WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93085 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Page popup, redirecting and while surfing steady ad popups. [Solved]

Started by Pacer , Nov 22 2014 06:47 AM

Dealin redirect

This topic is locked

65 replies to this topic

#46 Satchfan

SuperHelper

Malware Team
6,813 posts

Interests:LFC, music, more LFC, more music

Posted 18 December 2014 - 09:01 AM

You're showing great patience considering that this problem is still there. We have got rid of a lot but I've obviously missed something.

Prior to the problem, did you update your codec after seeing a message similar to "Your codec version is too old"?

Also, can you tell me what the two popup ads say.

I'd like you to uninstall Video Converter and then run FRST again.

Satchfan

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

Advertisements

Register to Remove

#47 Pacer

Authentic Member

Authentic Member
91 posts

Posted 18 December 2014 - 10:34 AM

Lol....I appreciate that....I'm in for the long haul. I never acknowledge any random update prompts(those are

equal to opening unknown email) I do check for Windows updates.

There are several popups in question: (1) a redirect to "genuine" looking tech support. (2) a streamnowmovie.com popup (3) a" irobin hood" toolbar (4) a retail popup that emerges from the scroll bar and a smaller separate popup, both are branded with "dealin". The page redirects are usually content specific...if I'm looking at sports or travel content...etc.

I can't find Video Converter in Programs, however I can find it using Run but there is no uninstall option. I even looked

in Revo Uninstaller and still no luck.

#48 Satchfan

SuperHelper

Malware Team
6,813 posts

Interests:LFC, music, more LFC, more music

Posted 18 December 2014 - 10:55 AM

Strange that AdwCleaner didn’t come up with them.

Let’s see if we can find them.

Please run SystemLook again, (if you no longer have it you can get it from one of the links below and save it to your Desktop.

SystemLook (32-bit)
SystemLook (64-bit)

double-click SystemLook.exe to run it.

copy the content of the following codebox into the main textfield - please make sure you include the colon, (:), at the beginning:

:filefind
*iRobin Hood*
*Video Converter*
*VideoCnv*

:folderfind
*iRobin Hood*
*Video Converter*
*VideoCnv*

:Regfind
iRobin Hood
Video Converter
VideoCnv

click the Look button to start the scan
when finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Please can you run FRST again after you’ve done that.

Satchfan

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#49 Pacer

Authentic Member

Authentic Member
91 posts

Posted 18 December 2014 - 12:56 PM

Requested logs:

SystemLook 04.09.10 by jpshortstuff

Log created at 12:32 on 18/12/2014 by monroe county

Administrator - Elevation successful

========== filefind ==========

Searching for "*iRobin Hood*"

No files found.

Searching for "*Video Converter*"

C:\AdwCleaner\Quarantine\C\Users\monroe county\AppData\Roaming\Microsoft\Windows\Start Menu\Video Converter\Uninstall Video Converter.lnk.vir --a---- 1231 bytes [05:34 09/09/2012] [05:34 09/09/2012] 30F4BC97F3B293078AE11411E64CDEEF

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COWON Media Center - jetAudio\jetToys\Video Converter.lnk --a---- 754 bytes [01:52 29/02/2012] [01:52 29/02/2012] 8A08E20BCFB969943A9CAB0DDD999BCC

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kastor Free Video Converter\Kastor Free Video Converter.lnk --a---- 1195 bytes [10:15 26/07/2011] [10:15 26/07/2011] C85547D1E3449CCC88C4BA7DA2569915

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kastor Free Video Converter\Uninstall Kastor Free Video Converter.lnk --a---- 1165 bytes [10:15 26/07/2011] [10:15 26/07/2011] 8A37D915B651B423B6C14E60AC63CA30

C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\COWON Media Center - jetAudio\jetToys\Video Converter.lnk --a---- 754 bytes [01:52 29/02/2012] [01:52 29/02/2012] 8A08E20BCFB969943A9CAB0DDD999BCC

C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Kastor Free Video Converter\Kastor Free Video Converter.lnk --a---- 1195 bytes [10:15 26/07/2011] [10:15 26/07/2011] C85547D1E3449CCC88C4BA7DA2569915

C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Kastor Free Video Converter\Uninstall Kastor Free Video Converter.lnk --a---- 1165 bytes [10:15 26/07/2011] [10:15 26/07/2011] 8A37D915B651B423B6C14E60AC63CA30

C:\Users\monroe county\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Kastor Free Video Converter.lnk --a---- 1201 bytes [10:15 26/07/2011] [10:15 26/07/2011] 3E7B7B07FFFFC98CA87F504316EA02A2

C:\Users\monroe county\Desktop\Kastor Free Video Converter.lnk --a---- 1177 bytes [10:15 26/07/2011] [10:15 26/07/2011] 2AE70F864879E8B307C9859564852C1F

Searching for "*VideoCnv*"

No files found.

========== folderfind ==========

Searching for "*iRobin Hood*"

No folders found.

Searching for "*Video Converter*"

C:\AdwCleaner\Quarantine\C\Users\monroe county\AppData\Roaming\Microsoft\Windows\Start Menu\Video Converter d------ [04:21 24/11/2014]

C:\Program Files (x86)\Kastor Free Video Converter d------ [10:15 26/07/2011]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kastor Free Video Converter d------ [10:15 26/07/2011]

C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Kastor Free Video Converter d------ [10:15 26/07/2011]

C:\Users\monroe county\AppData\Local\VirtualStore\Program Files (x86)\Kastor Free Video Converter d------ [13:33 30/06/2011]

Searching for "*VideoCnv*"

No folders found.

========== Regfind ==========

Searching for "iRobin Hood"

No data found.

