Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

My computer is infected and I can't cure it [Closed]


  • This topic is locked This topic is locked
10 replies to this topic

#1 TRJolly

TRJolly

    New Member

  • Authentic Member
  • Pip
  • 7 posts
  • Interests:Wood Working
    Movie Making

Posted 13 December 2014 - 11:51 PM

This is my second attempt to post this As my computer keeps locking up.I have tried many different programs to find a virus that has infected my computer. The problems with blue screen and lockups are becoming more frequent. Can any one help?

Attached Files


    Advertisements

Register to Remove


#2 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 16 December 2014 - 08:13 AM

:welcome:

 

You have AVG and Avast Antivirus installed and both are running as a service, Microsoft recommends having just one Antivirus program running, keeping it updated and running regular scans, these two may be fighting each other so its your call but you need to go to Programs and features and uninstall one, then reboot your system and tell me if it made a difference and we can go from there 



 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#3 TRJolly

TRJolly

    New Member

  • Authentic Member
  • Pip
  • 7 posts
  • Interests:Wood Working
    Movie Making

Posted 16 December 2014 - 07:23 PM

I uninstalled Avast, rebooted. I have to disconnect from network to get computer to restart, This issue existed before. I ran a whole computer scan with Avg,  no infections found. When I restart computer The splash screen flashes numerous times and it takes 10 minutes for windows to load.The one thing that has changed is the restore point that was created is still present. Up to this point they disappear usually after the computer freezes. Several months back AVG reported a Trojan backdoor on a flash drive and removed it that's when all of these problems became more intense.



#4 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 16 December 2014 - 09:38 PM

Lets run a few programs as I see a few questionable entries on your FRST log

 

Download MiniToolBox and save it to your desktop,  right click on it and select RUN AS ADMINISTRATOR
 
Checkmark the following boxes:
  • Flush DNS 
  • Reset IE Proxy Settings 
  •  
    Click Go and post the result (Result.txt) that pops up. A copy of result.txt will be saved in the same directory the tool is run.
     
     
    =====================================================================
     
     
     

    Download Malwarebytes' Anti-Malware  to your desktop. 
     
  • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  •  
    MBAM203_zps0a230260.jpg
     
     
  • On the Dashboard click on Update Now
  • Go to the Setting Tab
  • Under Setting go to Detection and Protection
  • Under PUP and PUM make sure both are set to show Threat Detections as Malware
  • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked<----------
  • Then on the Dashboard click on Scan
  • Make sure to select THREAT SCAN
  • Then click on Scan
  • When the scan is finished click on VIEW DETAILED LOG
  • When it opens click on COPY TO CLIPBOARD
  • Then paste the log back into this thread for review
  • Exit Malwarebytes


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #5 TRJolly

    TRJolly

      New Member

    • Authentic Member
    • Pip
    • 7 posts
    • Interests:Wood Working
      Movie Making

    Posted 17 December 2014 - 08:06 PM

    MiniToolBox by Farbar  Version: 30-11-2014
    Ran by a (administrator) on 17-12-2014 at 19:48:05
    Running from "C:\Users\a\Desktop"
    Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
    Boot Mode: Normal
    ***************************************************************************
     
    ========================= Flush DNS: ===================================
     
    Windows IP Configuration
     
    Successfully flushed the DNS Resolver Cache.
     
    "Reset IE Proxy Settings": IE Proxy Settings were reset.
     
    **** End of log ****
     
     
     
    Malwarebytes Anti-Malware
    www.malwarebytes.org
     
    Scan Date: 12/17/2014
    Scan Time: 7:54:58 PM
    Logfile: 
    Administrator: Yes
     
    Version: 2.00.4.1028
    Malware Database: v2014.12.18.01
    Rootkit Database: v2014.12.14.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled
     
    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: a
     
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 310261
    Time Elapsed: 5 min, 51 sec
     
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
     
    Processes: 0
    (No malicious items detected)
     
    Modules: 0
    (No malicious items detected)
     
    Registry Keys: 0
    (No malicious items detected)
     
    Registry Values: 0
    (No malicious items detected)
     
    Registry Data: 0
    (No malicious items detected)
     
    Folders: 0
    (No malicious items detected)
     
    Files: 0
    (No malicious items detected)
     
    Physical Sectors: 0
    (No malicious items detected)
     
     
    (end)


    #6 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 18 December 2014 - 04:59 AM

    Things any better ?  Go ahead and run a new scan with FRST, checkmark Additions and post both logs please



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #7 TRJolly

    TRJolly

      New Member

    • Authentic Member
    • Pip
    • 7 posts
    • Interests:Wood Working
      Movie Making

    Posted 18 December 2014 - 06:12 PM

    My computer locked up last night after I posted. I was running a scan with AVG. The speed of the scan slowed to a crawl while scanning the registry and then froze. After about 5 minutes The screen display went berserk and became an image that could have been thousands of small screens, I could really tell for sure if it was anything at all. This computer will not restart windows until it runs chkdsk. Here are the results from running FRST again.

     Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014

    Ran by a (administrator) on A-PC on 18-12-2014 17:55:09
    Running from C:\Users\a\Desktop
    Loaded Profile: a (Available profiles: a)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    () C:\Program Files (x86)\AVG Secure Search\vprot.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
    () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-12-05] ()
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
    BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restartsdnclean64.exe
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
    BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO-x32: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
    BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} ->  No File
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
    Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
    Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Tcpip\..\Interfaces\{04133F6B-630D-4885-AC59-5A6F1B901E85}: [NameServer] 209.18.47.61
     
    FireFox:
    ========
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack
    FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack [2014-12-05]
     
