM\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.2.42.crx [2014-11-17]

CHR HKLM\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-11-17]

CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-11-20]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)

S3 Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-11-26] (Creative Labs) [File not signed]

S3 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-11-26] (Creative Labs) [File not signed]

R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]

R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2014-11-23] (SurfRight B.V.)

R2 hmpalertsvc; C:\Program Files\HitmanPro.Alert\hmpalert.exe [1876816 2014-11-26] (SurfRight B.V.)

R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [441144 2014-08-29] (Malwarebytes Corporation)

R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)

R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [768656 2014-11-23] (Webroot)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [47896 2014-08-30] ()

S3 G311N6; C:\Windows\System32\DRIVERS\G311N6.sys [278560 2010-05-05] (Netgear) [File not signed]

R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [75640 2014-11-26] ()

R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [209016 2013-05-31] (QFX Software Corporation)

S3 ksaud; C:\Windows\System32\drivers\ksaud.sys [1254400 2010-08-11] (Creative Technology Ltd.) [File not signed]

R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-10-01] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-26] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [116736 2014-11-23] (Webroot)

U0 SR; No ImagePath

U2 srservice; No ImagePath

U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-13] (Microsoft Corporation)

U3 aswMBR; \??\C:\Users\Rickey\AppData\Local\Temp\aswMBR.sys [X]

U3 aswVmm; \??\C:\Users\Rickey\AppData\Local\Temp\aswVmm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-26 17:37 - 2014-11-26 17:38 - 00032158 _____ () C:\Users\Rickey\Downloads\FRST.txt

2014-11-26 17:37 - 2014-11-26 17:37 - 00000000 ____D () C:\FRST

2014-11-26 17:33 - 2014-11-26 17:33 - 00001999 _____ () C:\Users\Public\Desktop\Microsoft LifeCam.lnk

2014-11-26 17:33 - 2014-11-26 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam

2014-11-26 17:32 - 2014-11-26 17:33 - 00000000 ____D () C:\Program Files\Microsoft LifeCam

2014-11-26 17:32 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll

2014-11-26 17:32 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll

2014-11-26 17:16 - 2014-11-26 17:34 - 00000000 ____D () C:\Users\Rickey\Downloads\WhatTheTech

2014-11-26 17:14 - 2014-11-26 17:14 - 01109504 _____ (Farbar) C:\Users\Rickey\Downloads\FRST.exe

2014-11-26 17:11 - 2014-11-26 17:11 - 05198336 _____ (AVAST Software) C:\Users\Rickey\Downloads\aswMBR.exe

2014-11-26 16:57 - 2014-11-26 16:57 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\EncryptStick

2014-11-26 16:31 - 2014-11-26 16:31 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e0342571-d149-42b9-a590-c405e8897b8d.job

2014-11-26 16:31 - 2014-11-26 16:31 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 828c1455-990b-449d-a054-fa6632f3566c.job

2014-11-26 16:31 - 2014-11-26 16:31 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\SUPERAntiSpyware.com

2014-11-26 16:30 - 2014-11-26 16:31 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

2014-11-26 16:30 - 2014-11-26 16:30 - 00001961 _____ () C:\Users\Rickey\Desktop\SUPERAntiSpyware Professional.lnk

2014-11-26 16:30 - 2014-11-26 16:30 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2014-11-26 16:30 - 2014-11-26 16:30 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com

2014-11-26 15:28 - 2014-11-26 17:33 - 00000430 _____ () C:\Windows\setupact.log

2014-11-26 15:28 - 2014-11-26 15:28 - 00000000 _____ () C:\Windows\setuperr.log

2014-11-26 15:12 - 2010-08-12 11:46 - 00758784 _____ (NVIDIA Corporation) C:\Windows\system32\cohelper.dll

2014-11-26 15:12 - 2010-08-09 22:33 - 00011164 _____ () C:\Windows\system32\Drivers\nvphy.bin

2014-11-26 15:10 - 2014-11-26 15:54 - 00000000 ____D () C:\Windows\LastGood

2014-11-26 14:41 - 2014-11-26 14:41 - 03984880 _____ () C:\Users\Rickey\Downloads\Tweaking.com-ResetRegistryPermissions.exe

2014-11-26 13:49 - 2014-11-26 17:31 - 00000000 ____D () C:\Windows\CryptoGuard

2014-11-26 13:49 - 2014-11-26 13:49 - 00477008 _____ (SurfRight) C:\Windows\system32\hmpalert.dll

2014-11-26 13:49 - 2014-11-26 13:49 - 00075640 _____ () C:\Windows\system32\Drivers\hmpalert.sys

2014-11-26 13:49 - 2014-11-26 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert

2014-11-26 13:49 - 2014-11-26 13:49 - 00000000 ____D () C:\Program Files\HitmanPro.Alert

2014-11-26 09:53 - 2014-11-26 17:21 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\Skype

2014-11-26 09:53 - 2014-11-26 09:53 - 00002503 _____ () C:\Users\Public\Desktop\Skype.lnk

2014-11-26 09:53 - 2014-11-26 09:53 - 00000000 ___RD () C:\Program Files\Skype

2014-11-26 09:53 - 2014-11-26 09:53 - 00000000 ____D () C:\Users\Rickey\AppData\Local\Skype

2014-11-26 09:53 - 2014-11-26 09:53 - 00000000 ____D () C:\ProgramData\Skype

2014-11-26 09:53 - 2014-11-26 09:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2014-11-26 09:53 - 2014-11-26 09:53 - 00000000 ____D () C:\Program Files\Common Files\Skype

2014-11-26 08:36 - 2014-11-26 08:37 - 04745544 _____ (Google) C:\Users\Rickey\Downloads\software_removal_tool.exe

2014-11-26 08:12 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\Windows\Updreg.EXE

2014-11-26 08:09 - 2010-07-22 16:45 - 00181760 _____ () C:\Windows\system32\APOMngr.DLL

2014-11-26 08:09 - 2009-12-29 16:50 - 00073728 _____ () C:\Windows\system32\CmdRtr.DLL

2014-11-26 08:09 - 2009-05-26 15:59 - 00026768 _____ () C:\Windows\ksaudENG.reg

2014-11-26 08:09 - 2007-07-05 10:27 - 00002630 _____ () C:\Windows\MixerName.reg

2014-11-26 08:08 - 2014-11-26 08:08 - 00445016 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll

2014-11-26 08:08 - 2014-11-26 08:08 - 00109144 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll

2014-11-26 08:08 - 2014-11-26 08:08 - 00002267 _____ () C:\Users\Public\Desktop\Creative Product Registration.lnk

2014-11-26 08:08 - 2014-11-26 08:08 - 00000000 ____D () C:\Program Files\Common Files\Creative Labs Shared

2014-11-26 08:08 - 2012-01-13 11:21 - 02906586 ____N (Creative) C:\Windows\system32\Sens_oal.dll

2014-11-25 09:50 - 2014-11-25 09:50 - 00002078 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk

2014-11-25 09:50 - 2014-11-25 09:50 - 00002066 _____ () C:\Users\Public\Desktop\Belarc Advisor.lnk

2014-11-25 09:50 - 2014-11-25 09:50 - 00000000 ____D () C:\Program Files\Belarc

2014-11-24 19:14 - 2014-11-24 19:14 - 00008489 _____ () C:\Users\Rickey\Documents\hijackthis_settings.txt

2014-11-24 18:52 - 2014-11-26 16:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-11-24 17:36 - 2014-11-24 17:36 - 00008385 _____ () C:\Users\Rickey\Downloads\hijackthis.log

2014-11-24 17:35 - 2014-11-24 17:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Rickey\Downloads\HijackThis.exe

2014-11-24 17:18 - 2014-11-24 17:34 - 00000000 ____D () C:\Users\Rickey\Downloads\mbar

2014-11-24 14:36 - 2014-11-24 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler

2014-11-24 14:36 - 2014-11-24 14:36 - 00000000 ____D () C:\Program Files\KeyScrambler

2014-11-24 14:36 - 2013-05-31 08:53 - 00209016 _____ (QFX Software Corporation) C:\Windows\system32\Drivers\keyscrambler.sys

2014-11-24 11:26 - 2014-11-24 11:26 - 00007599 _____ () C:\Users\Rickey\AppData\Local\Resmon.ResmonCfg

2014-11-24 03:42 - 2014-11-24 04:04 - 00000000 ____D () C:\Users\Rickey\EWTN Multimedia

2014-11-23 15:58 - 2014-11-23 15:58 - 00001893 _____ () C:\Users\Public\Desktop\HitmanPro.lnk

2014-11-23 15:58 - 2014-11-23 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

2014-11-23 15:57 - 2014-11-23 15:58 - 00000000 ____D () C:\Program Files\HitmanPro

2014-11-23 15:56 - 2014-11-23 16:01 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-11-23 14:16 - 2014-11-23 14:16 - 00050529 _____ () C:\Users\Rickey\Downloads\user_accesslog.zip

2014-11-23 13:38 - 2014-11-23 13:38 - 43059656 _____ () C:\Users\Rickey\Downloads\BDPUARLauncher.exe

2014-11-23 12:59 - 2014-11-24 17:17 - 00000000 ____D () C:\Users\Rickey\Desktop\mbar