Searching for "Video Converter"

[HKEY_CURRENT_USER\Software\Microsoft\IntelliPoint\AppSpecific\unins000.exe]

"Path"="C:\Program Files (x86)\Kastor Free Video Converter\unins000.exe"

[HKEY_CURRENT_USER\Software\Microsoft\IntelliPoint\AppSpecific\VideoConverter.exe]

"Path"="C:\Program Files (x86)\Kastor Free Video Converter\VideoConverter.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E4F16382-2654-46A2-A6C3-E4DD1BED89DB}\1.0\0\win32]

@="C:\Program Files (x86)\Kastor Free Video Converter\VideoShower.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{54042399-567A-4C14-A68D-FCF23B2875A0}\InprocServer32]

@="C:\Program Files (x86)\Kastor Free Video Converter\VideoShower.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{E4F16382-2654-46A2-A6C3-E4DD1BED89DB}\1.0\0\win32]

@="C:\Program Files (x86)\Kastor Free Video Converter\VideoShower.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kastor Free Video Converter_is1]

"Inno Setup: App Path"="C:\Program Files (x86)\Kastor Free Video Converter"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kastor Free Video Converter_is1]

"InstallLocation"="C:\Program Files (x86)\Kastor Free Video Converter\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kastor Free Video Converter_is1]

"Inno Setup: Icon Group"="Kastor Free Video Converter"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kastor Free Video Converter_is1]

"DisplayName"="Kastor Free Video Converter V 1.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kastor Free Video Converter_is1]

"UninstallString"=""C:\Program Files (x86)\Kastor Free Video Converter\unins000.exe""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kastor Free Video Converter_is1]

"QuietUninstallString"=""C:\Program Files (x86)\Kastor Free Video Converter\unins000.exe" /SILENT"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{54042399-567A-4C14-A68D-FCF23B2875A0}\InprocServer32]

@="C:\Program Files (x86)\Kastor Free Video Converter\VideoShower.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{E4F16382-2654-46A2-A6C3-E4DD1BED89DB}\1.0\0\win32]

@="C:\Program Files (x86)\Kastor Free Video Converter\VideoShower.dll"

[HKEY_USERS\S-1-5-21-177457807-164583720-2097069978-1000\Software\Microsoft\IntelliPoint\AppSpecific\unins000.exe]

"Path"="C:\Program Files (x86)\Kastor Free Video Converter\unins000.exe"

[HKEY_USERS\S-1-5-21-177457807-164583720-2097069978-1000\Software\Microsoft\IntelliPoint\AppSpecific\VideoConverter.exe]

"Path"="C:\Program Files (x86)\Kastor Free Video Converter\VideoConverter.exe"

Searching for "VideoCnv"

No data found.

-= EOF =-

-----------------------------------------

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014

Ran by monroe county (administrator) on MONROECOUNTY-PC on 18-12-2014 12:47:24

Running from C:\Users\monroe county\Downloads

Loaded Profile: monroe county (Available profiles: monroe county)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe

(CyberLink) C:\Program Files (x86)\Cyberlink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe

(CyberLink) C:\Program Files (x86)\Cyberlink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe

(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE

(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe

(Acer Group) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

() C:\Windows\PLFSetI.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe

(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe

(Suyin) C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP14.0.0\Temp\temporaryFolder\updates\bin\kav14\14.0.0.4651_i\avpui.exe.537_2553_4126.removeOnNextReboot

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Google Inc.) C:\Users\monroe county\AppData\Local\Google\Update\GoogleUpdate.exe

(Google Inc.) C:\Users\monroe county\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\plugin-nm-server.exe

(Google Inc.) C:\Users\monroe county\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-01-13] ()

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9913376 2009-12-29] (Realtek Semiconductor)

HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [860704 2010-03-17] (Acer Incorporated)

HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-23] (Intel Corporation)

HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe [252928 2010-03-08] (NewTech Infosystems, Inc.)

HKLM-x32\...\Run: [VideoWebCamera] => C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [1541472 2010-03-25] (Suyin)

HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-07] (Dritek System Inc.)

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()

HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [513048 2013-05-27] (CyberLink Corp.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-177457807-164583720-2097069978-1000\...\Run: [cdloader] => C:\Users\monroe county\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2014-07-04] (magicJack L.P.)

HKU\S-1-5-21-177457807-164583720-2097069978-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-19] (Google Inc.)

HKU\S-1-5-21-177457807-164583720-2097069978-1000\...\RunOnce: [Adobe Speed Launcher] => 1418796999

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk

ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)

Startup: C:\Users\monroe county\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk

ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

BootExecute: autocheck autochk * sdnclean64.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-177457807-164583720-2097069978-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome

HKU\S-1-5-21-177457807-164583720-2097069978-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-177457807-164583720-2097069978-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACGW

SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACGW

SearchScopes: HKU\S-1-5-21-177457807-164583720-2097069978-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...GW_enUS408US409

SearchScopes: HKU\S-1-5-21-177457807-164583720-2097069978-1000 -> {9B97950D-482C-1D79-568F-FC7B9D40C785} URL = http://www.bing.com/...eferrer:source}

BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKU\S-1-5-21-177457807-164583720-2097069978-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKU\S-1-5-21-177457807-164583720-2097069978-1000 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:

========

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-177457807-164583720-2097069978-1000: @tools.google.com/Google Update;version=3 -> C:\Users\monroe county\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-177457807-164583720-2097069978-1000: @tools.google.com/Google Update;version=9 -> C:\Users\monroe county\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-177457807-164583720-2097069978-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\monroe county\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru

FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-02-02]

FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com

FF Extension: Модуль перевірки посилань - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-06]

FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com

FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-06]

FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com

FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-06]

FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com

FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-06]

FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com

FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-06]

Chrome:

=======

CHR HomePage: Default -> chrome://chrome-urls/

CHR StartupUrls: Default -> "hxxp://search%20babylon%2Ccom/"

CHR Plugin: (Shockwave Flash) - C:\Users\monroe county\AppData\Local\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\monroe county\AppData\Local\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Users\monroe county\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll ()

CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\plugin/npABPlugin.dll No File

CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\plugin/content_blocker_npapi.dll No File

CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\plugin/npUrlAdvisor.dll No File

CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\plugin/online_banking_npapi.dll No File

CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\plugin/npVKPlugin.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File