    Chrome: 
    =======
    CHR StartupUrls: Default -> "hxxp://www.google.com/"
    CHR Profile: C:\Users\a\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-03]
    CHR Extension: (Google Docs) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-03]
    CHR Extension: (Google Drive) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-03]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-13]
    CHR Extension: (YouTube) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-03]
    CHR Extension: (Google Search) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-03]
    CHR Extension: (Google Sheets) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-03]
    CHR Extension: (AdBlock) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-03]
    CHR Extension: (Video Downloader) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpgleggfcndpeflbjhpjfckfmojnpo [2014-12-03]
    CHR Extension: (Google Wallet) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-03]
    CHR Extension: (Gmail) - C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-03]
    CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Program Files (x86)\AVG\AVG2012\Chrome\donottrack.crx [2012-04-20]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-12-05] (AVG Secure Search)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
    S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-12-03] (The OpenVPN Project)
    R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
    R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
    R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2014-11-04] (AVG Technologies CZ, s.r.o.)
    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-12-05] (AVG Technologies)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-18] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
    R3 tpg64win7; C:\Windows\System32\DRIVERS\tpg64win7.sys [648808 2012-02-22] (TP-LINK TECHNOLOGIES CO., LTD)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-12-18 17:55 - 2014-12-18 17:55 - 00011379 _____ () C:\Users\a\Desktop\FRST.txt
    2014-12-18 17:54 - 2014-12-18 17:54 - 00000000 ____D () C:\Users\a\Desktop\FRST-OlderVersion
    2014-12-18 17:48 - 2014-12-18 17:54 - 02121216 _____ (Farbar) C:\Users\a\Desktop\FRST64.exe
    2014-12-17 19:48 - 2014-12-17 19:48 - 00000522 _____ () C:\Users\a\Desktop\Result.txt
    2014-12-17 19:46 - 2014-12-17 19:46 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\a\Downloads\mbam-setup-2.0.4.1028 (1).exe
    2014-12-17 19:46 - 2014-12-17 19:46 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\a\Desktop\mbam-setup-2.0.4.1028.exe
    2014-12-17 19:44 - 2014-12-17 19:44 - 00401920 _____ (Farbar) C:\Users\a\Desktop\MiniToolBox.exe
    2014-12-16 18:37 - 2014-12-16 18:38 - 00000000 ____D () C:\Users\a\Desktop\New folder
    2014-12-13 22:58 - 2014-12-13 22:58 - 00006864 ____N () C:\bootsqm.dat
    2014-12-13 22:57 - 2014-12-13 22:57 - 00000000 __SHD () C:\found.000
    2014-12-13 19:55 - 2014-12-18 17:55 - 00000000 ____D () C:\FRST
    2014-12-13 19:53 - 2014-12-13 19:53 - 00002126 _____ () C:\Users\a\Desktop\aswMBR1.txt
    2014-12-13 19:53 - 2014-12-13 19:53 - 00000512 _____ () C:\Users\a\Desktop\MBR1.dat
    2014-12-12 18:03 - 2014-12-12 18:03 - 00000247 _____ () C:\Windows\system32\2014-12-13-00-03-53.008-aswFe.exe-4900.log
    2014-12-12 17:59 - 2014-12-12 18:03 - 00000247 _____ () C:\Windows\system32\2014-12-12-23-59-24.024-aswFe.exe-4280.log
    2014-12-12 17:59 - 2014-12-12 17:59 - 00000197 _____ () C:\Windows\system32\2014-12-12-23-59-20.045-AvastVBoxSVC.exe-1120.log
    2014-12-11 18:30 - 2014-12-11 18:30 - 00000197 _____ () C:\Windows\system32\2014-12-12-00-30-01.058-AvastVBoxSVC.exe-4120.log
    2014-12-07 11:29 - 2014-12-07 11:29 - 00000000 __SHD () C:\Users\a\AppData\Local\EmieUserList
    2014-12-07 11:29 - 2014-12-07 11:29 - 00000000 __SHD () C:\Users\a\AppData\Local\EmieSiteList
    2014-12-07 11:29 - 2014-12-07 11:29 - 00000000 __SHD () C:\Users\a\AppData\Local\EmieBrowserModeList
    2014-12-07 09:49 - 2014-12-07 09:49 - 00000000 ____D () C:\Users\a\Documents\ProcAlyzer Dumps
    2014-12-07 09:09 - 2014-12-07 09:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-12-07 09:09 - 2014-12-07 09:09 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2014-12-07 09:09 - 2014-12-07 09:09 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2014-12-07 09:09 - 2014-12-07 09:09 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
    2014-12-07 09:09 - 2014-12-07 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2014-12-07 09:09 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
    2014-12-07 09:08 - 2014-12-07 09:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-12-07 08:52 - 2014-12-07 08:53 - 00000197 _____ () C:\Windows\system32\2014-12-07-14-52-52.079-AvastVBoxSVC.exe-3928.log
    2014-12-06 19:39 - 2014-12-06 19:40 - 00000247 _____ () C:\Windows\system32\2014-12-07-01-39-56.004-aswFe.exe-5716.log
    2014-12-06 19:36 - 2014-12-06 19:39 - 00000247 _____ () C:\Windows\system32\2014-12-07-01-36-45.002-aswFe.exe-5152.log
    2014-12-06 19:36 - 2014-12-06 19:36 - 00000197 _____ () C:\Windows\system32\2014-12-07-01-36-41.015-AvastVBoxSVC.exe-4104.log
    2014-12-06 12:22 - 2014-12-06 12:22 - 00000197 _____ () C:\Windows\system32\2014-12-06-18-22-45.053-AvastVBoxSVC.exe-3004.log
    2014-12-06 12:21 - 2014-12-06 12:21 - 00000000 ____D () C:\Users\a\AppData\Roaming\Adobe
    2014-12-06 12:11 - 2013-05-09 23:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2014-12-06 12:11 - 2013-05-09 23:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2014-12-06 12:11 - 2013-05-09 22:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2014-12-06 12:11 - 2013-05-09 22:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2014-12-06 11:54 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
    2014-12-06 11:52 - 2014-12-06 11:52 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-12-06 11:52 - 2014-12-06 11:52 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-12-06 11:52 - 2014-12-06 11:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-12-06 11:52 - 2014-12-06 11:52 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2014-12-06 11:52 - 2014-12-06 11:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2014-12-06 11:52 - 2014-12-06 11:52 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2014-12-06 11:52 - 2014-12-06 11:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2014-12-06 11:52 - 2014-12-06 11:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-12-06 11:52 - 2014-12-06 11:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2014-12-06 11:52 - 2014-12-06 11:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2014-12-06 11:52 - 2014-12-06 11:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2014-12-06 11:52 - 2014-12-06 11:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2014-12-06 11:52 - 2014-12-06 11:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2014-12-06 11:52 - 2014-12-06 11:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2014-12-06 11:51 - 2014-12-06 11:51 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-12-06 11:51 - 2014-12-06 11:51 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-12-06 11:51 - 2014-12-06 11:51 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-12-06 11:51 - 2014-12-06 11:51 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2014-12-06 11:51 - 2014-12-06 11:51 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-12-06 11:51 - 2014-12-06 11:51 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2014-12-06 11:51 - 2014-12-06 11:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-12-06 11:51 - 2014-12-06 11:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2014-12-06 11:51 - 2014-12-06 11:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-12-06 11:51 - 2014-12-06 11:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2014-12-06 11:51 - 2014-12-06 11:51 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2014-12-06 11:51 - 2014-12-06 11:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2014-12-06 11:51 - 2014-12-06 11:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2014-12-06 11:51 - 2014-12-06 11:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2014-12-06 11:51 - 2014-12-06 11:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-12-06 11:51 - 2014-12-06 11:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-12-06 11:50 - 2014-12-06 11:54 - 00007435 _____ () C:\Windows\IE11_main.log
    2014-12-06 11:43 - 2014-12-06 11:43 - 00000197 _____ () C:\Windows\system32\2014-12-06-17-43-17.083-AvastVBoxSVC.exe-2692.log
    2014-12-06 11:39 - 2014-12-06 11:39 - 00000197 _____ () C:\Windows\system32\2014-12-06-17-39-26.035-AvastVBoxSVC.exe-2632.log
    2014-12-06 11:35 - 2014-12-06 11:35 - 00000197 _____ () C:\Windows\system32\2014-12-06-17-35-16.067-AvastVBoxSVC.exe-3344.log
    2014-12-06 10:29 - 2012-08-23 08:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2014-12-06 10:29 - 2012-08-23 08:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
    2014-12-06 10:29 - 2012-08-23 08:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
    2014-12-06 10:29 - 2012-08-23 08:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
    2014-12-06 10:29 - 2012-08-23 07:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
    2014-12-06 10:29 - 2012-08-23 07:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
    2014-12-06 10:29 - 2012-08-23 07:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2014-12-06 10:29 - 2012-08-23 07:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-12-06 10:29 - 2012-08-23 07:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
    2014-12-06 10:29 - 2012-08-23 07:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
    2014-12-06 10:29 - 2012-08-23 07:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
    2014-12-06 10:29 - 2012-08-23 07:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
    2014-12-06 10:29 - 2012-08-23 07:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
    2014-12-06 10:29 - 2012-08-23 06:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
    2014-12-06 10:29 - 2012-08-23 05:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2014-12-06 10:29 - 2012-08-23 05:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2014-12-06 10:29 - 2012-08-23 05:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
    2014-12-06 10:29 - 2012-08-23 05:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
    2014-12-06 10:29 - 2012-08-23 04:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
    2014-12-06 10:29 - 2012-08-23 04:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
    2014-12-06 10:29 - 2012-08-23 04:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
    2014-12-06 10:29 - 2012-08-23 04:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
    2014-12-06 10:29 - 2012-08-23 03:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2014-12-06 10:29 - 2012-08-23 02:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-12-06 10:29 - 2012-08-23 02:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-12-06 09:47 - 2012-07-25 21:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