2014-11-23 12:59 - 2014-11-23 12:59 - 00001013 _____ () C:\Users\Public\Desktop\FileASSASSIN.lnk

2014-11-23 12:59 - 2014-11-23 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN

2014-11-23 12:59 - 2014-11-23 12:59 - 00000000 ____D () C:\Program Files\FileASSASSIN

2014-11-23 12:55 - 2014-11-23 12:55 - 04909382 _____ () C:\Users\Rickey\Downloads\mbam-chameleon-3.1.7.0.zip

2014-11-23 08:48 - 2014-11-23 08:48 - 04071672 _____ (Bitdefender LLC) C:\Users\Rickey\Downloads\BDUSBImmunizerLauncher.exe

2014-11-23 08:41 - 2014-11-23 08:41 - 07268536 _____ (Bitdefender LLC) C:\Users\Rickey\Downloads\BootkitRemoval_x86.exe

2014-11-23 05:47 - 2014-11-23 09:15 - 00000000 ____D () C:\Users\Rickey\AppData\Local\lptmp716602764

2014-11-23 05:34 - 2014-11-23 05:34 - 00000000 __SHD () C:\Users\Rickey\AppData\Local\EmieUserList

2014-11-23 05:34 - 2014-11-23 05:34 - 00000000 __SHD () C:\Users\Rickey\AppData\Local\EmieSiteList

2014-11-23 05:34 - 2014-11-23 05:34 - 00000000 __SHD () C:\Users\Rickey\AppData\Local\EmieBrowserModeList

2014-11-23 05:30 - 2014-11-23 05:30 - 00000000 ____D () C:\Support

2014-11-23 05:25 - 2012-07-30 11:14 - 00031616 ____N () C:\Windows\system32\FoolishEventLogMsgHelper.dll

2014-11-23 05:24 - 2014-11-23 09:15 - 00000000 ____D () C:\Users\Rickey\AppData\Local\lptmp893108261

2014-11-23 05:21 - 2014-11-23 09:15 - 00000000 ____D () C:\Users\Rickey\Downloads\D7

2014-11-23 04:51 - 2014-11-23 04:51 - 00000000 ____D () C:\Program Files\Tweaking.com

2014-11-22 23:29 - 2014-11-23 00:42 - 00000000 ____D () C:\Users\Rickey\.moneydance

2014-11-22 23:28 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\Moneydance

2014-11-20 05:16 - 2014-11-23 09:15 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RoboForm

2014-11-20 05:16 - 2014-11-23 04:22 - 00000000 ____D () C:\Users\Rickey\Documents\My RoboForm Data

2014-11-20 05:16 - 2014-11-20 05:16 - 00000000 ____D () C:\ProgramData\RoboForm

2014-11-20 05:14 - 2014-11-23 09:06 - 00000000 ____D () C:\Program Files\Siber Systems

2014-11-19 18:25 - 2012-07-25 21:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe

2014-11-19 18:25 - 2012-07-25 21:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll

2014-11-19 18:25 - 2012-07-25 21:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll

2014-11-19 18:25 - 2012-07-25 21:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll

2014-11-19 18:25 - 2012-07-25 21:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll

2014-11-19 18:25 - 2012-07-25 20:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys

2014-11-19 18:25 - 2012-07-25 20:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys

2014-11-19 18:25 - 2012-06-02 08:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

2014-11-19 18:14 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

2014-11-19 18:14 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\Speccy

2014-11-19 18:14 - 2014-11-19 18:14 - 00000937 _____ () C:\Users\Public\Desktop\Speccy.lnk

2014-11-19 17:55 - 2014-11-19 17:55 - 00965904 ____N () C:\Users\Rickey\Documents\Webroot Threat Removal 10_19_2014.log

2014-11-19 17:51 - 2014-11-19 17:51 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\OpenOffice

2014-11-19 17:50 - 2014-11-26 15:15 - 00000000 ____D () C:\Users\Rickey\AppData\Local\CrashDumps

2014-11-19 14:41 - 2014-11-19 14:41 - 00000000 __RSH () C:\MSDOS.SYS

2014-11-19 14:41 - 2014-11-19 14:41 - 00000000 __RSH () C:\IO.SYS

2014-11-19 14:29 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-11-19 14:29 - 2014-11-19 14:47 - 00029160 _____ () C:\Windows\system32\Drivers\TrueSight.sys

2014-11-19 14:28 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip

2014-11-19 14:28 - 2014-11-19 14:28 - 00001025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk

2014-11-19 14:28 - 2014-11-19 14:28 - 00001019 _____ () C:\Users\Public\Desktop\WinZip.lnk

2014-11-19 13:45 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\WinZip

2014-11-19 13:36 - 2014-08-03 02:08 - 04806744 _____ () C:\Users\Rickey\Desktop\RogueKiller.exe

2014-11-19 13:35 - 2014-07-02 08:20 - 00237427 ____N () C:\Users\Rickey\Desktop\buy_sell_ecourse_udemy.htm

2014-11-19 11:02 - 2014-11-26 17:29 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit

2014-11-19 11:02 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit

2014-11-19 11:02 - 2014-11-19 11:02 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk

2014-11-19 11:01 - 2014-11-26 15:09 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-11-19 11:01 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-11-19 11:01 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-11-19 11:01 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit

2014-11-19 11:01 - 2014-11-23 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-11-19 11:01 - 2014-11-19 11:01 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-11-19 11:01 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-11-19 11:01 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-11-19 11:01 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-11-19 08:16 - 2014-11-19 08:16 - 00000218 _____ () C:\Users\Rickey\AppData\Local\recently-used.xbel

2014-11-19 07:54 - 2014-11-19 18:04 - 00000000 ____D () C:\Users\Rickey\AppData\Local\homebank

2014-11-19 07:53 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-11-19 07:53 - 2014-11-19 11:41 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\Apple Computer

2014-11-19 07:53 - 2014-11-19 07:53 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-11-19 07:53 - 2014-11-19 07:53 - 00000000 ____D () C:\Users\Rickey\AppData\Local\Apple Computer

2014-11-19 07:52 - 2012-10-03 16:14 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys

2014-11-19 07:51 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB

2014-11-19 07:51 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Apple Computer

2014-11-19 07:51 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\iTunes

2014-11-19 07:51 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\iPod

2014-11-19 07:50 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Apple

2014-11-19 07:50 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\Bonjour

2014-11-19 07:50 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\Apple Software Update

2014-11-19 07:50 - 2014-11-23 09:05 - 00000000 ____D () C:\Program Files\Common Files\Apple

2014-11-19 07:50 - 2014-11-19 07:50 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2014-11-19 07:50 - 2014-11-19 07:50 - 00000000 ____D () C:\Users\Rickey\AppData\Local\Apple

2014-11-19 05:47 - 2014-11-26 16:52 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-11-19 05:47 - 2014-11-26 15:09 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-11-19 05:47 - 2014-11-25 20:54 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-11-19 05:47 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-11-19 05:47 - 2014-11-23 09:07 - 00000000 ____D () C:\Users\Rickey\AppData\Local\Google

2014-11-19 05:47 - 2014-11-23 09:05 - 00000000 ____D () C:\Program Files\Google

2014-11-19 03:20 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-11-19 03:20 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll

2014-11-19 03:20 - 2012-02-10 23:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe

2014-11-19 03:20 - 2011-03-10 23:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys

2014-11-19 03:20 - 2011-03-10 23:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys

2014-11-19 03:20 - 2011-03-10 23:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys

2014-11-19 03:20 - 2011-03-10 23:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys

2014-11-19 03:20 - 2011-03-10 23:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys

2014-11-19 03:20 - 2011-03-10 23:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll

2014-11-19 03:20 - 2011-03-10 23:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe

2014-11-19 03:20 - 2011-03-10 22:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS

2014-11-19 03:19 - 2014-09-04 19:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-11-19 03:19 - 2014-08-28 19:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-11-19 03:19 - 2014-07-08 19:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL

2014-11-19 03:19 - 2014-07-08 19:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL

2014-11-19 03:19 - 2014-07-08 19:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL

2014-11-19 03:19 - 2014-07-08 19:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL

2014-11-19 03:19 - 2014-07-08 19:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL

2014-11-19 03:19 - 2014-07-08 16:30 - 00419992 _____ () C:\Windows\system32\locale.nls

2014-11-19 03:19 - 2011-02-24 23:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe

2014-11-19 01:35 - 2014-05-08 03:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2014-11-18 17:00 - 2012-08-23 08:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll

2014-11-18 17:00 - 2012-08-23 08:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys

2014-11-18 17:00 - 2012-08-23 05:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll

2014-11-18 16:45 - 2013-10-01 18:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys

2014-11-18 16:45 - 2013-10-01 18:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2014-11-18 16:45 - 2013-10-01 18:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2014-11-18 16:45 - 2013-10-01 18:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll

2014-11-18 16:45 - 2013-10-01 18:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll

2014-11-18 16:45 - 2013-10-01 17:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2014-11-18 16:45 - 2013-10-01 17:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll

2014-11-18 16:45 - 2013-10-01 17:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2014-11-18 16:45 - 2013-10-01 17:00 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2014-11-18 16:45 - 2013-10-01 16:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2014-11-18 16:45 - 2013-10-01 16:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2014-11-18 15:34 - 2014-11-23 04:15 - 00000000 ____D () C:\aa5c4998d60b779146272f

2014-11-18 15:28 - 2014-06-26 19:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-11-18 15:18 - 2014-06-30 16:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-11-18 15:18 - 2014-06-06 00:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-11-18 15:18 - 2014-03-09 15:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-11-18 15:18 - 2014-03-09 15:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-11-18 15:18 - 2012-02-29 23:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys

2014-11-18 15:18 - 2012-02-29 23:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll

2014-11-18 15:11 - 2013-05-09 22:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2014-11-18 15:11 - 2013-05-09 22:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2014-11-18 08:13 - 2014-10-17 19:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2014-11-18 08:13 - 2014-07-13 19:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-11-18 08:13 - 2014-06-15 19:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-11-18 08:13 - 2014-06-15 19:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2014-11-18 08:13 - 2014-06-15 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2014-11-18 08:13 - 2014-03-04 03:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2014-11-18 08:13 - 2014-03-04 03:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-11-18 08:13 - 2013-10-29 20:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2014-11-18 08:13 - 2013-10-18 19:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2014-11-18 08:13 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2014-11-18 08:13 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll

2014-11-18 08:13 - 2013-07-08 22:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2014-11-18 08:13 - 2013-07-04 05:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2014-11-18 08:13 - 2013-07-02 22:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys

2014-11-18 08:13 - 2013-07-02 21:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2014-11-18 08:13 - 2013-07-02 21:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2014-11-18 08:13 - 2013-02-11 21:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys

2014-11-18 08:13 - 2013-01-23 22:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys

2014-11-18 08:13 - 2012-11-01 23:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll

2014-11-18 08:13 - 2012-08-22 11:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys

2014-11-18 08:13 - 2012-07-04 13:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys

2014-11-18 08:13 - 2011-06-15 22:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll

2014-11-18 08:13 - 2011-04-28 20:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys

2014-11-18 08:13 - 2011-04-28 20:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys

2014-11-18 08:13 - 2011-04-28 20:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys

2014-11-18 08:13 - 2011-03-02 23:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll

2014-11-18 08:13 - 2011-03-02 23:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll

2014-11-18 08:13 - 2011-03-02 23:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe

2014-11-18 08:13 - 2011-02-17 23:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe

2014-11-18 08:12 - 2014-10-13 19:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-11-18 08:12 - 2014-10-09 18:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-11-18 08:12 - 2014-10-02 19:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

2014-11-18 08:12 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll

2014-11-18 08:12 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll

2014-11-18 08:12 - 2014-10-02 19:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll

2014-11-18 08:12 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll

2014-11-18 08:12 - 2014-09-03 23:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll

2014-11-18 08:12 - 2014-08-22 19:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-11-18 08:12 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-11-18 08:12 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-11-18 08:12 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL

2014-11-18 08:12 - 2014-03-26 08:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-11-18 08:12 - 2014-03-26 08:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2014-11-18 08:12 - 2014-03-04 03:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-11-18 08:12 - 2014-03-04 03:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-11-18 08:12 - 2014-03-04 03:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-11-18 08:12 - 2014-03-04 03:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-11-18 08:12 - 2014-03-04 03:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-11-18 08:12 - 2014-03-04 03:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-11-18 08:12 - 2014-03-04 03:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-11-18 08:12 - 2014-03-04 03:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-11-18 08:12 - 2014-01-27 20:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-11-18 08:12 - 2013-11-23 12:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2014-11-18 08:12 - 2013-10-11 20:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2014-11-18 08:12 - 2013-10-11 20:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2014-11-18 08:12 - 2013-10-11 19:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2014-11-18 08:12 - 2013-10-11 19:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2014-11-18 08:12 - 2013-08-27 18:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2014-11-18 08:12 - 2013-07-20 04:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-11-18 08:12 - 2013-06-05 22:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2014-11-18 08:12 - 2013-06-05 22:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2014-11-18 08:12 - 2013-06-05 22:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2014-11-18 08:12 - 2013-06-05 21:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2014-11-18 08:12 - 2013-06-05 21:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2014-11-18 08:12 - 2013-05-12 21:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2014-11-18 08:12 - 2013-05-12 21:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll

2014-11-18 08:12 - 2013-05-09 21:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll

2014-11-18 08:12 - 2013-04-25 22:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2014-11-18 08:12 - 2013-04-09 17:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2014-11-18 08:12 - 2013-03-18 21:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll

2014-11-18 08:12 - 2012-08-21 14:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe

2014-11-18 08:12 - 2011-12-29 23:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl

2014-11-18 08:12 - 2011-08-26 22:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll

2014-11-18 08:12 - 2011-08-16 22:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll

2014-11-18 08:12 - 2011-08-16 22:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax

2014-11-18 08:12 - 2011-07-08 20:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2014-11-18 08:12 - 2011-05-24 04:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll

2014-11-18 08:12 - 2011-05-02 22:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2014-11-18 08:12 - 2011-04-26 20:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2014-11-18 08:12 - 2011-04-26 20:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2014-11-18 08:11 - 2014-11-05 11:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2014-11-18 08:11 - 2014-11-05 11:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-11-18 08:11 - 2014-11-05 11:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-11-18 08:11 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2014-11-18 08:11 - 2014-09-19 03:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-11-18 08:11 - 2014-09-19 03:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-11-18 08:11 - 2014-09-19 03:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-11-18 08:11 - 2014-09-19 03:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-11-18 08:11 - 2014-09-19 03:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-11-18 08:11 - 2014-09-19 03:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-11-18 08:11 - 2014-08-01 05:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-11-18 08:11 - 2014-06-23 20:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-11-18 08:11 - 2014-06-17 19:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-11-18 08:11 - 2014-06-06 03:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-11-18 08:11 - 2014-06-03 03:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-11-18 08:11 - 2014-06-03 03:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-11-18 08:11 - 2014-06-03 03:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-11-18 08:11 - 2014-05-30 00:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-11-18 08:11 - 2014-04-04 20:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-11-18 08:11 - 2014-04-04 20:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-11-18 08:11 - 2014-02-03 20:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys

2014-11-18 08:11 - 2014-02-03 20:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2014-11-18 08:11 - 2014-02-03 20:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys

2014-11-18 08:11 - 2014-02-03 20:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-11-18 08:11 - 2014-02-03 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll

2014-11-18 08:11 - 2014-01-23 20:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2014-11-18 08:11 - 2013-11-26 05:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-11-18 08:11 - 2013-10-03 19:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2014-11-18 08:11 - 2013-10-03 19:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2014-11-18 08:11 - 2013-07-25 02:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2014-11-18 08:11 - 2012-10-03 10:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

2014-11-18 08:11 - 2012-10-03 10:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll

2014-11-18 08:11 - 2012-10-03 10:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll

2014-11-18 08:11 - 2012-10-03 10:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll

2014-11-18 08:11 - 2012-10-03 10:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll

2014-11-18 08:11 - 2012-10-03 10:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll

2014-11-18 08:11 - 2012-10-03 09:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2014-11-18 08:11 - 2012-07-04 15:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll

2014-11-18 08:11 - 2012-07-04 15:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll

2014-11-18 08:11 - 2012-07-04 15:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll

2014-11-18 08:11 - 2012-06-05 23:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll

2014-11-18 08:11 - 2012-05-05 01:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2014-11-18 08:11 - 2011-10-25 22:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll

2014-11-18 08:11 - 2011-10-14 23:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll

2014-11-18 08:11 - 2011-05-03 22:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2014-11-18 08:11 - 2011-05-03 22:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2014-11-18 08:11 - 2011-05-03 22:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2014-11-18 08:11 - 2011-05-03 22:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2014-11-18 08:11 - 2011-05-03 22:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll

2014-11-18 08:11 - 2011-05-03 22:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll

2014-11-18 08:11 - 2011-05-03 22:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2014-11-18 08:11 - 2011-05-03 22:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2014-11-18 08:11 - 2011-05-03 22:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe

2014-11-18 08:11 - 2011-02-11 23:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe

2014-11-18 08:11 - 2010-12-22 23:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll

2014-11-18 08:11 - 2010-12-22 23:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll

2014-11-18 08:11 - 2010-12-22 23:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax

2014-11-18 08:10 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll

2014-11-18 08:10 - 2014-07-16 19:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll

2014-11-18 08:10 - 2014-07-16 19:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-11-18 08:10 - 2014-07-16 19:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll

2014-11-18 08:10 - 2014-07-16 19:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys

2014-11-18 08:10 - 2014-07-16 19:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2014-11-18 08:10 - 2014-06-18 16:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll

2014-11-18 08:10 - 2014-06-18 16:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll

2014-11-18 08:10 - 2014-06-18 16:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll

2014-11-18 08:10 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2014-11-18 08:10 - 2013-10-11 20:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2014-11-18 08:10 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2014-11-18 08:10 - 2013-08-04 19:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2014-11-18 08:10 - 2013-07-25 19:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2014-11-18 08:10 - 2013-07-04 05:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2014-11-18 08:10 - 2013-07-04 05:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2014-11-18 08:10 - 2013-07-04 03:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2014-11-18 08:10 - 2012-12-07 06:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll

2014-11-18 08:10 - 2012-12-07 06:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll

2014-11-18 08:10 - 2012-12-07 04:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs

2014-11-18 08:10 - 2012-12-07 04:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs

2014-11-18 08:10 - 2012-09-25 16:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll

2014-11-18 08:10 - 2012-05-13 22:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2014-11-18 08:10 - 2012-04-30 22:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2014-11-18 08:10 - 2012-04-25 22:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll

2014-11-18 08:10 - 2012-04-25 22:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe

2014-11-18 08:10 - 2012-03-17 01:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys

2014-11-18 08:10 - 2012-01-04 02:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll

2014-11-18 08:10 - 2011-12-16 01:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll

2014-11-18 08:10 - 2011-11-16 23:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll

2014-11-18 08:10 - 2011-06-15 02:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll

2014-11-18 08:10 - 2011-06-15 02:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll

2014-11-18 08:10 - 2011-06-15 02:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll

2014-11-18 08:10 - 2011-06-15 02:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll

2014-11-18 08:10 - 2011-06-15 02:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll

2014-11-18 08:09 - 2014-11-05 20:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-11-18 08:09 - 2014-10-13 19:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-11-18 08:09 - 2014-10-13 19:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-11-18 08:09 - 2014-10-13 19:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll

2014-11-18 08:09 - 2014-10-13 19:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2014-11-18 08:09 - 2014-10-13 19:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2014-11-18 08:09 - 2014-09-09 15:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-11-18 08:09 - 2014-06-24 19:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-11-18 08:09 - 2014-04-24 20:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-11-18 08:09 - 2014-04-11 20:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-11-18 08:09 - 2014-04-11 20:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-11-18 08:09 - 2014-04-11 20:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-11-18 08:09 - 2014-04-11 20:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-11-18 08:09 - 2014-04-11 20:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-11-18 08:09 - 2014-03-04 03:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-11-18 08:09 - 2014-01-28 20:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-11-18 08:09 - 2013-12-03 20:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll

2014-11-18 08:09 - 2013-12-03 20:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll

2014-11-18 08:09 - 2013-12-03 20:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll

2014-11-18 08:09 - 2013-12-03 20:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll

2014-11-18 08:09 - 2013-12-03 20:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-11-18 08:09 - 2013-12-03 19:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe

2014-11-18 08:09 - 2013-12-03 19:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe

2014-11-18 08:09 - 2013-12-03 19:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe

2014-11-18 08:09 - 2013-12-03 19:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe

2014-11-18 08:09 - 2013-11-26 19:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-11-18 08:09 - 2013-11-26 19:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-11-18 08:09 - 2013-11-26 19:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-11-18 08:09 - 2013-11-26 19:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-11-18 08:09 - 2013-11-26 19:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-11-18 08:09 - 2013-11-26 19:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2014-11-18 08:09 - 2013-11-26 19:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-11-18 08:09 - 2013-11-26 02:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2014-11-18 08:09 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2014-11-18 08:09 - 2013-08-01 19:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 18:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2014-11-18 08:09 - 2013-08-01 18:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 18:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 18:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2014-11-18 08:09 - 2013-08-01 18:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2014-11-18 08:09 - 2013-07-12 04:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys

2014-11-18 08:09 - 2013-07-12 04:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys

2014-11-18 08:09 - 2013-07-12 04:07 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys

2014-11-18 08:09 - 2013-07-08 22:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2014-11-18 08:09 - 2013-07-08 22:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2014-11-18 08:09 - 2013-07-04 06:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2014-11-18 08:09 - 2013-06-25 16:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2014-11-18 08:09 - 2012-11-28 16:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys

2014-11-18 08:09 - 2012-11-28 16:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll

2014-11-18 08:09 - 2012-11-28 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

2014-11-18 08:09 - 2012-10-09 11:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll

2014-11-18 08:09 - 2012-10-09 11:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll

2014-11-18 08:09 - 2011-03-10 23:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll

2014-11-18 08:09 - 2011-03-10 23:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll

2014-11-18 08:09 - 2011-02-22 22:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys

2014-11-18 07:56 - 2013-02-26 22:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2014-11-18 07:52 - 2012-02-16 23:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll

2014-11-18 07:52 - 2012-02-16 22:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys

2014-11-18 07:45 - 2014-05-14 10:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-11-18 07:45 - 2014-05-14 10:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2014-11-18 07:45 - 2014-05-14 10:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-11-18 07:45 - 2014-05-14 10:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-11-18 07:45 - 2014-05-14 10:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2014-11-18 07:45 - 2014-05-14 10:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-11-18 07:45 - 2014-05-14 10:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2014-11-18 07:45 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-11-18 07:45 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-11-18 07:23 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer

2014-11-18 07:23 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\Tracker Software

2014-11-18 07:23 - 2014-11-18 07:23 - 00001171 _____ () C:\Users\Public\Desktop\PDF-Viewer.lnk

2014-11-18 04:37 - 2014-11-23 09:15 - 00000000 ___SD () C:\Users\Rickey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1

2014-11-18 04:37 - 2014-11-18 04:37 - 00001142 _____ () C:\Users\Rickey\Desktop\OpenOffice 4.1.1.lnk

2014-11-18 04:36 - 2014-11-23 09:06 - 00000000 ____D () C:\Program Files\OpenOffice 4

2014-11-18 03:59 - 2014-11-18 03:59 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-11-18 03:59 - 2014-11-18 03:59 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-11-18 03:59 - 2014-11-18 03:59 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-11-18 03:59 - 2014-11-18 03:59 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-11-18 03:59 - 2014-11-18 03:59 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-11-18 03:59 - 2014-11-18 03:59 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-11-18 03:59 - 2014-11-18 03:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-11-18 03:59 - 2014-11-18 03:59 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-11-18 03:59 - 2014-11-18 03:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-11-18 03:59 - 2014-11-18 03:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-11-18 03:59 - 2014-11-18 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-11-18 03:59 - 2014-11-18 03:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2014-11-18 03:59 - 2014-11-18 03:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-11-18 03:59 - 2014-11-18 03:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe

2014-11-18 03:59 - 2014-11-18 03:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-11-18 03:59 - 2014-11-18 03:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-11-18 03:59 - 2014-11-18 03:59 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-11-18 03:59 - 2014-11-18 03:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-11-18 03:57 - 2014-11-18 03:57 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-11-18 03:56 - 2014-11-18 03:56 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

2014-11-18 03:35 - 2014-08-11 07:26 - 00000773 ____N () C:\Users\Rickey\Documents\indexfile.txt

2014-11-18 03:32 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup

2014-11-18 03:32 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\MozBackup

2014-11-18 03:32 - 2014-11-18 03:32 - 00000985 _____ () C:\Users\Public\Desktop\MozBackup.lnk

2014-11-18 03:30 - 2014-11-23 09:15 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\Thunderbird

2014-11-18 03:30 - 2014-11-18 03:30 - 00000000 ____D () C:\Users\Rickey\AppData\Local\Thunderbird

2014-11-17 18:02 - 2014-11-17 18:02 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\Macromedia

2014-11-17 18:02 - 2014-11-17 18:02 - 00000000 ____D () C:\Users\Rickey\AppData\Local\Macromedia

2014-11-17 18:01 - 2014-11-23 09:16 - 00000000 ____D () C:\Windows\system32\SPReview

2014-11-17 18:01 - 2014-11-23 09:16 - 00000000 ____D () C:\Windows\system32\EventProviders

2014-11-17 16:51 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird

2014-11-17 16:51 - 2014-11-17 16:51 - 00002044 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2014-11-17 16:51 - 2014-11-17 16:51 - 00002032 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

2014-11-17 16:51 - 2014-11-17 16:51 - 00000000 ____D () C:\ProgramData\Mozilla

2014-11-17 16:37 - 2014-11-26 09:49 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-11-17 16:37 - 2014-11-26 09:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-11-17 16:37 - 2014-11-23 09:16 - 00000000 ____D () C:\Windows\system32\Macromed

2014-11-17 16:11 - 2014-11-23 09:06 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-11-17 16:11 - 2014-11-17 16:11 - 00001222 _____ () C:\Users\Rickey\Desktop\Revo Uninstaller.lnk

2014-11-17 16:09 - 2014-11-24 18:52 - 00000000 ____D () C:\Users\Rickey\AppData\Local\Adobe

2014-11-17 16:04 - 2014-11-23 09:07 - 00000000 ____D () C:\ProgramData\Creative

2014-11-17 16:01 - 2010-08-11 08:50 - 01254400 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\ksaud.sys

2014-11-17 16:01 - 2010-08-05 02:26 - 00192512 _____ (Creative Technology Ltd.) C:\Windows\system32\KSVSPI32.dll

2014-11-17 16:01 - 2010-08-02 22:28 - 00104448 _____ (Creative Technology Ltd.) C:\Windows\system32\SBAVMon.dll