CHR Plugin: (Java™ Platform SE 6 U32) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (Windows LiveÂ® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (Unity Player) - C:\Users\monroe county\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\Windows\SysWOW64\npdeployJava1.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File

CHR Profile: C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]

CHR Extension: (Kaspersky Protection) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-03-27]

CHR Extension: (Kaspersky URL Advisor) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2012-01-07]

CHR Extension: (2dopeboyz) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\gophlpodeadaoiebbeeikoaeboglkbna [2011-11-28]

CHR Extension: (Crysis 2) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfojcekopkaohjhpjalpglfgdladakd [2012-09-09]

CHR Extension: (Google Wallet) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]

CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-02-02]

CHR Extension: (Anti-Banner) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2012-01-07]

CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.googl...mnlhhddbepgkeaa [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.googl...mnlhhddbepgkeaa [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-08]

CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-08] (Kaspersky Lab ZAO)

R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\Cyberlink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-05-27] (CyberLink)

R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\Cyberlink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [323336 2013-05-27] (CyberLink)

R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION) [File not signed]

R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [250368 2010-03-08] (NewTech Infosystems, Inc.) [File not signed]

S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [292736 2013-08-15] (Puran Software) [File not signed]

S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)

R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288768 2011-03-09] (WDC) [File not signed]

R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1066896 2011-03-09] ()

S2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [491920 2011-03-09] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-18] (Siliten)

R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-07] (Kaspersky Lab ZAO)

S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-24] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-24] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-08] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-08] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-07] (Kaspersky Lab ZAO)

R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)

S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2014-12-11] ()

R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-05-27] (CyberLink Corp.)

S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-17 21:04 - 2014-12-17 21:04 - 66363669 _____ () C:\Users\monroe county\Downloads\Chase N Cashe - The Best There Is (RGF.iS).zip

2014-12-17 20:24 - 2014-12-17 20:26 - 139943335 _____ () C:\Users\monroe county\Downloads\D'Angelo & The Vanguard - Black Messiah (RGF.iS).zip

2014-12-16 22:01 - 2014-12-16 22:01 - 00000000 ____D () C:\Windows\SysWOW64\%Report%

2014-12-16 21:50 - 2014-12-16 21:50 - 00000000 ____D () C:\Western Digital

2014-12-16 19:47 - 2014-12-16 22:14 - 00008511 _____ () C:\Users\monroe county\Downloads\~ESETUninstaller.log

2014-12-15 19:30 - 2014-12-15 19:31 - 00671432 _____ (ESET) C:\Users\monroe county\Downloads\ESETUninstaller.exe

2014-12-13 16:58 - 2014-12-13 16:58 - 00001084 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk

2014-12-13 16:58 - 2014-12-13 16:58 - 00000000 ____D () C:\Users\monroe county\AppData\Local\VS Revo Group

2014-12-13 16:58 - 2014-12-13 16:58 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-12-13 16:58 - 2014-12-13 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro

2014-12-13 16:58 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys

2014-12-13 16:57 - 2014-12-13 16:57 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-12-13 16:50 - 2014-12-13 16:51 - 10691640 _____ (VS Revo Group ) C:\Users\monroe county\Downloads\RevoUninProSetup.exe

2014-12-13 02:15 - 2014-12-14 02:48 - 00000000 ____D () C:\Users\monroe county\AppData\Local\CrashDumps

2014-12-13 01:43 - 2014-12-13 01:43 - 00000811 _____ () C:\Users\monroe county\Desktop\SecurityCheck - Shortcut.lnk

2014-12-12 04:43 - 2014-12-12 04:43 - 00001217 _____ () C:\Users\monroe county\Desktop\ComboFix - Shortcut.lnk

2014-12-12 04:37 - 2014-12-12 04:37 - 00030007 _____ () C:\ComboFix.txt

2014-12-12 03:46 - 2011-06-25 22:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-12-12 03:46 - 2010-11-07 09:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-12-12 03:46 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-12-12 03:46 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-12-12 03:46 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-12-12 03:46 - 2000-08-30 16:00 - 00098816 _____ () C:\Windows\sed.exe

2014-12-12 03:46 - 2000-08-30 16:00 - 00080412 _____ () C:\Windows\grep.exe

2014-12-12 03:46 - 2000-08-30 16:00 - 00068096 _____ () C:\Windows\zip.exe

2014-12-12 03:42 - 2014-12-12 04:37 - 00000000 ____D () C:\Qoobox

2014-12-12 03:41 - 2014-12-12 04:34 - 00000000 ____D () C:\Windows\erdnt

2014-12-12 03:38 - 2014-12-12 03:39 - 05600944 ____R (Swearware) C:\Users\monroe county\Downloads\ComboFix.exe

2014-12-11 14:20 - 2014-12-11 14:20 - 00000000 __SHD () C:\Users\monroe county\AppData\Local\EmieUserList

2014-12-11 14:20 - 2014-12-11 14:20 - 00000000 __SHD () C:\Users\monroe county\AppData\Local\EmieSiteList

2014-12-11 14:20 - 2014-12-11 14:20 - 00000000 __SHD () C:\Users\monroe county\AppData\Local\EmieBrowserModeList

2014-12-11 14:03 - 2014-12-11 14:03 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys

2014-12-11 14:02 - 2014-12-11 14:03 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-12-11 14:00 - 2014-12-11 14:02 - 15201368 _____ () C:\Users\monroe county\Downloads\RogueKiller.exe

2014-12-09 20:53 - 2014-12-09 20:54 - 94631825 _____ () C:\Users\monroe county\Downloads\Havoc - 13 Reloaded (Deluxe Edition) (RGF.iS).zip

2014-12-08 22:42 - 2014-06-26 18:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-12-08 22:42 - 2014-06-26 17:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2014-12-08 22:40 - 2014-11-05 19:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-12-08 22:40 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL

2014-12-08 22:40 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL

2014-12-08 22:40 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL

2014-12-08 22:40 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL

2014-12-08 22:40 - 2014-07-08 18:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL

2014-12-08 22:40 - 2014-07-08 17:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL

2014-12-08 22:40 - 2014-07-08 17:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL

2014-12-08 22:40 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL

2014-12-08 22:40 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL

2014-12-08 22:40 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL

2014-12-08 22:40 - 2014-07-08 14:38 - 00419992 _____ () C:\Windows\system32\locale.nls

2014-12-08 22:40 - 2014-07-08 14:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls

2014-12-08 22:40 - 2014-06-23 19:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-12-08 22:40 - 2014-06-23 18:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-12-08 22:40 - 2013-11-26 00:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-12-08 22:40 - 2013-11-23 10:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2014-12-08 22:40 - 2013-11-23 09:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2014-12-08 22:40 - 2013-11-22 14:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2014-12-08 22:38 - 2014-02-03 18:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-12-08 22:38 - 2014-02-03 18:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-12-08 05:47 - 2014-12-08 05:47 - 00000000 ____D () C:\Windows\Panther

2014-12-08 05:41 - 2014-12-08 05:41 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-12-08 03:47 - 2013-05-09 21:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2014-12-08 03:47 - 2013-05-09 21:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2014-12-08 03:47 - 2013-05-09 20:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2014-12-08 03:47 - 2013-05-09 20:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2014-12-08 03:36 - 2014-12-08 22:48 - 00775124 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-12-08 03:24 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2014-12-08 03:16 - 2014-12-08 03:16 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-12-08 03:16 - 2014-12-08 03:16 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-12-08 03:16 - 2014-12-08 03:16 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2014-12-08 03:16 - 2014-12-08 03:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2014-12-08 03:16 - 2014-12-08 03:16 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2014-12-08 03:16 - 2014-12-08 03:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2014-12-08 03:16 - 2014-12-08 03:16 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-12-08 03:16 - 2014-12-08 03:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2014-12-08 03:16 - 2014-12-08 03:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2014-12-08 03:16 - 2014-12-08 03:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2014-12-08 03:16 - 2014-12-08 03:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2014-12-08 03:16 - 2014-12-08 03:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-12-08 03:16 - 2014-12-08 03:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-12-08 03:15 - 2014-12-08 03:15 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-12-08 03:15 - 2014-12-08 03:15 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-12-08 03:15 - 2014-12-08 03:15 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-12-08 03:15 - 2014-12-08 03:15 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-12-08 03:15 - 2014-12-08 03:15 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-12-08 03:15 - 2014-12-08 03:15 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-12-08 03:15 - 2014-12-08 03:15 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-12-08 03:15 - 2014-12-08 03:15 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-12-08 03:15 - 2014-12-08 03:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-12-08 03:15 - 2014-12-08 03:15 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-12-08 03:15 - 2014-12-08 03:15 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-12-08 03:15 - 2014-12-08 03:15 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-12-08 03:15 - 2014-12-08 03:15 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-12-08 03:15 - 2014-12-08 03:15 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-12-08 03:15 - 2014-12-08 03:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-12-08 03:15 - 2014-12-08 03:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-12-08 03:11 - 2014-12-08 03:11 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-12-08 03:06 - 2014-12-08 03:24 - 00011131 _____ () C:\Windows\IE11_main.log

2014-12-08 01:10 - 2014-12-08 01:20 - 00000000 ____D () C:\Windows\system32\MRT

2014-12-08 00:55 - 2014-06-30 14:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-12-08 00:55 - 2014-06-30 14:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2014-12-08 00:55 - 2014-03-09 13:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-12-08 00:55 - 2014-03-09 13:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-12-08 00:55 - 2014-03-09 13:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2014-12-08 00:55 - 2014-03-09 13:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

2014-12-08 00:54 - 2014-06-05 22:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-12-08 00:54 - 2014-06-05 22:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-12-08 00:51 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-12-08 00:51 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll

2014-12-08 00:51 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-12-08 00:51 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

2014-12-08 00:51 - 2014-10-13 18:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-12-08 00:51 - 2014-10-13 18:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-12-08 00:51 - 2014-10-13 17:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-12-08 00:51 - 2014-10-13 17:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-12-08 00:51 - 2014-04-11 18:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-12-08 00:51 - 2014-04-11 18:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-12-08 00:51 - 2014-04-11 18:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-12-08 00:51 - 2014-04-11 18:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-12-08 00:51 - 2014-04-11 18:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-12-08 00:51 - 2014-03-04 01:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-12-08 00:51 - 2014-03-04 01:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-12-08 00:51 - 2014-03-04 01:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-12-08 00:51 - 2014-03-04 01:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-12-08 00:51 - 2014-03-04 01:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-12-08 00:51 - 2014-03-04 01:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-12-08 00:51 - 2014-03-04 01:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-12-08 00:51 - 2014-03-04 01:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-12-08 00:51 - 2014-03-04 01:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-12-08 00:51 - 2014-03-04 01:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-12-08 00:51 - 2014-03-04 01:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-12-08 00:51 - 2014-03-04 01:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-12-08 00:51 - 2014-03-04 01:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2014-12-08 00:51 - 2014-03-04 01:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2014-12-08 00:51 - 2014-03-04 01:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2014-12-08 00:51 - 2014-03-04 01:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2014-12-08 00:51 - 2014-03-04 01:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-12-08 00:51 - 2014-03-04 01:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2014-12-08 00:51 - 2014-03-04 01:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-12-08 00:51 - 2013-08-01 18:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2014-12-08 00:51 - 2013-08-01 18:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2014-12-08 00:51 - 2013-08-01 17:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2014-12-08 00:51 - 2013-08-01 16:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2014-12-08 00:50 - 2014-10-13 18:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-12-08 00:50 - 2014-10-13 17:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-12-08 00:50 - 2014-06-03 02:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-12-08 00:50 - 2014-06-03 02:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-12-08 00:50 - 2014-06-03 02:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-12-08 00:50 - 2014-06-03 01:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-12-08 00:50 - 2014-06-03 01:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2014-12-08 00:50 - 2013-10-05 12:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2014-12-08 00:50 - 2013-10-05 11:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2014-12-08 00:50 - 2013-08-28 18:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2014-12-08 00:50 - 2013-08-28 18:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2014-12-08 00:50 - 2013-08-28 18:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2014-12-08 00:50 - 2013-08-28 17:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2014-12-08 00:50 - 2013-08-28 17:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2014-12-08 00:50 - 2013-08-28 17:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2014-12-08 00:50 - 2013-07-08 21:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2014-12-08 00:50 - 2013-07-08 21:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2014-12-08 00:50 - 2013-07-08 20:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2014-12-08 00:50 - 2013-07-08 20:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2014-12-08 00:49 - 2013-07-08 21:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2014-12-08 00:49 - 2013-07-08 20:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2014-12-08 00:47 - 2014-01-23 18:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2014-12-08 00:47 - 2013-10-11 18:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2014-12-08 00:47 - 2013-10-11 18:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2014-12-08 00:47 - 2013-10-11 18:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2014-12-08 00:47 - 2013-10-11 18:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2014-12-08 00:47 - 2013-10-11 18:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2014-12-08 00:47 - 2013-08-27 17:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2014-12-08 00:47 - 2013-07-25 01:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2014-12-08 00:47 - 2013-07-25 00:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2014-12-08 00:47 - 2013-07-04 04:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2014-12-08 00:47 - 2013-05-12 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll

2014-12-08 00:47 - 2013-05-12 19:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2014-12-08 00:47 - 2013-05-12 19:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2014-12-08 00:47 - 2013-05-12 19:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2014-12-08 00:43 - 2014-10-17 18:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2014-12-08 00:43 - 2014-10-17 17:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2014-12-08 00:43 - 2013-10-11 18:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2014-12-08 00:43 - 2013-10-11 18:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2014-12-08 00:43 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2014-12-08 00:43 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2014-12-08 00:43 - 2013-10-11 17:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2014-12-08 00:43 - 2013-10-11 17:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2014-12-08 00:43 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2014-12-08 00:43 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2014-12-08 00:42 - 2014-08-22 18:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-12-08 00:42 - 2014-08-22 17:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-12-08 00:42 - 2014-08-20 22:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-12-08 00:42 - 2014-08-20 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-12-08 00:42 - 2014-08-20 22:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-12-08 00:42 - 2014-08-20 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-12-08 00:42 - 2013-07-04 04:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2014-12-08 00:42 - 2013-07-04 03:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2014-12-08 00:42 - 2013-06-25 14:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2014-12-08 00:25 - 2014-07-13 18:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-12-08 00:25 - 2014-07-13 17:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-12-07 21:23 - 2014-08-01 03:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-12-07 21:23 - 2014-08-01 03:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

2014-12-07 21:23 - 2013-04-25 15:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2014-12-07 21:23 - 2013-03-31 14:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

2014-12-07 21:22 - 2014-10-13 18:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll

2014-12-07 21:22 - 2014-10-13 18:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2014-12-07 21:22 - 2014-10-13 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2014-12-07 21:22 - 2014-10-13 17:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2014-12-07 21:22 - 2014-10-13 17:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2014-12-07 21:22 - 2014-09-19 01:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-12-07 21:22 - 2014-09-19 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-12-07 21:22 - 2014-09-19 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-12-07 21:22 - 2014-09-19 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-12-07 21:22 - 2014-09-19 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-12-07 21:22 - 2014-09-19 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-12-07 21:22 - 2014-09-19 01:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-12-07 21:22 - 2014-09-19 01:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-12-07 21:22 - 2014-09-19 01:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-12-07 21:22 - 2014-09-19 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-12-07 21:22 - 2014-09-19 01:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-12-07 21:22 - 2014-09-19 01:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-12-07 21:22 - 2014-07-16 18:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-12-07 21:22 - 2014-07-16 18:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2014-12-07 21:22 - 2014-07-16 18:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-12-07 21:22 - 2014-07-16 18:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll

2014-12-07 21:22 - 2014-07-16 18:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll

2014-12-07 21:22 - 2014-07-16 17:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll

2014-12-07 21:22 - 2014-07-16 17:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-12-07 21:22 - 2014-07-16 17:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2014-12-07 21:22 - 2014-07-16 17:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2014-12-07 21:22 - 2014-07-16 17:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys

2014-12-07 21:22 - 2014-07-16 17:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2014-12-07 21:21 - 2014-06-24 18:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-12-07 21:21 - 2014-06-24 17:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-12-07 21:21 - 2014-05-29 22:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-12-07 21:21 - 2014-04-04 18:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-12-07 21:21 - 2014-04-04 18:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-12-07 21:21 - 2013-11-26 03:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-12-07 21:21 - 2013-08-04 18:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2014-12-07 21:21 - 2013-07-25 18:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2014-12-07 21:21 - 2013-07-25 17:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2014-12-07 21:20 - 2014-09-09 14:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-12-07 21:20 - 2014-09-09 13:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-12-07 21:20 - 2014-02-03 18:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys

2014-12-07 21:20 - 2014-02-03 18:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2014-12-07 21:20 - 2014-02-03 18:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys

2014-12-07 21:20 - 2014-02-03 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll

2014-12-07 21:20 - 2014-02-03 18:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll

2014-12-07 21:20 - 2013-11-26 17:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-12-07 21:20 - 2013-11-26 17:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-12-07 21:20 - 2013-11-26 17:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-12-07 21:20 - 2013-11-26 17:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-12-07 21:20 - 2013-11-26 17:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-12-07 21:20 - 2013-11-26 17:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2014-12-07 21:20 - 2013-11-26 17:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-12-07 21:19 - 2013-05-09 21:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll

2014-12-07 21:19 - 2013-05-09 19:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll

2014-12-07 21:18 - 2014-06-18 14:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll

2014-12-07 21:18 - 2014-06-18 14:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll

2014-12-07 21:18 - 2014-06-18 14:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll

2014-12-07 21:18 - 2014-06-18 14:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll

2014-12-07 21:18 - 2014-06-18 14:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll

2014-12-07 21:18 - 2014-06-18 14:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll

2014-12-07 21:18 - 2013-12-03 18:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll

2014-12-07 21:18 - 2013-12-03 18:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll

2014-12-07 21:18 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll

2014-12-07 21:18 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll

2014-12-07 21:18 - 2013-12-03 18:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-12-07 21:18 - 2013-12-03 18:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe

2014-12-07 21:18 - 2013-12-03 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe

2014-12-07 21:18 - 2013-12-03 18:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe

2014-12-07 21:18 - 2013-12-03 18:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe

2014-12-07 21:18 - 2013-12-03 18:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll

2014-12-07 21:18 - 2013-12-03 18:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll

2014-12-07 21:18 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll

2014-12-07 21:18 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll

2014-12-07 21:18 - 2013-12-03 18:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2014-12-07 21:18 - 2013-12-03 17:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe

2014-12-07 21:18 - 2013-12-03 17:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe

2014-12-07 21:18 - 2013-12-03 17:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe

2014-12-07 21:18 - 2013-12-03 17:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

2014-12-07 21:18 - 2013-10-03 18:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2014-12-07 21:18 - 2013-10-03 18:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll

2014-12-07 21:18 - 2013-10-03 17:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2014-12-07 21:18 - 2013-10-03 17:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll

2014-12-07 21:17 - 2014-04-24 18:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-12-07 21:17 - 2014-04-24 18:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-12-07 21:13 - 2013-07-04 04:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2014-12-07 21:13 - 2013-07-04 04:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2014-12-07 21:13 - 2013-07-04 03:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2014-12-07 21:13 - 2013-07-04 03:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2014-12-07 21:13 - 2013-07-04 02:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2014-12-07 21:12 - 2014-06-17 18:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-12-07 21:12 - 2014-06-17 17:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-12-07 21:06 - 2014-11-05 09:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2014-12-07 21:06 - 2014-11-05 09:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-12-07 21:06 - 2014-11-05 09:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-12-07 21:04 - 2014-06-06 02:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-12-07 21:04 - 2014-06-06 01:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-12-07 21:04 - 2013-04-25 21:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2014-12-07 21:04 - 2013-04-25 20:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2014-12-07 21:02 - 2014-01-27 18:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-12-07 21:02 - 2013-09-07 18:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll

2014-12-07 21:02 - 2013-09-07 18:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll

2014-12-07 21:01 - 2014-10-24 17:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll

2014-12-07 21:01 - 2014-10-24 17:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll

2014-12-07 21:01 - 2014-10-02 18:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll

2014-12-07 21:01 - 2014-10-02 18:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

2014-12-07 21:01 - 2014-10-02 18:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll

2014-12-07 21:01 - 2014-10-02 18:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll

2014-12-07 21:01 - 2014-10-02 18:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll

2014-12-07 21:01 - 2014-10-02 17:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll

2014-12-07 21:01 - 2014-10-02 17:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll

2014-12-07 21:01 - 2014-10-02 17:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll

2014-12-07 21:01 - 2014-09-24 18:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2014-12-07 21:01 - 2014-09-24 17:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2014-12-07 21:01 - 2014-08-11 18:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL

2014-12-07 21:01 - 2014-08-11 17:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL

2014-12-07 21:01 - 2014-06-15 18:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-12-07 21:01 - 2014-03-26 06:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-12-07 21:01 - 2014-03-26 06:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2014-12-07 21:01 - 2014-03-26 06:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-12-07 21:01 - 2014-03-26 06:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2014-12-07 21:01 - 2013-10-03 18:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2014-12-07 21:01 - 2013-10-03 17:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2014-12-07 21:01 - 2013-07-20 02:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-12-07 21:01 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2014-12-07 21:01 - 2013-07-12 02:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys

2014-12-07 21:01 - 2013-07-12 02:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys

2014-12-07 21:01 - 2013-07-12 02:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys

2014-12-07 21:01 - 2013-06-05 21:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2014-12-07 21:01 - 2013-06-05 21:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2014-12-07 21:01 - 2013-06-05 21:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2014-12-07 21:01 - 2013-06-05 21:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2014-12-07 21:01 - 2013-06-05 20:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2014-12-07 21:01 - 2013-06-05 20:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2014-12-07 21:01 - 2013-06-05 20:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2014-12-07 21:01 - 2013-06-05 19:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2014-12-07 21:01 - 2013-06-05 19:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2014-12-07 21:01 - 2013-06-05 19:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2014-12-07 21:00 - 2014-09-03 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll

2014-12-07 21:00 - 2014-09-03 21:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll

2014-12-07 21:00 - 2014-01-28 18:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-12-07 21:00 - 2014-01-28 18:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-12-07 21:00 - 2013-10-29 18:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2014-12-07 21:00 - 2013-10-29 18:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2014-12-07 21:00 - 2013-10-18 18:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2014-12-07 21:00 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2014-12-07 21:00 - 2013-07-02 20:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys

2014-12-07 21:00 - 2013-07-02 20:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2014-12-07 21:00 - 2013-07-02 20:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2014-12-07 20:58 - 2014-10-09 16:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-12-07 20:58 - 2014-03-04 01:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-12-07 20:58 - 2014-03-04 01:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2014-12-07 20:58 - 2014-03-04 01:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2014-12-07 20:58 - 2014-03-04 01:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2014-12-07 20:58 - 2014-03-04 01:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2014-12-07 20:58 - 2014-03-04 01:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2014-12-07 20:58 - 2014-03-04 01:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2014-12-07 20:58 - 2014-03-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2014-12-07 20:58 - 2014-03-04 01:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2014-12-07 20:58 - 2014-03-04 00:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2014-12-07 20:58 - 2014-03-04 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2014-12-07 20:58 - 2013-08-01 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 17:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2014-12-07 20:58 - 2013-08-01 16:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 16:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 16:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2014-12-07 20:58 - 2013-08-01 16:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2014-12-07 06:32 - 2014-12-07 06:32 - 01761992 _____ (ESET) C:\Users\monroe county\Downloads\eset_nod32_antivirus_live_installer.exe