    2014-12-06 09:47 - 2012-07-25 21:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
    2014-12-06 09:47 - 2012-07-25 21:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
    2014-12-06 09:47 - 2012-07-25 21:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
    2014-12-06 09:47 - 2012-07-25 21:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
    2014-12-06 09:47 - 2012-07-25 20:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
    2014-12-06 09:47 - 2012-07-25 20:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
    2014-12-06 09:47 - 2012-06-02 08:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
    2014-12-06 09:34 - 2014-12-06 09:36 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-06 09:34 - 2014-10-31 23:26 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-06 09:30 - 2013-01-13 15:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-12-06 09:30 - 2013-01-13 15:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2014-12-06 09:30 - 2013-01-13 15:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2014-12-06 09:30 - 2013-01-13 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2014-12-06 09:30 - 2013-01-13 14:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2014-12-06 09:30 - 2013-01-13 14:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-12-06 09:30 - 2013-01-13 14:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2014-12-06 09:30 - 2013-01-13 14:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2014-12-06 09:30 - 2013-01-13 14:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2014-12-06 09:30 - 2013-01-13 13:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
    2014-12-06 09:30 - 2013-01-13 13:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-12-06 09:30 - 2013-01-13 13:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
    2014-12-06 09:30 - 2013-01-13 13:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
    2014-12-06 09:30 - 2013-01-13 13:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
    2014-12-06 09:30 - 2013-01-13 13:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2014-12-06 09:30 - 2013-01-13 12:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2014-12-06 09:30 - 2013-01-04 00:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-12-06 09:30 - 2013-01-04 00:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2014-12-06 09:29 - 2013-01-13 15:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2014-12-06 09:29 - 2013-01-13 15:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
    2014-12-06 09:29 - 2013-01-13 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
    2014-12-06 09:29 - 2013-01-13 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
    2014-12-06 09:29 - 2013-01-13 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
    2014-12-06 09:29 - 2013-01-13 14:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2014-12-06 09:29 - 2013-01-13 14:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2014-12-06 09:29 - 2013-01-13 14:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
    2014-12-06 09:29 - 2013-01-13 14:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
    2014-12-06 09:29 - 2013-01-13 14:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
    2014-12-06 09:29 - 2013-01-13 14:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
    2014-12-06 09:29 - 2013-01-13 14:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2014-12-06 09:29 - 2013-01-13 14:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
    2014-12-06 09:29 - 2013-01-13 14:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
    2014-12-06 09:29 - 2013-01-13 13:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2014-12-06 09:29 - 2013-01-13 13:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2014-12-06 09:29 - 2013-01-13 13:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
    2014-12-06 09:29 - 2013-01-13 13:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
    2014-12-06 09:29 - 2013-01-13 13:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2014-12-06 09:29 - 2013-01-13 13:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
    2014-12-06 09:29 - 2013-01-13 13:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-12-06 09:29 - 2013-01-13 13:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
    2014-12-06 09:29 - 2013-01-13 13:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
    2014-12-06 09:29 - 2013-01-13 13:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2014-12-06 09:29 - 2013-01-13 13:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
    2014-12-06 09:29 - 2013-01-13 13:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
    2014-12-06 09:29 - 2013-01-13 13:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
    2014-12-06 09:29 - 2013-01-13 13:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-12-06 09:29 - 2013-01-13 13:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
    2014-12-06 09:29 - 2013-01-13 12:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
    2014-12-06 09:29 - 2013-01-13 12:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
    2014-12-06 09:29 - 2013-01-13 11:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
    2014-12-06 09:29 - 2013-01-13 11:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
    2014-12-06 09:27 - 2012-03-01 00:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
    2014-12-06 09:27 - 2012-03-01 00:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
    2014-12-06 09:27 - 2012-02-29 23:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
    2014-12-06 09:14 - 2014-06-30 16:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
    2014-12-06 09:14 - 2014-06-30 16:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
    2014-12-06 09:14 - 2014-06-06 00:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
    2014-12-06 09:14 - 2014-06-06 00:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2014-12-06 09:14 - 2014-03-09 15:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
    2014-12-06 09:14 - 2014-03-09 15:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
    2014-12-06 09:14 - 2014-03-09 15:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
    2014-12-06 09:14 - 2014-03-09 15:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
    2014-12-06 09:11 - 2013-12-03 20:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
    2014-12-06 09:11 - 2013-12-03 20:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
    2014-12-06 09:11 - 2013-12-03 20:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
    2014-12-06 09:11 - 2013-12-03 20:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
    2014-12-06 09:11 - 2013-12-03 20:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
    2014-12-06 09:11 - 2013-12-03 20:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
    2014-12-06 09:11 - 2013-12-03 20:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
    2014-12-06 09:11 - 2013-12-03 20:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
    2014-12-06 09:11 - 2013-12-03 20:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
    2014-12-06 09:11 - 2013-12-03 20:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
    2014-12-06 09:11 - 2013-12-03 20:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
    2014-12-06 09:11 - 2013-12-03 20:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
    2014-12-06 09:11 - 2013-12-03 20:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
    2014-12-06 09:11 - 2013-12-03 20:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
    2014-12-06 09:11 - 2013-12-03 19:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
    2014-12-06 09:11 - 2013-12-03 19:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
    2014-12-06 09:11 - 2013-12-03 19:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
    2014-12-06 09:11 - 2013-12-03 19:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
    2014-12-06 09:11 - 2011-10-25 23:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2014-12-06 09:11 - 2011-10-25 22:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2014-12-06 09:10 - 2014-08-01 05:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-12-06 09:10 - 2014-08-01 05:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
    2014-12-06 09:10 - 2014-07-16 20:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2014-12-06 09:10 - 2014-07-16 20:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
    2014-12-06 09:10 - 2014-07-16 20:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
    2014-12-06 09:10 - 2014-07-16 19:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
    2014-12-06 09:10 - 2014-07-16 19:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
    2014-12-06 09:10 - 2014-07-16 19:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
    2014-12-06 09:10 - 2014-03-04 03:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2014-12-06 09:10 - 2014-03-04 03:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
    2014-12-06 09:10 - 2014-03-04 03:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2014-12-06 09:10 - 2014-03-04 03:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
    2014-12-06 09:10 - 2014-03-04 03:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
    2014-12-06 09:10 - 2014-03-04 03:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
    2014-12-06 09:10 - 2014-03-04 03:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
    2014-12-06 09:10 - 2014-03-04 03:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
    2014-12-06 09:10 - 2014-03-04 03:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
    2014-12-06 09:10 - 2014-03-04 03:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2014-12-06 09:10 - 2014-03-04 03:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2014-12-06 09:10 - 2014-03-04 03:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
    2014-12-06 09:10 - 2014-03-04 03:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
    2014-12-06 09:10 - 2014-03-04 03:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
    2014-12-06 09:10 - 2014-03-04 03:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
    2014-12-06 09:10 - 2014-03-04 03:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
    2014-12-06 09:10 - 2014-03-04 03:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
    2014-12-06 09:10 - 2014-03-04 03:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
    2014-12-06 09:10 - 2014-03-04 03:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2014-12-06 09:10 - 2013-09-07 20:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
    2014-12-06 09:10 - 2013-09-07 20:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
    2014-12-06 09:10 - 2013-08-01 20:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2014-12-06 09:10 - 2013-08-01 20:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2014-12-06 09:10 - 2013-08-01 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2014-12-06 09:10 - 2013-08-01 18:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2014-12-06 09:10 - 2013-07-04 06:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2014-12-06 09:10 - 2012-04-25 23:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
    2014-12-06 09:10 - 2012-04-25 23:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