2014-11-17 16:01 - 2010-07-23 13:13 - 00044795 _____ () C:\Windows\system32\kschimp.ini

2014-11-17 16:01 - 2010-07-22 04:13 - 00631431 _____ (Creative Technology Ltd) C:\Windows\KSAIM32.exe

2014-11-17 16:01 - 2010-07-22 02:37 - 00728576 _____ (Creative Technology Ltd.) C:\Windows\system32\KSAPO32.dll

2014-11-17 16:01 - 2010-07-22 02:37 - 00047104 _____ (Creative Technology Ltd.) C:\Windows\system32\KSPPLD32.dll

2014-11-17 16:01 - 2010-06-23 00:54 - 00003077 _____ () C:\ProgramData\cfSB1290.ini

2014-11-17 16:01 - 2010-06-02 02:26 - 00004534 _____ () C:\Windows\system32\SB.bmp

2014-11-17 16:01 - 2009-11-10 23:42 - 00196608 _____ (Creative Technology Limited) C:\Windows\system32\KsDvInst.dll

2014-11-17 16:00 - 2014-11-26 08:12 - 00000214 ___RH () C:\Windows\ctfile.rfc

2014-11-17 15:59 - 2006-10-06 14:17 - 00053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe

2014-11-17 15:59 - 2003-06-12 23:25 - 00007062 _____ () C:\Windows\system32\audiopid.vxd

2014-11-17 15:59 - 2000-05-22 16:58 - 00647872 ____N (Microsoft Corporation) C:\Windows\system32\Mscomct2.ocx

2014-11-17 15:58 - 2014-11-26 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative

2014-11-17 15:57 - 2014-11-26 08:12 - 00000000 ____D () C:\Program Files\Creative

2014-11-17 15:57 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\Common Files\InstallShield

2014-11-17 14:12 - 2014-11-26 15:18 - 00000000 ____D () C:\Windows\pss

2014-11-17 14:09 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-11-17 14:09 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\CCleaner

2014-11-17 14:09 - 2014-11-17 14:09 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-11-17 13:54 - 2014-11-26 17:30 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-11-17 13:53 - 2014-07-02 14:54 - 00061728 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2014-11-17 13:53 - 2014-07-02 13:42 - 04389848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2014-11-17 13:53 - 2014-07-02 13:42 - 03063256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll

2014-11-17 13:53 - 2014-07-02 13:42 - 00670552 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2014-11-17 13:53 - 2014-07-02 13:42 - 00377288 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2014-11-17 13:53 - 2014-07-02 13:42 - 00062936 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2014-11-17 13:53 - 2014-07-01 23:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin

2014-11-17 13:51 - 2014-07-02 14:54 - 24198088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll

2014-11-17 13:51 - 2014-07-02 14:54 - 16122344 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll

2014-11-17 13:51 - 2014-07-02 14:54 - 15296456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2014-11-17 13:51 - 2014-07-02 14:54 - 14498552 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll

2014-11-17 13:51 - 2014-07-02 14:54 - 11283344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2014-11-17 13:51 - 2014-07-02 14:54 - 11222048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2014-11-17 13:51 - 2014-07-02 14:54 - 10681176 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2014-11-17 13:51 - 2014-07-02 14:54 - 03988952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2014-11-17 13:51 - 2014-07-02 14:54 - 02814656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll

2014-11-17 13:51 - 2014-07-02 14:54 - 01054552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234052.dll

2014-11-17 13:51 - 2014-07-02 14:54 - 00907552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234052.dll

2014-11-17 13:51 - 2014-07-02 14:54 - 00907096 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll

2014-11-17 13:51 - 2014-07-02 14:54 - 00869152 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll

2014-11-17 13:51 - 2014-07-02 14:54 - 00021215 _____ () C:\Windows\system32\nvinfo.pb

2014-11-17 13:22 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-11-17 13:22 - 2014-11-23 09:08 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\Mozilla

2014-11-17 13:22 - 2014-11-17 13:22 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-11-17 13:22 - 2014-11-17 13:22 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-11-17 13:22 - 2014-11-17 13:22 - 00000000 ____D () C:\Users\Rickey\AppData\Local\Mozilla

2014-11-17 13:21 - 2010-11-20 06:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll

2014-11-17 13:21 - 2010-11-20 06:30 - 00245632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys

2014-11-17 13:21 - 2010-11-20 06:29 - 00520064 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll

2014-11-17 13:21 - 2010-11-20 06:29 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys

2014-11-17 13:21 - 2010-11-20 06:24 - 00508904 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2014-11-17 13:21 - 2010-11-20 06:24 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe

2014-11-17 13:21 - 2010-11-20 06:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 01086976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00750592 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll

2014-11-17 13:21 - 2010-11-20 06:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll

2014-11-17 13:21 - 2010-11-20 06:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2014-11-17 13:21 - 2010-11-20 06:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll

2014-11-17 13:21 - 2010-11-20 06:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll

2014-11-17 13:21 - 2010-11-20 06:20 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll

2014-11-17 13:21 - 2010-11-20 06:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll

2014-11-17 13:21 - 2010-11-20 06:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll

2014-11-17 13:21 - 2010-11-20 06:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll

2014-11-17 13:21 - 2010-11-20 06:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll

2014-11-17 13:21 - 2010-11-20 06:20 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL

2014-11-17 13:21 - 2010-11-20 06:19 - 03207680 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2014-11-17 13:21 - 2010-11-20 06:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll

2014-11-17 13:21 - 2010-11-20 06:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll

2014-11-17 13:21 - 2010-11-20 06:19 - 01493504 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll

2014-11-17 13:21 - 2010-11-20 06:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll

2014-11-17 13:21 - 2010-11-20 06:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll

2014-11-17 13:21 - 2010-11-20 06:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll

2014-11-17 13:21 - 2010-11-20 06:19 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll

2014-11-17 13:21 - 2010-11-20 06:19 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll

2014-11-17 13:21 - 2010-11-20 06:19 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll

2014-11-17 13:21 - 2010-11-20 06:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll

2014-11-17 13:21 - 2010-11-20 06:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll

2014-11-17 13:21 - 2010-11-20 06:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 00863744 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL

2014-11-17 13:21 - 2010-11-20 06:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 00252928 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll

2014-11-17 13:21 - 2010-11-20 06:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll

2014-11-17 13:21 - 2010-11-20 06:17 - 03367424 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe

2014-11-17 13:21 - 2010-11-20 06:17 - 01203200 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe

2014-11-17 13:21 - 2010-11-20 06:17 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe

2014-11-17 13:21 - 2010-11-20 06:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe

2014-11-17 13:21 - 2010-11-20 06:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe

2014-11-17 13:21 - 2010-11-20 06:17 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe

2014-11-17 13:21 - 2010-11-20 06:17 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe

2014-11-17 13:21 - 2010-11-20 06:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe

2014-11-17 13:21 - 2010-11-20 06:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe

2014-11-17 13:21 - 2010-11-20 06:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe

2014-11-17 13:21 - 2010-11-20 04:22 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll

2014-11-17 13:21 - 2010-11-20 04:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys

2014-11-17 13:21 - 2010-11-20 02:40 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys

2014-11-17 13:21 - 2010-11-04 20:20 - 00146852 _____ () C:\Windows\system32\systemsf.ebd

2014-11-17 13:21 - 2010-11-04 19:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll

2014-11-17 13:21 - 2010-11-04 19:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll

2014-11-17 13:21 - 2010-11-04 19:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe

2014-11-17 13:21 - 2010-11-04 19:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll

2014-11-17 13:20 - 2010-11-20 06:36 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe

2014-11-17 13:20 - 2010-11-20 06:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL

2014-11-17 13:20 - 2010-11-20 06:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL

2014-11-17 13:20 - 2010-11-20 06:30 - 00173440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys

2014-11-17 13:20 - 2010-11-20 06:30 - 00160128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys

2014-11-17 13:20 - 2010-11-20 06:30 - 00153984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys

2014-11-17 13:20 - 2010-11-20 06:30 - 00140160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys

2014-11-17 13:20 - 2010-11-20 06:30 - 00130432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys

2014-11-17 13:20 - 2010-11-20 06:30 - 00116096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys

2014-11-17 13:20 - 2010-11-20 06:30 - 00085376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys

2014-11-17 13:20 - 2010-11-20 06:30 - 00078208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys

2014-11-17 13:20 - 2010-11-20 06:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys

2014-11-17 13:20 - 2010-11-20 06:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys

2014-11-17 13:20 - 2010-11-20 06:30 - 00028032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys

2014-11-17 13:20 - 2010-11-20 06:29 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll

2014-11-17 13:20 - 2010-11-20 06:29 - 00274304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys

2014-11-17 13:20 - 2010-11-20 06:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll

2014-11-17 13:20 - 2010-11-20 06:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll

2014-11-17 13:20 - 2010-11-20 06:29 - 00137088 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll

2014-11-17 13:20 - 2010-11-20 06:24 - 00690680 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll

2014-11-17 13:20 - 2010-11-20 06:24 - 00271664 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL

2014-11-17 13:20 - 2010-11-20 06:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL

2014-11-17 13:20 - 2010-11-20 06:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL

2014-11-17 13:20 - 2010-11-20 06:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\sppinst.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL

2014-11-17 13:20 - 2010-11-20 06:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\sppuinotify.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\utildll.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll

2014-11-17 13:20 - 2010-11-20 06:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx

2014-11-17 13:20 - 2010-11-20 06:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL

2014-11-17 13:20 - 2010-11-20 06:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL

2014-11-17 13:20 - 2010-11-20 06:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL

2014-11-17 13:20 - 2010-11-20 06:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL

2014-11-17 13:20 - 2010-11-20 06:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL

2014-11-17 13:20 - 2010-11-20 06:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll

2014-11-17 13:20 - 2010-11-20 06:20 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL

2014-11-17 13:20 - 2010-11-20 06:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL

2014-11-17 13:20 - 2010-11-20 06:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL

2014-11-17 13:20 - 2010-11-20 06:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL

2014-11-17 13:20 - 2010-11-20 06:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00093696 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\system32\fms.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL

2014-11-17 13:20 - 2010-11-20 06:19 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll

2014-11-17 13:20 - 2010-11-20 06:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 01003520 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\activeds.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\adsldp.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll

2014-11-17 13:20 - 2010-11-20 06:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL

2014-11-17 13:20 - 2010-11-20 06:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll

2014-11-17 13:20 - 2010-11-20 06:17 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00257536 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00098816 _____ (Microsoft) C:\Windows\system32\Robocopy.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\MuiUnattend.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe

2014-11-17 13:20 - 2010-11-20 06:17 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe

2014-11-17 13:20 - 2010-11-20 06:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl

2014-11-17 13:20 - 2010-11-20 06:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr

2014-11-17 13:20 - 2010-11-20 06:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl

2014-11-17 13:20 - 2010-11-20 06:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe

2014-11-17 13:20 - 2010-11-20 06:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe

2014-11-17 13:20 - 2010-11-20 06:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe

2014-11-17 13:20 - 2010-11-20 06:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl

2014-11-17 13:20 - 2010-11-20 06:16 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl

2014-11-17 13:20 - 2010-11-20 06:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl

2014-11-17 13:20 - 2010-11-20 06:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr

2014-11-17 13:20 - 2010-11-20 06:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx

2014-11-17 13:20 - 2010-11-20 06:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl

2014-11-17 13:20 - 2010-11-20 06:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl

2014-11-17 13:20 - 2010-11-20 06:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv

2014-11-17 13:20 - 2010-11-20 06:16 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe

2014-11-17 13:20 - 2010-11-20 06:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr

2014-11-17 13:20 - 2010-11-20 06:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp

2014-11-17 13:20 - 2010-11-20 06:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr

2014-11-17 13:20 - 2010-11-20 06:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr

2014-11-17 13:20 - 2010-11-20 06:16 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax

2014-11-17 13:20 - 2010-11-20 06:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax

2014-11-17 13:20 - 2010-11-20 06:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe

2014-11-17 13:20 - 2010-11-20 06:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv

2014-11-17 13:20 - 2010-11-20 06:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax

2014-11-17 13:20 - 2010-11-20 06:16 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe

2014-11-17 13:20 - 2010-11-20 06:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl

2014-11-17 13:20 - 2010-11-20 06:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl

2014-11-17 13:20 - 2010-11-20 06:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe

2014-11-17 13:20 - 2010-11-20 06:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax

2014-11-17 13:20 - 2010-11-20 06:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe

2014-11-17 13:20 - 2010-11-20 06:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax

2014-11-17 13:20 - 2010-11-20 06:16 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax

2014-11-17 13:20 - 2010-11-20 06:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax

2014-11-17 13:20 - 2010-11-20 06:16 - 00065024 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe

2014-11-17 13:20 - 2010-11-20 06:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax

2014-11-17 13:20 - 2010-11-20 06:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax

2014-11-17 13:20 - 2010-11-20 06:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax

2014-11-17 13:20 - 2010-11-20 06:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax

2014-11-17 13:20 - 2010-11-20 06:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll

2014-11-17 13:20 - 2010-11-20 06:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll

2014-11-17 13:20 - 2010-11-20 06:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll

2014-11-17 13:20 - 2010-11-20 06:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll

2014-11-17 13:20 - 2010-11-20 06:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll

2014-11-17 13:20 - 2010-11-20 06:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME

2014-11-17 13:20 - 2010-11-20 06:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime

2014-11-17 13:20 - 2010-11-20 06:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll

2014-11-17 13:20 - 2010-11-20 06:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL

2014-11-17 13:20 - 2010-11-20 06:00 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL

2014-11-17 13:20 - 2010-11-20 05:57 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll

2014-11-17 13:20 - 2010-11-20 05:56 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll

2014-11-17 13:20 - 2010-11-20 04:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys

2014-11-17 13:20 - 2010-11-20 04:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys

2014-11-17 13:20 - 2010-11-20 04:21 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\RDPREFDD.dll

2014-11-17 13:20 - 2010-11-20 04:21 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys

2014-11-17 13:20 - 2010-11-20 04:07 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys

2014-11-17 13:20 - 2010-11-20 04:07 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys

2014-11-17 13:20 - 2010-11-20 04:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys

2014-11-17 13:20 - 2010-11-20 04:06 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys

2014-11-17 13:20 - 2010-11-20 04:06 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys

2014-11-17 13:20 - 2010-11-20 04:06 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys

2014-11-17 13:20 - 2010-11-20 04:00 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys

2014-11-17 13:20 - 2010-11-20 04:00 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys

2014-11-17 13:20 - 2010-11-20 04:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys

2014-11-17 13:20 - 2010-11-20 04:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys

2014-11-17 13:20 - 2010-11-20 03:59 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys

2014-11-17 13:20 - 2010-11-20 03:59 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys

2014-11-17 13:20 - 2010-11-20 03:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys

2014-11-17 13:20 - 2010-11-20 03:50 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys

2014-11-17 13:20 - 2010-11-20 03:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys

2014-11-17 13:20 - 2010-11-20 03:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys

2014-11-17 13:20 - 2010-11-20 03:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

2014-11-17 13:20 - 2010-11-20 03:24 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys

2014-11-17 13:20 - 2010-11-20 03:19 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys

2014-11-17 13:20 - 2010-11-20 02:47 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys

2014-11-17 13:20 - 2010-11-20 02:44 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys

2014-11-17 13:20 - 2010-11-20 02:42 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys

2014-11-17 13:20 - 2010-11-20 02:42 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys

2014-11-17 13:20 - 2010-11-20 02:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys

2014-11-17 13:20 - 2010-11-20 02:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys

2014-11-17 13:20 - 2010-11-20 02:39 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys

2014-11-17 13:20 - 2010-11-20 02:38 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys

2014-11-17 13:20 - 2010-11-19 23:23 - 00053600 _____ () C:\Windows\system32\dosx.exe

2014-11-17 13:20 - 2010-11-09 19:45 - 00010429 _____ () C:\Windows\system32\ScavengeSpace.xml

2014-11-17 13:20 - 2010-11-04 20:20 - 00105559 _____ () C:\Windows\system32\RacRules.xml

2014-11-17 13:20 - 2010-11-04 20:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll

2014-11-17 12:15 - 2014-11-17 12:15 - 00000000 ____D () C:\Users\Rickey\AppData\Local\Apps\2.0

2014-11-17 12:14 - 2014-11-17 13:07 - 00000000 ____D () C:\ProgramData\CanonIJScan

2014-11-17 12:12 - 2014-11-17 12:14 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\Canon

2014-11-17 11:10 - 2014-11-23 09:13 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-11-17 10:57 - 2014-11-23 09:08 - 00000000 ____D () C:\Users\Rickey\AppData\Local\NVIDIA

2014-11-17 10:21 - 2014-11-17 14:10 - 00000000 ____D () C:\Windows\Minidump

2014-11-17 10:05 - 2014-11-26 15:12 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-11-17 10:05 - 2014-11-17 13:52 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-11-17 10:03 - 2014-11-17 10:04 - 00000000 ____D () C:\Windows\system32\MRT

2014-11-17 10:03 - 2014-10-31 23:25 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-11-17 10:02 - 2011-04-08 23:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

2014-11-17 09:19 - 2014-11-20 18:38 - 00000000 ____D () C:\ProgramData\Adobe

2014-11-17 09:19 - 2014-11-04 14:30 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2014-11-17 09:18 - 2014-11-18 02:24 - 00000000 ____D () C:\Program Files\Belkin

2014-11-17 09:18 - 2014-11-17 12:47 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\Adobe

2014-11-17 09:14 - 2014-11-26 08:08 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

2014-11-17 09:14 - 2014-11-18 01:13 - 00000000 ____D () C:\Program Files\Netgear

2014-11-17 09:14 - 2010-05-05 07:01 - 00278560 _____ (Netgear) C:\Windows\system32\Drivers\G311N6.sys