2014-12-07 02:25 - 2014-12-07 02:26 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\monroe county\Downloads\mbam-setup-2.0.4.1028.exe

2014-11-30 21:34 - 2014-11-30 21:34 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MONROECOUNTY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat

2014-11-30 21:33 - 2014-11-30 21:33 - 00000000 ____D () C:\RegBackup

2014-11-30 21:32 - 2014-11-30 21:32 - 00002242 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk

2014-11-30 21:32 - 2014-11-30 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com

2014-11-30 21:32 - 2014-11-30 21:32 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com

2014-11-30 21:30 - 2014-11-30 21:31 - 04215584 _____ () C:\Users\monroe county\Downloads\tweaking.com_registry_backup_setup.exe

2014-11-29 07:32 - 2014-11-29 07:34 - 98450061 _____ () C:\Users\monroe county\Downloads\The_Trinity_3rd_Sermon-(DatPiff.com).zip

2014-11-29 05:10 - 2014-12-18 12:38 - 00011842 _____ () C:\Users\monroe county\Downloads\SystemLook.txt

2014-11-29 05:06 - 2014-11-29 05:06 - 00096256 _____ () C:\Users\monroe county\Downloads\SystemLook_x64.exe

2014-11-29 04:45 - 2014-11-29 04:45 - 00000000 ____D () C:\_OTL

2014-11-28 02:39 - 2014-11-28 02:39 - 00067880 _____ () C:\Users\monroe county\Downloads\Extras.Txt

2014-11-28 02:38 - 2014-12-07 02:00 - 00098362 _____ () C:\Users\monroe county\Downloads\OTL.Txt

2014-11-28 02:04 - 2014-11-28 02:05 - 00602112 _____ (OldTimer Tools) C:\Users\monroe county\Downloads\OTL.exe

2014-11-27 04:13 - 2014-11-27 04:13 - 00062894 _____ ( ) C:\Users\monroe county\Downloads\SafeBootKeyRepair-CF (3).exe

2014-11-27 03:59 - 2014-11-27 03:59 - 00062894 _____ ( ) C:\Users\monroe county\Downloads\SafeBootKeyRepair-CF (2).exe

2014-11-27 03:57 - 2014-11-27 03:57 - 00062894 _____ ( ) C:\Users\monroe county\Downloads\SafeBootKeyRepair-CF (1).exe

2014-11-27 02:43 - 2014-11-27 02:43 - 00062894 _____ ( ) C:\Users\monroe county\Downloads\SafeBootKeyRepair-CF.exe

2014-11-27 02:35 - 2014-12-18 12:47 - 00000000 ____D () C:\Users\monroe county\Downloads\FRST-OlderVersion

2014-11-23 21:19 - 2014-11-23 21:19 - 00854414 _____ () C:\Users\monroe county\Downloads\SecurityCheck.exe

2014-11-23 21:04 - 2014-11-23 21:04 - 00001468 _____ () C:\Users\monroe county\Desktop\JRT.txt

2014-11-23 20:53 - 2014-11-23 20:53 - 00000000 ____D () C:\Windows\ERUNT

2014-11-23 20:52 - 2014-11-23 20:52 - 01707532 _____ (Thisisu) C:\Users\monroe county\Downloads\JRT.exe

2014-11-23 20:17 - 2014-11-23 20:21 - 00000000 ____D () C:\AdwCleaner

2014-11-23 20:14 - 2014-11-23 20:16 - 02148864 _____ () C:\Users\monroe county\Downloads\adwcleaner_4.102.exe

2014-11-23 19:51 - 2014-11-23 19:57 - 00504612 _____ () C:\Users\monroe county\Downloads\avgremover.log

2014-11-23 19:51 - 2014-11-23 19:51 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\monroe county\Downloads\avg_remover_stf_x86_2015_5501.exe

2014-11-22 05:45 - 2014-11-22 05:46 - 00031214 _____ () C:\Users\monroe county\Downloads\Addition.txt

2014-11-22 05:43 - 2014-12-18 12:47 - 00026142 _____ () C:\Users\monroe county\Downloads\FRST.txt

2014-11-22 05:41 - 2014-12-18 12:47 - 00000000 ____D () C:\FRST

2014-11-22 05:39 - 2014-12-18 12:47 - 02121216 _____ (Farbar) C:\Users\monroe county\Downloads\FRST64.exe

2014-11-22 03:56 - 2014-11-22 03:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\monroe county\Downloads\HiJackThis (1).exe

2014-11-22 02:52 - 2014-11-22 02:52 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-11-22 02:47 - 2014-11-22 02:47 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\monroe county\Downloads\mbam-setup-2.0.3.1025.exe

2014-11-20 17:51 - 2014-11-20 18:02 - 132269198 _____ () C:\Users\monroe county\Downloads\MAFE-PROJECT.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-18 12:48 - 2010-12-14 23:58 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-12-18 12:37 - 2011-01-29 02:15 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-177457807-164583720-2097069978-1000UA.job

2014-12-18 12:31 - 2013-06-09 05:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-12-18 12:31 - 2010-12-05 21:10 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-12-18 09:53 - 2010-04-26 22:28 - 01830933 _____ () C:\Windows\WindowsUpdate.log

2014-12-18 09:45 - 2012-07-29 18:36 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{17228031-BA8E-4CA5-A7E2-26E7BBF2A1D1}

2014-12-18 09:45 - 2011-01-29 02:15 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-177457807-164583720-2097069978-1000Core.job

2014-12-17 18:33 - 2010-12-05 21:10 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-12-16 22:24 - 2009-07-13 20:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-12-16 22:24 - 2009-07-13 20:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-12-16 22:21 - 2009-07-13 20:51 - 00175385 _____ () C:\Windows\setupact.log