    2014-12-06 09:09 - 2013-05-09 23:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
    2014-12-06 09:09 - 2013-05-09 21:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
    2014-12-06 09:09 - 2012-12-07 07:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
    2014-12-06 09:09 - 2012-12-07 07:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
    2014-12-06 09:09 - 2012-12-07 06:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
    2014-12-06 09:09 - 2012-12-07 06:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
    2014-12-06 09:09 - 2012-12-07 05:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
    2014-12-06 09:09 - 2012-12-07 05:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
    2014-12-06 09:09 - 2012-12-07 05:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
    2014-12-06 09:09 - 2012-12-07 05:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
    2014-12-06 09:09 - 2012-12-07 05:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
    2014-12-06 09:09 - 2012-12-07 05:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
    2014-12-06 09:09 - 2012-12-07 05:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
    2014-12-06 09:09 - 2012-12-07 05:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
    2014-12-06 09:09 - 2012-12-07 05:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
    2014-12-06 09:09 - 2012-12-07 05:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
    2014-12-06 09:09 - 2012-12-07 05:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
    2014-12-06 09:09 - 2012-12-07 05:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
    2014-12-06 09:09 - 2012-12-07 05:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
    2014-12-06 09:09 - 2012-12-07 05:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
    2014-12-06 09:09 - 2012-12-07 04:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
    2014-12-06 09:08 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2014-12-06 09:08 - 2014-10-13 20:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2014-12-06 09:08 - 2014-10-13 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2014-12-06 09:08 - 2014-10-13 19:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2014-12-06 09:08 - 2014-10-13 19:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2014-12-06 09:08 - 2014-09-19 03:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2014-12-06 09:08 - 2014-09-19 03:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2014-12-06 09:08 - 2014-09-19 03:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2014-12-06 09:08 - 2014-09-19 03:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2014-12-06 09:08 - 2014-09-19 03:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2014-12-06 09:08 - 2014-09-19 03:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2014-12-06 09:08 - 2014-09-19 03:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2014-12-06 09:08 - 2014-09-19 03:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2014-12-06 09:08 - 2014-09-19 03:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2014-12-06 09:08 - 2014-09-19 03:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2014-12-06 09:08 - 2014-09-19 03:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2014-12-06 09:08 - 2014-09-19 03:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2014-12-06 09:08 - 2013-05-12 23:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
    2014-12-06 09:08 - 2013-05-12 21:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
    2014-12-06 09:08 - 2013-05-12 21:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
    2014-12-06 09:08 - 2013-05-12 21:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
    2014-12-06 09:07 - 2014-10-13 20:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-12-06 09:07 - 2014-10-13 19:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2014-12-06 09:07 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-12-06 09:07 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2014-12-06 09:07 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2014-12-06 09:07 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2014-12-06 09:07 - 2014-06-18 16:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
    2014-12-06 09:07 - 2014-06-18 16:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
    2014-12-06 09:07 - 2014-06-18 16:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
    2014-12-06 09:07 - 2014-06-18 16:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
    2014-12-06 09:07 - 2014-06-18 16:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
    2014-12-06 09:07 - 2014-06-18 16:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
    2014-12-06 09:07 - 2014-06-03 04:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2014-12-06 09:07 - 2014-06-03 04:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2014-12-06 09:07 - 2014-06-03 04:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2014-12-06 09:07 - 2014-06-03 03:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2014-12-06 09:07 - 2014-06-03 03:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2014-12-06 09:07 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
    2014-12-06 09:07 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
    2014-12-06 09:07 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
    2014-12-06 09:07 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
    2014-12-06 09:07 - 2013-07-25 20:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
    2014-12-06 09:07 - 2013-07-25 19:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
    2014-12-06 09:07 - 2013-07-04 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2014-12-06 09:07 - 2013-07-04 06:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2014-12-06 09:07 - 2013-07-04 05:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2014-12-06 09:07 - 2013-07-04 05:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2014-12-06 09:07 - 2013-07-04 04:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2014-12-06 09:07 - 2013-02-26 23:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2014-12-06 09:07 - 2012-10-03 11:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2014-12-06 09:07 - 2012-10-03 11:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
    2014-12-06 09:07 - 2012-10-03 11:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2014-12-06 09:07 - 2012-10-03 11:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2014-12-06 09:07 - 2012-10-03 11:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
    2014-12-06 09:07 - 2012-10-03 11:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
    2014-12-06 09:07 - 2012-10-03 10:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
    2014-12-06 09:07 - 2012-10-03 10:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
    2014-12-06 09:07 - 2012-10-03 10:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
    2014-12-06 09:07 - 2012-10-03 10:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
    2014-12-06 09:07 - 2012-01-13 01:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2014-12-06 09:06 - 2014-06-24 20:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-12-06 09:06 - 2014-06-24 19:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2014-12-06 09:06 - 2013-11-26 19:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2014-12-06 09:06 - 2013-11-26 19:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2014-12-06 09:06 - 2013-11-26 19:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2014-12-06 09:06 - 2013-11-26 19:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2014-12-06 09:06 - 2013-11-26 19:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
    2014-12-06 09:06 - 2013-11-26 19:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2014-12-06 09:06 - 2013-10-05 14:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2014-12-06 09:06 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2014-12-06 09:06 - 2013-07-20 04:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2014-12-06 09:06 - 2013-07-20 04:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2014-12-06 09:06 - 2013-07-12 04:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
    2014-12-06 09:06 - 2013-07-08 23:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2014-12-06 09:06 - 2013-07-08 23:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
    2014-12-06 09:06 - 2013-07-08 22:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2014-12-06 09:06 - 2013-07-08 22:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
    2014-12-06 09:06 - 2012-05-05 02:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2014-12-06 09:06 - 2012-05-05 01:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2014-12-06 09:06 - 2012-01-04 04:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
    2014-12-06 09:06 - 2012-01-04 02:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
    2014-12-06 09:06 - 2011-11-17 00:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
    2014-12-06 09:06 - 2011-11-16 23:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
    2014-12-06 09:05 - 2013-04-25 17:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
    2014-12-06 09:05 - 2013-03-31 16:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
    2014-12-06 09:04 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-12-06 09:04 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2014-12-06 09:04 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-12-06 09:04 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2014-12-06 09:04 - 2014-10-13 20:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2014-12-06 09:04 - 2014-10-13 20:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-12-06 09:04 - 2014-10-13 19:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2014-12-06 09:04 - 2014-10-13 19:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2014-12-06 09:04 - 2014-06-17 20:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2014-12-06 09:04 - 2014-06-17 19:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2014-12-06 09:04 - 2014-04-11 20:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2014-12-06 09:04 - 2014-04-11 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2014-12-06 09:04 - 2014-04-11 20:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2014-12-06 09:04 - 2014-04-11 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2014-12-06 09:04 - 2014-04-11 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2014-12-06 09:04 - 2014-03-26 08:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2014-12-06 09:04 - 2014-03-26 08:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
    2014-12-06 09:04 - 2014-03-26 08:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2014-12-06 09:04 - 2014-03-26 08:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