2014-11-17 09:14 - 2009-12-03 03:27 - 00080416 _____ () C:\Windows\system32\RtNicProp.dll

2014-11-17 09:03 - 2014-11-26 15:42 - 00064024 _____ () C:\Users\Rickey\AppData\Local\GDIPFONTCACHEV1.DAT

2014-11-17 09:03 - 2014-11-17 09:03 - 00000000 ____D () C:\ProgramData\CanonIJQuickMenu

2014-11-17 09:00 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities

2014-11-17 09:00 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3500 series Manual

2014-11-17 09:00 - 2014-11-17 09:00 - 00000000 ____D () C:\ProgramData\CanonIJWSpt

2014-11-17 08:59 - 2014-11-23 09:15 - 00000000 ___HD () C:\Program Files\CanonBJ

2014-11-17 08:59 - 2014-11-17 08:59 - 00002304 _____ () C:\Users\Public\Desktop\Canon MG3500 series On-screen Manual.lnk

2014-11-17 08:58 - 2014-11-17 08:58 - 00000000 ____D () C:\Program Files\Microsoft.NET

2014-11-17 08:56 - 2014-11-23 09:05 - 00000000 ____D () C:\Program Files\Canon

2014-11-17 08:51 - 2014-11-23 09:07 - 00000000 ___HD () C:\ProgramData\CanonBJ

2014-11-17 08:51 - 2013-04-04 05:00 - 00317952 _____ (CANON INC.) C:\Windows\system32\CNMLMBV.DLL

2014-11-17 08:51 - 2013-02-04 15:10 - 00321536 _____ (CANON INC.) C:\Windows\system32\CNC_BVL.dll

2014-11-17 08:51 - 2012-11-26 12:32 - 00088576 _____ () C:\Windows\system32\CNC176ED.TBL

2014-11-17 08:51 - 2012-11-08 13:03 - 00262656 _____ (CANON INC.) C:\Windows\system32\CNC_BVC.dll

2014-11-17 08:51 - 2012-11-08 13:02 - 00096768 _____ (CANON INC.) C:\Windows\system32\CNC_BVI.dll

2014-11-17 08:51 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\system32\CNHMCA.dll

2014-11-17 08:50 - 2014-11-23 09:15 - 00000000 ____D () C:\Users\Rickey\AppData\Local\lptmp369672632

2014-11-17 08:50 - 2014-11-17 08:50 - 10395072 _____ (Webroot Software, Inc.) C:\Program Files\Common Files\wruninstall.exe

2014-11-17 08:49 - 2014-11-26 17:38 - 00000000 ____D () C:\ProgramData\WRData

2014-11-17 08:49 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere

2014-11-17 08:49 - 2014-11-23 09:15 - 00000000 ____D () C:\Program Files\Webroot

2014-11-17 08:49 - 2014-11-23 07:29 - 00153256 _____ (Webroot) C:\Windows\system32\WRusr.dll

2014-11-17 08:49 - 2014-11-23 07:29 - 00116736 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys

2014-11-17 08:47 - 2014-11-23 09:15 - 00000000 ____D () C:\Users\Rickey\AppData\Roaming\QFX Software

2014-11-17 08:47 - 2014-11-23 09:15 - 00000000 ____D () C:\ProgramData\QFX Software

2014-11-17 08:44 - 2014-11-26 17:25 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-11-17 08:44 - 2014-11-17 08:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

2014-11-17 08:43 - 2014-11-24 03:42 - 00000000 ____D () C:\Users\Rickey

2014-11-17 08:43 - 2014-11-23 09:15 - 00000000 ___RD () C:\Users\Rickey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-11-17 08:43 - 2014-11-23 09:15 - 00000000 ___RD () C:\Users\Rickey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-11-17 08:43 - 2014-11-17 08:43 - 00001413 _____ () C:\Users\Rickey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-11-17 08:43 - 2014-11-17 08:43 - 00000020 ___SH () C:\Users\Rickey\ntuser.ini

2014-11-17 08:43 - 2014-11-17 08:43 - 00000000 ____D () C:\Users\Rickey\AppData\Local\VirtualStore

2014-11-17 08:43 - 2014-11-17 08:43 - 00000000 ____D () C:\Recovery

2014-11-17 08:37 - 2014-11-26 17:34 - 01325065 _____ () C:\Windows\WindowsUpdate.log

2014-11-17 08:37 - 2014-11-17 08:37 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

2014-11-17 08:37 - 2014-11-17 08:37 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

2014-11-17 08:33 - 2014-11-20 18:36 - 00000000 ____D () C:\Windows\Panther

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-26 15:22 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\NDF

2014-11-26 15:16 - 2009-07-13 22:34 - 00022352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-11-26 15:16 - 2009-07-13 22:34 - 00022352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-11-26 15:15 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\LogFiles

2014-11-26 15:08 - 2009-07-13 22:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-11-26 15:08 - 2009-07-13 22:33 - 00286544 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-11-24 07:59 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\rescache

2014-11-23 13:01 - 2014-10-08 11:37 - 00000000 ____D () C:\Users\Rickey\Documents\Chameleon

2014-11-23 09:16 - 2009-07-14 01:48 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-11-23 09:16 - 2009-07-13 22:52 - 00000000 ____D () C:\Windows\twain_32

2014-11-23 09:16 - 2009-07-13 22:52 - 00000000 ____D () C:\Windows\Offline Web Pages

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 __RSD () C:\Windows\Media

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 __RHD () C:\Users\Public\Libraries

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\Public

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\TAPI

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\wfp

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\Msdtc

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\security

2014-11-23 09:16 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-11-23 09:15 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\Help

2014-11-23 09:15 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\AppCompat

2014-11-23 09:15 - 2009-07-13 20:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-11-23 09:14 - 2009-07-13 22:56 - 00000000 ____D () C:\Windows\system32\winrm

2014-11-23 09:14 - 2009-07-13 22:56 - 00000000 ____D () C:\Windows\system32\WCN

2014-11-23 09:14 - 2009-07-13 22:56 - 00000000 ____D () C:\Windows\system32\slmgr

2014-11-23 09:14 - 2009-07-13 22:56 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts

2014-11-23 09:14 - 2009-07-13 22:52 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell

2014-11-23 09:14 - 2009-07-13 22:52 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns

2014-11-23 09:14 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\Web

2014-11-23 09:14 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\Vss

2014-11-23 09:14 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\spp

2014-11-23 09:14 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\spool

2014-11-23 09:14 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\Speech

2014-11-23 09:14 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\SMI

2014-11-23 09:14 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\NetworkList

2014-11-23 09:14 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\MUI

2014-11-23 09:14 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\registration

2014-11-23 09:13 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\IME

2014-11-23 09:13 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\com

2014-11-23 09:12 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\Speech

2014-11-23 09:11 - 2009-07-13 22:52 - 00000000 ____D () C:\Windows\Performance

2014-11-23 09:11 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\schemas

2014-11-23 09:11 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\Resources

2014-11-23 09:11 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\PLA

2014-11-23 09:09 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\IME

2014-11-23 09:09 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\Globalization

2014-11-23 09:09 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\Branding

2014-11-23 09:07 - 2009-07-13 22:52 - 00000000 ____D () C:\Program Files\Windows Sidebar

2014-11-23 09:07 - 2009-07-13 22:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer

2014-11-23 09:07 - 2009-07-13 22:52 - 00000000 ____D () C:\Program Files\Windows Defender

2014-11-23 09:07 - 2009-07-13 20:37 - 00000000 __RHD () C:\Users\Default

2014-11-23 09:07 - 2009-07-13 20:37 - 00000000 ____D () C:\Program Files\Windows NT

2014-11-23 09:06 - 2009-07-13 22:52 - 00000000 ____D () C:\Program Files\Reference Assemblies

2014-11-23 09:06 - 2009-07-13 22:52 - 00000000 ____D () C:\Program Files\MSBuild

2014-11-23 09:05 - 2009-07-13 22:52 - 00000000 ____D () C:\Program Files\DVD Maker

2014-11-23 09:05 - 2009-07-13 20:37 - 00000000 ____D () C:\Program Files\Common Files\System

2014-11-23 09:05 - 2009-07-13 20:37 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines

2014-11-18 07:17 - 2009-07-13 22:52 - 00000000 ____D () C:\Windows\system32\FxsTmp

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\zh-HK

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\tr-TR

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\sv-SE

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\pt-PT

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\pt-BR

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\pl-PL

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\nl-NL

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\ko-KR

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\it-IT

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\hu-HU

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\fr-FR

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\fi-FI

2014-11-18 04:28 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\el-GR

2014-11-18 04:27 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\zh-TW

2014-11-18 04:27 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\zh-CN

2014-11-18 04:27 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\ru-RU

2014-11-18 04:27 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\nb-NO

2014-11-18 04:27 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\ja-JP

2014-11-18 04:27 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\de-DE

2014-11-18 00:17 - 2009-07-13 22:52 - 00000000 ____D () C:\Program Files\Windows Portable Devices

2014-11-18 00:17 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers

2014-11-18 00:15 - 2009-07-13 20:05 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll

2014-11-17 08:43 - 2009-07-13 22:52 - 00000000 ____D () C:\Windows\system32\restore