2014-12-16 22:15 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-12-16 19:03 - 2012-04-16 14:06 - 00001030 _____ () C:\Users\monroe county\Desktop\magicJack.lnk

2014-12-16 19:03 - 2012-04-16 14:06 - 00001016 _____ () C:\Users\monroe county\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\magicJack.lnk

2014-12-16 19:03 - 2011-06-12 06:19 - 00000000 ____D () C:\Users\monroe county\AppData\Roaming\mjusbsp

2014-12-15 19:56 - 2009-07-13 21:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-12-15 19:06 - 2013-02-27 16:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-12-14 06:45 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache

2014-12-14 01:35 - 2010-04-19 01:17 - 00745922 _____ () C:\Windows\PFRO.log

2014-12-13 04:49 - 2011-09-27 16:55 - 00000000 ____D () C:\Users\monroe county\Documents\My Projects

2014-12-12 07:24 - 2014-06-22 05:43 - 00001140 _____ () C:\Users\Public\Desktop\Full Flush Poker 8.2.lnk

2014-12-12 04:37 - 2009-07-13 19:20 - 00000000 __RHD () C:\Users\Default

2014-12-12 04:32 - 2009-07-13 18:34 - 00000215 _____ () C:\Windows\system.ini

2014-12-12 02:12 - 2009-07-13 20:45 - 00336064 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-12-09 20:03 - 2013-06-09 05:16 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-12-09 20:03 - 2012-09-09 00:43 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-12-09 20:03 - 2011-07-01 00:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-12-08 18:54 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

2014-12-08 18:53 - 2010-12-05 20:10 - 00001420 _____ () C:\Users\monroe county\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-12-08 05:41 - 2009-07-13 23:45 - 00000000 ____D () C:\Program Files\Windows Journal

2014-12-08 05:41 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK

2014-12-08 05:41 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR

2014-12-08 05:41 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\zh-HK

2014-12-08 05:41 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\tr-TR

2014-12-08 05:41 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-12-08 05:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Defender

2014-12-08 05:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-12-08 05:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-12-08 05:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-12-08 05:31 - 2013-06-01 21:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-12-08 05:31 - 2013-06-01 21:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-12-08 02:51 - 2010-04-19 00:54 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-12-08 01:25 - 2013-06-01 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-12-06 23:14 - 2010-04-26 22:41 - 00000000 ____D () C:\ProgramData\CyberLink

2014-11-28 02:11 - 2011-02-21 18:23 - 00000474 _____ () C:\Users\monroe county\AppData\Roaming\wklnhst.dat

2014-11-28 02:08 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\system32\FxsTmp

2014-11-24 21:44 - 2009-07-13 21:08 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-11-24 14:04 - 2010-12-05 21:02 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2014-11-23 19:57 - 2011-12-16 00:54 - 00000000 ____D () C:\Program Files (x86)\AVG

2014-11-22 10:40 - 2014-10-24 13:58 - 00000000 ____D () C:\Users\monroe county\AppData\Local\Avg

2014-11-22 04:21 - 2014-11-14 03:41 - 00013677 _____ () C:\Users\monroe county\Downloads\hijackthis.log

2014-11-22 03:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SchCache

2014-11-18 23:14 - 2012-04-07 06:19 - 00000000 ____D () C:\Users\monroe county\Downloads\New songs

2014-11-18 21:00 - 2011-05-27 11:25 - 00000000 ____D () C:\Users\monroe county\AppData\Local\MediaMonkey

Some content of TEMP:

====================

C:\Users\monroe county\AppData\Local\Temp\Full Flush Poker Updater.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-15 21:38

==================== End Of Log ============================

#50 Satchfan

SuperHelper

Malware Team
6,813 posts

Interests:LFC, music, more LFC, more music

Posted 18 December 2014 - 03:41 PM

Thanks for the logs.

I'll reply as soon as I can but please be patient because, as you can understand, it's a bit hectic at this time of year.

Satchfan

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#51 Satchfan

SuperHelper

Malware Team
6,813 posts

Interests:LFC, music, more LFC, more music

Posted 19 December 2014 - 07:47 AM

Open notepad. Please copy the contents of the code box below.


CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-177457807-164583720-2097069978-1000 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
CHR StartupUrls: Default -> "hxxp://search%20babylon%2Ccom/"
CHR Plugin: (Native Client) - C:\Users\monroe county\AppData\Local\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (2dopeboyz) - C:\Users\monroe county\AppData\Local\Google\Chrome\User Data\Default\Extensions\gophlpodeadaoiebbeeikoaeboglkbna [2011-11-28]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.googl...mnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.googl...mnlhhddbepgkeaa [Not Found]

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

save the files as fixlist.txt in the same folder as FRST – NOTE: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work
run FRST64 then click Fix just once and wait
it will create a log (Fixlog.txt); please post it to your reply.

================================================

Let’s try resetting your browsers as that is where the problem lays, (with Chrome – as usual).

Please download zoek.exe and save it to your desktop (Firefox users right click and Save Link As...).

close any open browsers
temporarily disable your antivirus program
double click zoek.zip
double click on zoek.exe to run it, (please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up)
copy the text below and paste it into the large window in the zoek tool:

iedefaults;
ffdefaults;
chrdefaults;
emptyclsid;
emptyalltemp;
autoclean;
click on the “Run script” button
please be patient; it may take a few minutes until a log opens (this may be after reboot, if required)
copy (Ctrl +C) and paste (Ctrl +V) the contents of the entire log back here.

Note: It will also create a log in the C:\ directory named zoek-results.log.

When you’ve done this, run FRST again and let me know if the problem is still there.

Satchfan

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#52 Pacer

Authentic Member

Authentic Member
91 posts

Posted 20 December 2014 - 03:14 AM

Requested logs:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2014

Ran by monroe county at 2014-12-20 02:24:04 Run:1

Running from C:\Users\monroe county\Documents\My Projects\New folder

Loaded Profile: monroe county (Available profiles: monroe county)

Boot Mode: Normal

==============================================

Content of fixlist:

*****************