    2014-12-06 09:04 - 2014-03-04 03:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2014-12-06 09:04 - 2014-03-04 03:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2014-12-06 09:04 - 2014-03-04 03:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2014-12-06 09:04 - 2014-03-04 03:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2014-12-06 09:04 - 2014-03-04 03:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2014-12-06 09:04 - 2014-03-04 03:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2014-12-06 09:04 - 2014-03-04 03:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2014-12-06 09:04 - 2014-03-04 03:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2014-12-06 09:04 - 2014-03-04 03:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2014-12-06 09:04 - 2014-03-04 02:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2014-12-06 09:04 - 2014-03-04 02:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2014-12-06 09:04 - 2013-08-28 20:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2014-12-06 09:04 - 2013-08-28 20:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2014-12-06 09:04 - 2013-08-28 20:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2014-12-06 09:04 - 2013-08-28 19:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2014-12-06 09:04 - 2013-08-28 19:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2014-12-06 09:04 - 2013-08-28 19:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2014-12-06 09:04 - 2013-08-01 20:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 19:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2014-12-06 09:04 - 2013-08-01 18:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 18:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 18:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2014-12-06 09:04 - 2013-08-01 18:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2014-12-06 09:04 - 2013-06-25 16:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
    2014-12-06 09:04 - 2012-11-28 16:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
    2014-12-06 09:04 - 2012-11-28 16:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
    2014-12-06 09:04 - 2012-11-28 16:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
    2014-12-06 09:04 - 2012-06-06 00:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
    2014-12-06 09:04 - 2012-06-05 23:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
    2014-12-06 09:04 - 2011-10-15 00:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
    2014-12-06 09:04 - 2011-10-14 23:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
    2014-12-06 09:03 - 2014-10-09 18:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-12-06 09:03 - 2014-09-09 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-12-06 09:03 - 2014-09-09 15:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-12-06 09:03 - 2014-08-22 20:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-12-06 09:03 - 2014-08-22 19:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-12-06 09:03 - 2014-04-04 20:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2014-12-06 09:03 - 2014-04-04 20:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2014-12-06 09:03 - 2014-01-23 20:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2014-12-06 09:03 - 2013-11-26 05:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
    2014-12-06 09:03 - 2013-07-25 03:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2014-12-06 09:03 - 2013-07-25 02:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2014-12-06 09:03 - 2013-07-08 23:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2014-12-06 09:03 - 2013-07-08 22:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2014-12-06 09:03 - 2013-04-25 23:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2014-12-06 09:03 - 2013-04-25 22:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
    2014-12-06 09:03 - 2013-02-11 22:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
    2014-12-06 09:03 - 2012-08-22 12:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2014-12-06 09:03 - 2012-07-04 14:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
    2014-12-06 09:03 - 2012-04-30 23:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2014-12-06 09:03 - 2011-06-15 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
    2014-12-06 09:03 - 2011-06-15 22:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
    2014-12-06 09:03 - 2011-05-24 05:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
    2014-12-06 09:03 - 2011-05-24 04:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
    2014-12-06 09:03 - 2011-05-24 04:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
    2014-12-06 09:03 - 2011-05-24 04:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
    2014-12-06 09:03 - 2011-05-24 04:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
    2014-12-06 09:03 - 2011-03-03 00:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2014-12-06 09:03 - 2011-03-03 00:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2014-12-06 09:03 - 2011-03-03 00:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
    2014-12-06 09:03 - 2011-03-02 23:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2014-12-06 09:03 - 2011-03-02 23:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
    2014-12-06 09:03 - 2010-12-23 04:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
    2014-12-06 09:03 - 2010-12-23 04:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
    2014-12-06 09:03 - 2010-12-23 04:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
    2014-12-06 09:03 - 2010-12-22 23:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
    2014-12-06 09:03 - 2010-12-22 23:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
    2014-12-06 09:03 - 2010-12-22 23:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
    2014-12-06 09:02 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2014-12-06 09:02 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2014-12-06 09:02 - 2014-10-17 20:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2014-12-06 09:02 - 2014-10-17 19:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2014-12-06 09:02 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2014-12-06 09:02 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2014-12-06 09:02 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2014-12-06 09:02 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2014-12-06 09:02 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2014-12-06 09:02 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2014-12-06 09:02 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2014-12-06 09:02 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2014-12-06 09:02 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-12-06 09:02 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2014-12-06 09:02 - 2014-02-03 20:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
    2014-12-06 09:02 - 2014-02-03 20:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2014-12-06 09:02 - 2014-02-03 20:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
    2014-12-06 09:02 - 2014-02-03 20:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
    2014-12-06 09:02 - 2014-02-03 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
    2014-12-06 09:02 - 2014-01-27 20:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2014-12-06 09:02 - 2013-12-31 17:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
    2014-12-06 09:02 - 2013-12-31 17:04 - 00420008 _____ () C:\Windows\system32\locale.nls
    2014-12-06 09:02 - 2013-10-18 20:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
    2014-12-06 09:02 - 2013-10-18 19:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
    2014-12-06 09:02 - 2013-06-05 23:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2014-12-06 09:02 - 2013-06-05 23:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2014-12-06 09:02 - 2013-06-05 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2014-12-06 09:02 - 2013-06-05 23:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2014-12-06 09:02 - 2013-06-05 22:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2014-12-06 09:02 - 2013-06-05 22:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2014-12-06 09:02 - 2013-06-05 22:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2014-12-06 09:02 - 2013-06-05 21:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2014-12-06 09:02 - 2013-06-05 21:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2014-12-06 09:02 - 2013-06-05 21:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2014-12-06 09:02 - 2013-03-18 23:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
    2014-12-06 09:02 - 2012-11-01 23:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
    2014-12-06 09:02 - 2012-11-01 23:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
    2014-12-06 09:02 - 2012-10-09 12:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
    2014-12-06 09:02 - 2012-10-09 12:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
    2014-12-06 09:02 - 2012-10-09 11:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
    2014-12-06 09:02 - 2012-10-09 11:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
    2014-12-06 09:02 - 2012-08-21 15:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
    2014-12-06 09:02 - 2012-05-13 23:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2014-12-06 09:02 - 2011-06-15 04:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
    2014-12-06 09:02 - 2011-06-15 04:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
    2014-12-06 09:02 - 2011-06-15 04:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
    2014-12-06 09:02 - 2011-06-15 04:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
    2014-12-06 09:02 - 2011-06-15 02:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
    2014-12-06 09:02 - 2011-06-15 02:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
    2014-12-06 09:02 - 2011-06-15 02:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
    2014-12-06 09:02 - 2011-06-15 02:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
    2014-12-06 09:02 - 2011-06-15 02:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
    2014-12-06 09:02 - 2011-05-03 23:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2014-12-06 09:02 - 2011-05-03 23:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2014-12-06 09:02 - 2011-05-03 23:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2014-12-06 09:02 - 2011-05-03 23:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2014-12-06 09:02 - 2011-05-03 23:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
    2014-12-06 09:02 - 2011-05-03 23:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
    2014-12-06 09:02 - 2011-05-03 23:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2014-12-06 09:02 - 2011-05-03 23:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2014-12-06 09:02 - 2011-05-03 23:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
    2014-12-06 09:02 - 2011-05-03 22:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2014-12-06 09:02 - 2011-05-03 22:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2014-12-06 09:02 - 2011-05-03 22:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
    2014-12-06 09:02 - 2011-05-03 22:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2014-12-06 09:02 - 2011-05-03 22:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
    2014-12-06 09:02 - 2011-05-03 22:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