2014-11-17 08:43 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\system32\Recovery

2014-11-17 08:33 - 2009-07-13 22:57 - 00025600 ____N () C:\Windows\system32\config\BCD-Template.LOG

2014-11-17 08:33 - 2009-07-13 22:52 - 00028672 ____N () C:\Windows\system32\config\BCD-Template

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-25 06:05

==================== End Of Log ============================

Run date: 2014-11-26 17:17:22

-----------------------------

17:17:22.787 OS Version: Windows 6.1.7601 Service Pack 1

17:17:22.787 Number of processors: 4 586 0x203

17:17:22.787 ComputerName: MAVERICK UserName: Rickey

17:17:27.331 Initialize success

17:17:27.801 VM: initialized successfully

17:17:27.801 VM: Amd CPU supported

17:20:26.457 AVAST engine defs: 14112601

17:20:34.459 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005a

17:20:34.459 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3

17:20:34.529 Disk 0 MBR read successfully

17:20:34.539 Disk 0 MBR scan

17:20:34.569 Disk 0 Windows 7 default MBR code

17:20:34.579 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048

17:20:34.589 Disk 0 default boot code

17:20:34.599 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848

17:20:34.609 Disk 0 scanning sectors +625139712

17:20:34.679 Disk 0 scanning C:\Windows\system32\drivers

17:20:48.238 Service scanning

17:21:09.811 Service WRkrn C:\Windows\System32\drivers\WRkrn.sys **LOCKED** 32

17:21:11.381 Modules scanning

17:21:11.381 Disk 0 trace - called modules:

17:21:11.411 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor.sys

17:21:11.411 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x862f82e0]

17:21:11.421 3 CLASSPNP.SYS[8afa259e] -> nt!IofCallDriver -> [0x853c05d0]

17:21:11.421 5 ACPI.sys[836163d4] -> nt!IofCallDriver -> \Device\0000005a[0x853c0c68]

17:21:12.129 AVAST engine scan C:\Windows

17:21:13.799 AVAST engine scan C:\Windows\system32

17:25:26.354 AVAST engine scan C:\Windows\system32\drivers

17:25:51.469 AVAST engine scan C:\Users\Rickey

17:29:05.711 AVAST engine scan C:\ProgramData

17:29:31.174 Disk 0 statistics 2510040/0/0 @ 4.11 MB/s

17:29:31.190 Scan finished successfully

17:30:00.155 Disk 0 MBR has been saved successfully to "F:\whatTheTech\MBR.dat"

17:30:00.171 The log file has been saved successfully to "F:\whatTheTech\aswMBR.txt"

17:34:16.554 Disk 0 MBR has been saved successfully to "C:\Users\Rickey\Downloads\WhatTheTech\MBR.dat"

17:34:16.554 The log file has been saved successfully to "C:\Users\Rickey\Downloads\WhatTheTech\aswMBR.txt"

Rick

Advertisements

Register to Remove

#2 OCD

SuperHelper

Malware Team
5,574 posts

Posted 01 December 2014 - 11:34 PM

Hi BrotherPorter,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

I apologize for the delay in answering your post. It has been a few days since your original post, please run the following tools and post the new logs generated.

=========================

Security Check

Download Security Check by screen317 from here or here.

Save it to your Desktop.
- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

Malwarebytes Anti-Rootkit

Download Malwarebytes Anti-Rootkit
Once the file has been downloaded, right click on the downloaded file and select the Extract all menu option.
Follow the instructions to extract the ZIP file to a folder called mbar-versionnumber on your desktop.
Once the ZIP file has been extracted, open the folder and when that folder opens, double-click on the mbar folder.
Double-click on the mbar.exe file to launch Malwarebytes Anti-Rootkit.
After you double-click on the mbar.exe file, you may receive a User Account Control (UAC) message if you are sure you wish to allow the program to run. Please allow to start Malwarebytes Anti-Rootkit correctly.
Malwarebytes Anti-Rootkit will now install necessary drivers that are required for the program to operate correctly.
If you receive a DDA driver message like could not load DDA driver, click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer and will start automatically.

Please click by the introduction screen on the Next button to continue.

Next you will see the Update Database screen.
Click on the Update button so Malwarebytes Anti-Rootkit can download the latest definition updates.

When the update has finished, click on the Next button.

Next you can select some basic scanning options. Make sure the Drivers, Sectors, and System scan targets are selected before you click on the Scan button.
Malwarebytes Anti-Rootkit will now start scanning your computer for rootkits. This scan can take some time, so please be patient.

When the scan with Malwarebytes Anti-Rootkit is finished, the program will display a screen with the results from the scan.
Make sure everything is selected and that the option to create a restore point is checked.
Next click on the Cleanup button. Malwarebytes Anti-Rootkit will then prompt you to reboot your computer.
Click on Yes button to restart your computer.

There will now be two log files created in the mbar folder called system-log.txt and one that starts with mbar-log.
The mbar-log file will always start with mbar-log, but the rest will be named using a timestamp indicating the time it was run.
- For example, mbar-log-2012-11-12 (19-13-32).txt corresponds to mbar-log-year-month-day (hour-minute-second).txt.
The system-log.txt contains information about each time you have run MBAR and contains diagnostic information from the program.

=========================

Re-run Farbar Recovery Scan Tool it should be on your desktop.

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the tool opens click Yes to disclaimer.
Select the Addition box
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

checkup.txt
system-log.txt
mbar-log
FRST.txt
Addition.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#3 OCD

SuperHelper

Malware Team
5,574 posts

Posted 06 December 2014 - 12:43 AM

Hi BrotherPorter,

Just checking in to see if you still need help?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#4 BrotherPorter

Authentic Member

Authentic Member
24 posts

Posted 06 December 2014 - 09:00 AM

Where did my post get delivered? I posted everything that you requested about 2 days ago., This could be the interloper...he has kept files that I print from actually printing, proof of that can be confirmed by help desk at our local library and I could see it happening when I attempted to print a document which would help me to accomplish another keypoint. I'll put it again. Thanks.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-12-2014

Ran by Monk at 2014-12-02 15:56:57

Running from C:\Users\Monk\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}

AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)

Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)

Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.00 - Canon Inc.)

Canon MG3500 series On-screen Manual (HKLM\...\Canon MG3500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)

Canon MG3500 series User Registration (HKLM\...\Canon MG3500 series User Registration) (Version: - ‭Canon Inc.)

Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)

Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)

Creative System Information (HKLM\...\SysInfo) (Version: 1.10 - Creative Technology Limited)

DoxBox version 6.0 Beta (HKLM\...\{650A6F8D-35DD-4162-A119-A78A2B7E7885}_is1) (Version: 6.0 Beta - DoxBox)

Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.)

Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)

Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)

KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.5.0.0 - QFX Software Corporation)

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)

Mozilla Thunderbird 31.2.0 (x86 en-US) (HKLM\...\Mozilla Thunderbird 31.2.0 (x86 en-US)) (Version: 31.2.0 - Mozilla)

NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)

NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)

PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.311.0 - Tracker Software Products Ltd)

Sound Blaster X-Fi Go! Pro (HKLM\...\{587B7A6F-CA1F-4639-9083-16F9BB2363B4}) (Version: 1.0 - Creative Technology Limited)

Webroot SecureAnywhere (HKLM\...\WRUNINST) (Version: 8.0.5.111 - Webroot)

WinZip (HKLM\...\WinZip) (Version: 10.0 (6667) - WinZip Computing LP)

ZoneAlarm Firewall (Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden

ZoneAlarm Free Firewall (HKLM\...\ZoneAlarm Free Firewall) (Version: 13.3.052.000 - Check Point)

ZoneAlarm Security (Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3795844004-4128841395-3337064661-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

==================== Restore Points =========================

01-12-2014 02:48:44 Windows Update

01-12-2014 09:08:16 Checkpoint by HitmanPro

01-12-2014 09:09:29 Checkpoint by HitmanPro

01-12-2014 13:24:10 Windows Update

01-12-2014 14:00:19 Windows Modules Installer

01-12-2014 17:36:46 Windows Update

01-12-2014 23:58:41 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

02-12-2014 00:00:43 Installed OpenOffice 4.1.1

02-12-2014 00:13:48 Removed Microsoft Silverlight

02-12-2014 16:41:13 Windows Update

02-12-2014 20:10:13 Installed DirectX

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:04 - 2009-06-10 15:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {D5095EC4-86D7-4235-A494-0025955F775A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-30] (Google Inc.)

Task: {FF4D21F7-7829-4F47-96CD-10F11C5001E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-30] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-30 04:30 - 2014-07-02 13:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll

2014-11-30 03:53 - 2009-12-29 16:50 - 00073728 _____ () C:\Windows\SYSTEM32\CmdRtr.DLL

2014-11-30 03:53 - 2010-07-22 16:45 - 00181760 _____ () C:\Windows\SYSTEM32\APOMngr.DLL

2014-11-30 05:01 - 2014-11-25 00:39 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libglesv2.dll

2014-11-30 05:01 - 2014-11-25 00:39 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libegl.dll

2014-11-30 05:01 - 2014-11-25 00:39 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll

2014-11-30 05:01 - 2014-11-25 00:39 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\97533190.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\97533190.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"