    2014-12-06 09:02 - 2011-05-03 22:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2014-12-06 09:02 - 2011-05-03 22:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2014-12-06 09:02 - 2011-05-03 22:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
    2014-12-06 09:02 - 2011-04-28 21:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2014-12-06 09:02 - 2011-04-28 21:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2014-12-06 09:02 - 2011-04-28 21:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2014-12-06 09:02 - 2011-03-11 00:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
    2014-12-06 09:02 - 2011-03-11 00:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
    2014-12-06 09:02 - 2011-03-10 23:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
    2014-12-06 09:02 - 2011-03-10 23:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
    2014-12-06 09:02 - 2011-02-05 11:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2014-12-06 09:02 - 2011-02-05 11:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
    2014-12-06 09:02 - 2011-02-05 11:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
    2014-12-06 09:02 - 2011-02-05 11:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
    2014-12-06 09:02 - 2011-02-05 11:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2014-12-06 09:02 - 2011-02-05 11:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2014-12-06 09:02 - 2011-02-05 11:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2014-12-06 09:01 - 2014-09-03 23:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2014-12-06 09:01 - 2014-09-03 23:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2014-12-06 09:01 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
    2014-12-06 09:01 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
    2014-12-06 09:01 - 2014-06-15 20:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2014-12-06 09:01 - 2014-06-06 04:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2014-12-06 09:01 - 2014-06-06 03:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2014-12-06 09:01 - 2014-05-30 00:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2014-12-06 09:01 - 2014-04-24 20:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
    2014-12-06 09:01 - 2014-04-24 20:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
    2014-12-06 09:01 - 2014-01-28 20:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2014-12-06 09:01 - 2014-01-28 20:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2014-12-06 09:01 - 2013-10-29 20:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
    2014-12-06 09:01 - 2013-10-29 20:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
    2014-12-06 09:01 - 2013-10-11 20:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
    2014-12-06 09:01 - 2013-10-11 20:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
    2014-12-06 09:01 - 2013-10-11 20:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
    2014-12-06 09:01 - 2013-10-11 20:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
    2014-12-06 09:01 - 2013-10-11 19:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
    2014-12-06 09:01 - 2013-10-11 19:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
    2014-12-06 09:01 - 2013-10-11 19:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
    2014-12-06 09:01 - 2013-10-11 19:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
    2014-12-06 09:01 - 2013-10-03 20:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2014-12-06 09:01 - 2013-10-03 19:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
    2014-12-06 09:01 - 2013-08-04 20:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
    2014-12-06 09:01 - 2013-07-04 06:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2014-12-06 09:01 - 2013-07-04 05:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2014-12-06 09:01 - 2013-04-10 00:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2014-12-06 09:01 - 2013-01-24 00:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
    2014-12-06 09:01 - 2012-11-22 21:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
    2014-12-06 09:01 - 2012-09-25 16:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
    2014-12-06 09:01 - 2012-09-25 16:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
    2014-12-06 09:01 - 2012-07-04 16:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
    2014-12-06 09:01 - 2012-07-04 16:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
    2014-12-06 09:01 - 2012-07-04 16:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
    2014-12-06 09:01 - 2012-07-04 15:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
    2014-12-06 09:01 - 2012-07-04 15:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
    2014-12-06 09:01 - 2011-12-30 00:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
    2014-12-06 09:01 - 2011-12-29 23:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
    2014-12-06 09:01 - 2011-12-16 02:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
    2014-12-06 09:01 - 2011-12-16 01:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
    2014-12-06 09:01 - 2011-08-26 23:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
    2014-12-06 09:01 - 2011-08-26 22:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
    2014-12-06 09:01 - 2011-08-16 23:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
    2014-12-06 09:01 - 2011-08-16 23:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
    2014-12-06 09:01 - 2011-08-16 22:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
    2014-12-06 09:01 - 2011-08-16 22:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
    2014-12-06 09:01 - 2011-05-02 23:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2014-12-06 09:01 - 2011-05-02 22:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2014-12-06 09:01 - 2011-04-09 00:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2014-12-06 09:01 - 2011-04-08 23:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2014-12-06 09:01 - 2011-02-22 22:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
    2014-12-06 09:01 - 2011-02-12 05:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
    2014-12-06 09:01 - 2011-02-03 05:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2014-12-06 09:00 - 2013-07-02 22:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
    2014-12-06 09:00 - 2013-07-02 22:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
    2014-12-06 09:00 - 2012-03-17 01:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
    2014-12-06 09:00 - 2012-02-17 00:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
    2014-12-06 09:00 - 2012-02-16 23:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
    2014-12-06 09:00 - 2012-02-16 22:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
    2014-12-06 09:00 - 2011-02-18 04:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
    2014-12-06 09:00 - 2011-02-17 23:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
    2014-12-06 08:59 - 2011-07-08 20:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2014-12-06 08:59 - 2011-04-26 20:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2014-12-06 08:59 - 2011-04-26 20:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2014-12-06 08:51 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2014-12-06 08:51 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2014-12-06 08:51 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
    2014-12-06 08:51 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2014-12-06 08:51 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
    2014-12-06 08:37 - 2013-08-27 19:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
    2014-12-06 08:36 - 2014-07-13 20:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2014-12-06 08:36 - 2014-07-13 19:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2014-12-06 08:08 - 2014-12-06 08:08 - 00000197 _____ () C:\Windows\system32\2014-12-06-14-08-13.037-AvastVBoxSVC.exe-3744.log
    2014-12-05 23:08 - 2014-05-14 10:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2014-12-05 23:08 - 2014-05-14 10:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2014-12-05 23:08 - 2014-05-14 10:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2014-12-05 23:08 - 2014-05-14 10:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2014-12-05 23:08 - 2014-05-14 10:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2014-12-05 23:08 - 2014-05-14 10:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2014-12-05 23:08 - 2014-05-14 10:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2014-12-05 23:08 - 2014-05-14 10:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2014-12-05 23:08 - 2014-05-14 10:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2014-12-05 23:08 - 2014-05-14 10:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2014-12-05 23:07 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2014-12-05 23:07 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2014-12-05 23:07 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2014-12-05 23:07 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2014-12-05 22:46 - 2014-12-06 20:09 - 00000000 ____D () C:\Users\a\AppData\Local\HitFilm 3 Pro Activation
    2014-12-05 22:46 - 2014-12-05 22:46 - 00000000 ____D () C:\Users\a\Documents\FXHOME
    2014-12-05 22:46 - 2014-12-05 22:46 - 00000000 ____D () C:\Users\a\AppData\Roaming\AMD
    2014-12-05 22:46 - 2014-12-05 22:46 - 00000000 ____D () C:\Users\a\AppData\Local\FXHOME Helper
    2014-12-05 22:46 - 2014-12-05 22:46 - 00000000 ____D () C:\Users\a\AppData\Local\FXHOME
    2014-12-05 22:44 - 2014-12-05 22:44 - 00000000 ____D () C:\Users\a\Desktop\Project One
    2014-12-05 22:20 - 2014-12-05 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitFilm 3 Pro
    2014-12-05 22:20 - 2014-12-05 22:20 - 00000000 ____D () C:\ProgramData\FXhome
    2014-12-05 22:20 - 2014-12-05 22:20 - 00000000 ____D () C:\Program Files\FXhome
    2014-12-05 22:20 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
    2014-12-05 22:20 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
    2014-12-05 21:50 - 2014-12-05 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2014-12-05 21:50 - 2014-12-05 21:50 - 00000000 ____D () C:\Program Files (x86)\7-Zip
    2014-12-05 21:47 - 2014-12-05 21:47 - 00026900 _____ () C:\Users\a\AppData\Local\dt.dat
    2014-12-05 21:45 - 2014-12-05 21:45 - 00000197 _____ () C:\Windows\system32\2014-12-06-03-45-11.076-AvastVBoxSVC.exe-4660.log
    2014-12-05 21:29 - 2014-12-05 21:36 - 00005262 _____ () C:\Users\a\Desktop\avgrep.txt
    2014-12-05 21:00 - 2014-12-05 21:00 - 00002102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
    2014-12-05 21:00 - 2014-12-05 21:00 - 00002090 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
    2014-12-05 21:00 - 2014-12-05 21:00 - 00000000 ____D () C:\Users\a\AppData\Roaming\Thunderbird
    2014-12-05 21:00 - 2014-12-05 21:00 - 00000000 ____D () C:\Users\a\AppData\Roaming\Mozilla
    2014-12-05 21:00 - 2014-12-05 21:00 - 00000000 ____D () C:\Users\a\AppData\Local\Thunderbird
    2014-12-05 21:00 - 2014-12-05 21:00 - 00000000 ____D () C:\ProgramData\Mozilla
    2014-12-05 21:00 - 2014-12-05 21:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
    2014-12-05 21:00 - 2014-12-05 21:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-12-05 20:39 - 2014-12-05 20:58 - 00001004 _____ () C:\Users\a\Desktop\File Shredder.lnk
    2014-12-05 20:39 - 2014-12-05 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder
    2014-12-05 20:38 - 2014-12-05 20:39 - 00000000 ____D () C:\Program Files\File Shredder
    2014-12-05 20:37 - 2014-12-05 20:37 - 00000197 _____ () C:\Windows\system32\2014-12-06-02-37-14.041-AvastVBoxSVC.exe-3720.log
    2014-12-05 19:44 - 2014-12-05 19:44 - 00000000 ____D () C:\Users\a\AppData\Roaming\AVG2012
    2014-12-05 19:43 - 2014-12-05 20:05 - 00000246 _____ () C:\Windows\Tasks\Open Chrome.job
    2014-12-05 19:43 - 2014-12-05 19:59 - 00002470 _____ () C:\Windows\System32\Tasks\Open Chrome
    2014-12-05 19:43 - 2014-12-05 19:43 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute
    2014-12-05 19:43 - 2014-12-05 19:43 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2012.lnk
    2014-12-05 19:43 - 2014-12-05 19:43 - 00000000 ____D () C:\Users\a\AppData\Roaming\TuneUp Software
    2014-12-05 19:43 - 2014-12-05 19:43 - 00000000 ____D () C:\Users\a\AppData\Local\AVG Secure Search
    2014-12-05 19:43 - 2014-12-05 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2014-12-05 19:43 - 2014-12-05 19:43 - 00000000 ____D () C:\ProgramData\AVG Secure Search
    2014-12-05 19:43 - 2014-12-05 19:43 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
    2014-12-05 19:43 - 2014-12-05 19:42 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
    2014-12-05 19:42 - 2014-12-18 17:50 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
    2014-12-05 19:42 - 2014-12-05 19:47 - 00000000 ____D () C:\ProgramData\AVG2012
    2014-12-05 19:42 - 2014-12-05 19:42 - 00000000 ___HD () C:\$AVG
    2014-12-05 19:42 - 2014-12-05 19:42 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\AVG
    2014-12-05 19:41 - 2014-12-05 19:41 - 00000000 ____D () C:\Program Files (x86)\AVG
    2014-12-05 19:39 - 2014-12-05 19:44 - 00000000 ____D () C:\ProgramData\MFAData
    2014-12-05 19:36 - 2014-12-05 19:36 - 00000000 ____D () C:\ProgramData\McAfee
    2014-12-05 19:35 - 2014-12-05 19:36 - 08423856 _____ (McAfee, Inc.) C:\Users\a\Downloads\SecurityScan_Release.exe
    2014-12-05 19:13 - 2014-12-05 19:13 - 00000197 _____ () C:\Windows\system32\2014-12-06-01-13-40.060-AvastVBoxSVC.exe-2328.log
    2014-12-05 19:11 - 2014-12-05 19:11 - 372706832 _____ () C:\Windows\MEMORY.DMP
    2014-12-05 19:11 - 2014-12-05 19:11 - 00275152 _____ () C:\Windows\Minidump\120514-25942-01.dmp
    2014-12-05 19:11 - 2014-12-05 19:11 - 00000000 ____D () C:\Windows\Minidump
    2014-12-05 18:54 - 2014-12-05 18:54 - 00000247 _____ () C:\Windows\system32\2014-12-06-00-54-55.071-aswFe.exe-4656.log
    2014-12-05 18:52 - 2014-12-05 18:54 - 00000247 _____ () C:\Windows\system32\2014-12-06-00-52-41.064-aswFe.exe-3676.log
    2014-12-05 18:52 - 2014-12-05 18:52 - 00000197 _____ () C:\Windows\system32\2014-12-06-00-52-39.061-AvastVBoxSVC.exe-2380.log
    2014-12-03 20:47 - 2014-12-03 20:47 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
    2014-12-03 20:47 - 2014-12-03 20:47 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
    2014-12-03 20:46 - 2014-12-03 20:46 - 00001355 _____ () C:\Windows\TSSysprep.log
    2014-12-03 20:45 - 2014-12-03 20:45 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
    2014-12-03 20:43 - 2014-12-03 18:49 - 00000000 ____D () C:\Windows\Panther
    2014-12-03 20:04 - 2014-12-03 20:19 - 00000000 ____D () C:\Users\a\AppData\Local\Microsoft Games
    2014-12-03 19:55 - 2014-12-03 19:55 - 00000247 _____ () C:\Windows\system32\2014-12-04-01-55-58.063-aswFe.exe-4092.log
    2014-12-03 19:55 - 2014-12-03 19:55 - 00000197 _____ () C:\Windows\system32\2014-12-04-01-55-57.040-AvastVBoxSVC.exe-2864.log
    2014-12-03 19:54 - 2014-12-03 19:54 - 00000247 _____ () C:\Windows\system32\2014-12-04-01-54-06.063-aswFe.exe-3012.log
    2014-12-03 19:54 - 2014-12-03 19:54 - 00000197 _____ () C:\Windows\system32\2014-12-04-01-54-05.035-AvastVBoxSVC.exe-4836.log
    2014-12-03 19:50 - 2014-12-03 19:50 - 00000247 _____ () C:\Windows\system32\2014-12-04-01-50-16.066-aswFe.exe-4416.log
    2014-12-03 19:47 - 2014-12-03 19:48 - 00000247 _____ () C:\Windows\system32\2014-12-04-01-47-59.093-aswFe.exe-5012.log
    2014-12-03 19:47 - 2014-12-03 19:47 - 00000197 _____ () C:\Windows\system32\2014-12-04-01-47-57.051-AvastVBoxSVC.exe-1972.log
    2014-12-03 19:46 - 2014-12-03 19:46 - 00000000 ____D () C:\Windows\SysWOW64\vbox
    2014-12-03 19:46 - 2014-12-03 19:46 - 00000000 ____D () C:\Windows\system32\vbox
    2014-12-03 19:45 - 2014-12-13 10:31 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-12-03 19:45 - 2014-12-06 11:32 - 00000000 ____D () C:\Program Files\Google
    2014-12-03 19:45 - 2014-12-03 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-12-03 19:40 - 2014-12-18 17:50 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-03 19:40 - 2014-12-18 17:46 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-03 19:40 - 2014-12-06 11:32 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-12-03 19:40 - 2014-12-06 08:36 - 00000000 ____D () C:\Users\a\AppData\Local\Google
    2014-12-03 19:40 - 2014-12-03 20:45 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-12-03 19:40 - 2014-12-03 20:45 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-12-03 19:40 - 2014-12-03 19:40 - 00044640 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aswTap.sys
    2014-12-03 19:38 - 2014-12-16 18:46 - 00000000 ____D () C:\ProgramData\AVAST Software
    2014-12-03 19:31 - 2012-02-22 16:51 - 00648808 _____ (TP-LINK TECHNOLOGIES CO., LTD) C:\Windows\system32\Drivers\tpg64win7.sys
    2014-12-03 19:31 - 2012-02-22 16:51 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp.dll
    2014-12-03 19:19 - 2014-12-18 17:48 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-12-03 19:18 - 2014-12-18 17:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-12-03 19:18 - 2014-12-17 19:50 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-12-03 19:18 - 2014-12-05 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-12-03 19:18 - 2014-12-03 19:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-12-03 19:18 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-12-03 19:18 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-12-03 19:18 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-12-03 19:11 - 2014-12-06 11:42 - 00058016 _____ () C:\Users\a\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-12-03 19:11 - 2014-12-03 19:11 - 00000000 ____D () C:\Users\a\AppData\Local\AMD
    2014-12-03 19:10 - 2014-12-03 19:10 - 00000000 ____D () C:\Users\a\AppData\Roaming\ATI
    2014-12-03 19:10 - 2014-12-03 19:10 - 00000000 ____D () C:\Users\a\AppData\Local\ATI
    2014-12-03 19:10 - 2014-12-03 19:10 - 00000000 ____D () C:\ProgramData\ATI
    2014-12-03 19:10 - 2014-12-03 19:10 - 00000000 _____ () C:\Windows\ativpsrm.bin
    2014-12-03 19:09 - 2014-12-03 19:09 - 00067608 _____ () C:\Windows\SysWOW64\CCCInstall_201412031909360422.log
    2014-12-03 19:09 - 2014-12-03 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
    2014-12-03 19:09 - 2014-12-03 19:09 - 00000000 ____D () C:\ProgramData\AMD
    2014-12-03 19:09 - 2014-12-03 19:09 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
    2014-12-03 19:09 - 2014-12-03 19:09 - 00000000 ____D () C:\Program Files (x86)\AMD
    2014-12-03 19:08 - 2014-12-03 19:09 - 00000000 ____D () C:\Program Files\AMD
    2014-12-03 19:08 - 2014-12-03 19:08 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
    2014-12-03 19:08 - 2014-12-03 19:08 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
    2014-12-03 19:06 - 2014-12-06 12:02 - 00773912 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2014-12-03 19:05 - 2014-12-03 19:08 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-12-03 19:04 - 2014-12-03 19:09 - 00000000 ____D () C:\Program Files\ATI Technologies
    2014-12-03 19:04 - 2014-12-03 19:04 - 00000000 ____D () C:\Program Files\ATI
    2014-12-03 19:03 - 2014-12-03 19:03 - 00000000 ____D () C:\AMD
    2014-12-03 18:50 - 2014-12-18 17:51 - 01660745 _____ () C:\Windows\WindowsUpdate.log
    2014-12-03 18:49 - 2014-12-06 12:21 - 00001417 _____ () C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-12-03 18:49 - 2014-12-03 18:49 - 00000020 ___SH () C:\Users\a\ntuser.ini
    2014-12-03 18:49 - 2014-12-03 18:49 - 00000000 __SHD () C:\Recovery
    2014-12-03 18:49 - 2014-12-03 18:49 - 00000000 ____D () C:\Users\a\AppData\Local\VirtualStore
    2014-12-03 18:49 - 2014-12-03 18:49 - 00000000 ____D () C:\Users\a
    2014-12-03 18:49 - 2009-07-13 22:54 - 00000000 ___RD () C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-12-03 18:49 - 2009-07-13 22:49 - 00000000 ___RD () C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-12-18 17:54 - 2009-07-13 22:45 - 00021264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-18 17:54 - 2009-07-13 22:45 - 00021264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-18 17:53 - 2009-07-13 23:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-12-18 17:46 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-12-18 17:46 - 2009-07-13 22:51 - 00026884 _____ () C:\Windows\setupact.log
    2014-12-16 18:46 - 2010-11-20 21:47 - 00437048 _____ () C:\Windows\PFRO.log
    2014-12-14 19:28 - 2009-07-13 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
    2014-12-06 14:41 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
    2014-12-06 12:19 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-12-06 12:19 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\System
    2014-12-06 11:38 - 2009-07-13 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-12-06 11:36 - 2009-07-13 22:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-12-06 11:34 - 2011-04-12 02:28 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-12-06 11:34 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-12-06 11:34 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
    2014-12-06 11:34 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
    2014-12-06 11:34 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
    2014-12-06 11:34 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
    2014-12-06 11:34 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\Dism
    2014-12-06 11:33 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\zh-HK
    2014-12-06 11:33 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\tr-TR
    2014-12-03 20:47 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-12-03 20:46 - 2009-07-13 22:46 - 00002790 _____ () C:\Windows\DtcInstall.log
    2014-12-03 20:46 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\sysprep
    2014-12-03 20:43 - 2009-07-13 23:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
    2014-12-03 20:43 - 2009-07-13 23:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
    2014-12-03 19:07 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2014-12-03 19:04 - 2009-07-13 23:32 - 00000000 ____D () C:\Windows\system32\restore
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2014-12-06 14:33
     
    ==================== End Of Log ============================
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
    Ran by a at 2014-12-18 17:55:36
    Running from C:\Users\a\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: AVG Anti-Virus 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    AS: AVG Anti-Virus 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
    AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2249 - AVG Technologies)
    AVG 2012 (Version: 12.0.4235 - AVG Technologies) Hidden
    AVG 2012 (Version: 12.1.2249 - AVG Technologies) Hidden
    File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version:  - Pow Tools)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    HitFilm 3 Pro (HKLM\...\{5DD88670-7405-4F75-8068-58EF3E6AEFF2}) (Version: 3.0.3521.53492 - FXhome)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla)
    Mozilla Thunderbird 31.3.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 en-US)) (Version: 31.3.0 - Mozilla)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
     
    ==================== Restore Points  =========================
     
    16-12-2014 18:43:42 avast! antivirus system restore point
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {82C43FE8-240E-4B1A-AAB7-CDD8227BB1CC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
    Task: {DC98F501-2276-45BA-9F2F-27B8890CF6E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-03] (Google Inc.)
    Task: {E3783A23-F75A-46D7-A56C-86FB593CB0FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-03] (Google Inc.)
    Task: {F6A8990C-2C4E-4EFE-9802-21A079F4505E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
    Task: {FAC5B6F0-A2B9-459E-9728-5795E9FCDEFF} - System32\Tasks\Open Chrome => Chrome.exe --new-window
    Task: {FD265698-10C8-4F57-8983-0864B8218C3A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-09-15 18:13 - 2014-09-15 18:13 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
    2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
    2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
    2014-12-05 20:38 - 2012-04-01 00:06 - 02689536 _____ () C:\Program Files\File Shredder\fsshell.dll
    2014-12-05 19:43 - 2014-12-05 19:42 - 02640408 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
    2014-12-05 19:43 - 2014-12-05 19:42 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
    2014-09-15 18:13 - 2014-09-15 18:13 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
    2014-12-05 19:43 - 2014-12-05 19:42 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
    2014-12-07 09:09 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2014-12-07 09:09 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2014-12-07 09:09 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2014-12-07 09:09 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2014-12-07 09:09 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
     
    ========================= Accounts: ==========================
     
    a (S-1-5-21-2521725828-3741108149-1002863956-1000 - Administrator - Enabled) => C:\Users\a
    Administrator (S-1-5-21-2521725828-3741108149-1002863956-500 - Administrator - Disabled)
    Guest (S-1-5-21-2521725828-3741108149-1002863956-501 - Limited - Disabled)
     
    ==================== Faulty Device Manager Devices =============
     
    Name: SM Bus Controller
    Description: SM Bus Controller
    Class Guid: 
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (12/18/2014 05:47:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/17/2014 07:33:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/17/2014 05:41:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/16/2014 06:46:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/16/2014 06:34:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/15/2014 05:31:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/14/2014 07:29:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/14/2014 10:55:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/13/2014 11:45:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/13/2014 11:00:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
     
    System errors:
    =============
    Error: (12/18/2014 05:46:35 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 8:27:25 PM on ‎12/‎17/‎2014 was unexpected.
     
    Error: (12/17/2014 08:25:50 PM) (Source: atapi) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Ide\IdePort0.
     
    Error: (12/17/2014 08:25:48 PM) (Source: atapi) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Ide\IdePort0.
     
    Error: (12/17/2014 08:25:48 PM) (Source: atapi) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Ide\IdePort0.
     
    Error: (12/17/2014 08:25:46 PM) (Source: atapi) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Ide\IdePort0.
     
    Error: (12/17/2014 08:25:45 PM) (Source: atapi) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Ide\IdePort0.
     
    Error: (12/17/2014 08:25:44 PM) (Source: atapi) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Ide\IdePort0.
     
    Error: (12/17/2014 08:25:44 PM) (Source: atapi) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Ide\IdePort0.
     
    Error: (12/17/2014 08:25:44 PM) (Source: atapi) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Ide\IdePort0.
     
    Error: (12/17/2014 08:25:30 PM) (Source: atapi) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Ide\IdePort0.
     
     
    Microsoft Office Sessions:
    =========================
    Error: (12/18/2014 05:47:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/17/2014 07:33:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/17/2014 05:41:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/16/2014 06:46:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/16/2014 06:34:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/15/2014 05:31:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/14/2014 07:29:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/14/2014 10:55:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/13/2014 11:45:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (12/13/2014 11:00:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
     
    ==================== Memory info =========================== 
     
    Processor: AMD A8-3850 APU with Radeon™ HD Graphics
    Percentage of memory in use: 21%
    Total physical RAM: 7659.48 MB
    Available physical RAM: 6037.05 MB
    Total Pagefile: 15317.14 MB
    Available Pagefile: 13332.66 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:931.41 GB) (Free:897.94 GB) NTFS
    Drive d: (Dec 16 2014) (CDROM) (Total:0.17 GB) (Free:0 GB) UDF
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 88160B0D)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================


    #8 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 18 December 2014 - 06:57 PM

    I am looking at many instances of Spybot Search and Destroy running, it maybe bumping heads with AVG, why dont you uninstall Spybot, we can reinstall it later if you still want it

     

    Also when windows starts before it loads there should be an option to cancel chkdsk, not always but sometimes when chkdsk continues to run it could be sign of hard drive failure



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #9 TRJolly

    TRJolly

      New Member

    • Authentic Member
    • Pip
    • 7 posts
    • Interests:Wood Working
      Movie Making

    Posted 19 December 2014 - 06:41 PM

    Spybot has been removed. Avg ran a full scan with no lock ups I have run several scans some times it freezes sometimes it doesn't. I have stopped chkdsk a couple of times. When I do windows never loads. Chkdsk never reports anything bad, says everything checked okay. Would a bad hard drive cause a blue screen to show up?



    #10 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 19 December 2014 - 06:49 PM

    Sorry to say sometimes yes but not always, it could be a matter of things

     

    Why dont you post here in our windows forum for help with chkdsk and they can also link you to a program to check your hard drives health

     

    http://forums.whatth...p?showforum=119

     

    I will leave this thread open for you so let me know what they say, if they think its still a virus we can dig deeper if need be



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #11 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 27 December 2014 - 06:13 PM

    Due to inactivity this topic will be closed.
    If you need help please start a new thread.

    New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    Related Topics



    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users