TechSpot

Computer Shutting Down, Suspected Virus or Malware

By Daniel Burkus
Feb 18, 2016
  1. Error
     
    Last edited: Feb 18, 2016
  2. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    Sorry, I do not know what happened. I tried to edit the post and it said the time limit was up. So I am submitting it again.

    First, I must apologize if I am repeating something someone else already asked. I am recovering from cataract surgery, and my vision is impaired -- no peripheral vision, so it is impossible to scan through lists of titles.

    Let me begin with the basics: I am currently living in South Korea. My PC is running Windows 7 Ultimate, and I connect to the internet via a "WiFi egg" from Olleh. My browser is Firefox. My Antivirus is Avast. I have Malwarebytes, Spybot, Super Antispyware, and PC Cleaner. Malwarebytes has consistently given negative results, and usually Super turns up a bunch of .squlte cookies, as does Spybot.

    Last Autumn my PC was fried because of wiring issues (the fault of the landlord), and a friend of mine finally helped to rebuilt the machine (new main board and graphics card, and so forth) last month. The Windows 7 Ultimate OS was installed on a new hard drive, and the updates are up-to-date. Last week the machine started acting strangely, and I immediately ran an Avast boot time scan, which was negative.

    I do not surf on line. I mostly just check e-mail and news, and make use of on line dictionaries (when I am working on my translations). I publish my translations in a blog on Tumblr, and occasionally look through other blogs. I suspect that the infection may have been contracted through Tumblr -- their "suggestions" seem frequently to lead to dead or dangerous blogs.

    As for symptoms, the PC just crashes spontaneously (while I am reading the news, for example). The machine has 3 hard drives, and sometimes (though not every time) one of the hard drives that was off suddenly turned on (I heard it start up) and then the PC crashes. I have always supposed that I was running full scans, but...I do not know what to think now. And when I entered "safe mode" and tried to run a freshly downloaded version of Dr. Web, the machine crashed again during the scan.

    My PC has been crashing (shutting down suddenly without parking) with increasing frequency since the beginning of the week, yet malware scans either show nothing (Emsisoft Emergency Kit, deep scan with latest definitions), or crash (the machine shuts down) while in progress -- including a scan by Windows Defender (two new updates for which have been received from Microsoft in as many days, possibly in response to the numerous shut-downs).

    Another thing: since these problems have started happening, I have noticed an A: drive icon appearing in My Computer. My PC does not have a floppy drive -- and this icon was not present until a week or two ago. When I checked this drive (properties), it indicates that the disc is full (all blue). This strikes me as odd.

    Also, there is a small built-in display on the PC unit that "used to" show the CPU temperature and cooling fans, and this has stopped working. I will assume around the time (at the time) of the presumed infection (because of issues with my eyesight, I can not see anything that I am not looking at directly; as the PC unit is under the table on which the monitor and keyboard sit, it is out of the range of my vision unless I stare directly at it, which I usually am not in the habit of doing). And I have not noticed any sound from the cooling fans connected to this unit (which are quite noisy) recently.

    I guess that is enough for a start. I would deeply appreciate any help that anyone might be able to give. Thank you for your time, and please have a good day.

    -- Daniel M. Burkus
     
  3. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
     
  4. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-02-2016
    Ran by Daniel Burkus (administrator) on PC (19-02-2016 07:41:15)
    Running from C:\Users\Daniel Burkus\Desktop\Downloads
    Loaded Profiles: Daniel Burkus (Available Profiles: Daniel Burkus)
    Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
    () C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
    () C:\Program Files\Unlocker\UnlockerAssistant.exe
    (Kakao Corp. ) C:\Program Files\Kakao\KakaoTalk\KakaoTalk.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
    () C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-29] (AVAST Software)
    HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-05] ()
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-28] (Adobe Systems Incorporated)
    HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
    Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
    HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\Run: [KakaoTalk] => C:\Program Files\Kakao\KakaoTalk\KakaoTalk.exe [6374720 2016-01-25] (Kakao Corp. )
    HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6819232 2016-01-22] (SUPERAntiSpyware)
    HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2016-01-29] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-01-29] (AVAST Software)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Smart Wizard.lnk [2016-01-29]
    ShortcutTarget: NETGEAR WNDA3100v2 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
    BootExecute: autocheck autochk * sdnclean.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: 127.0.0.1 localhost
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{66B87001-DA33-470B-9512-77BE9AE4D883}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{8B6A2BDC-C91C-41DA-8117-5DF8284C8C25}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{B3CE4C30-3C2F-4806-AE63-1892B7E644A5}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-1259038908-1583320175-680065255-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-28] (Adobe Systems Incorporated)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-29] (AVAST Software)
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    FireFox:
    ========
    FF ProfilePath: C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default
    FF Homepage: hxxps://login.yahoo.com/?.src=ym&.intl=us&.lang=en-US&.done=https%3a//mail.yahoo.com
    FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
    FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
    FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-28] (Adobe Systems Inc.)
    FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\extensions\artur.dubovoy@gmail.com [2016-01-29]
    FF Extension: Restart application - C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\extensions\{c0af4d2f-2ce4-9471-49e2-1e5ca8a57dd2}.xpi [2016-01-29]
    FF Extension: Image and Flash Blocker - C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\extensions\imgflashblocker@shimon.chohen.xpi [2016-01-29]
    FF Extension: Webmail Ad Blocker - C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\Extensions\gmailnoads@mywebber.com.xpi [2016-01-29]
    FF Extension: NO Google Analytics - C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\Extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi [2016-01-29]
    FF Extension: Smart Ads Blocker - C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\Extensions\jid1-LYopfl0r00ZV5k@jetpack.xpi [2016-01-29]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-29]
    FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-01-29]

    Chrome:
    =======
    CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-01-29]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-29]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-29] (AVAST Software)
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
    R2 WSWNDA3100; C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe [272864 2010-08-19] ()

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 A2DDA; C:\EEK\RUN\a2ddax86.sys [22056 2014-05-14] (Emsisoft GmbH)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2016-01-29] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2016-01-29] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2016-01-29] (AVAST Software)
    R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2016-01-29] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [812208 2016-01-29] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449384 2016-01-29] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [117712 2016-01-29] (AVAST Software)
    R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2016-01-29] (AVAST Software)
    S3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [699896 2009-11-06] (Broadcom Corporation)
    S3 cleanhlp; C:\EEK\Run\cleanhlp32.sys [50200 2014-05-14] (Emsisoft GmbH)
    S3 eapihdrv; C:\Users\Daniel Burkus\AppData\Local\Temp\ehdrv.sys [135760 2016-02-18] (ESET)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
    S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows (R) Codename Longhorn DDK provider)
    R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
    R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
    R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
    R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
    S1 epp32; \??\C:\Users\Daniel Burkus\Desktop\RUN\epp32.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-05] () [File not signed]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-18 21:37 - 2016-02-18 21:37 - 00000000 ____D C:\Program Files\ESET
    2016-02-18 21:35 - 2016-02-18 21:37 - 00206066 _____ C:\TDSSKiller.3.1.0.9_18.02.2016_21.35.38_log.txt
    2016-02-18 20:37 - 2016-02-18 20:41 - 00003848 _____ C:\Users\Daniel Burkus\Desktop\Rkill.txt
    2016-02-18 17:00 - 2016-02-18 17:00 - 00000111 _____ C:\Users\Daniel Burkus\Desktop\TechSpot URL.txt
    2016-02-18 16:56 - 2016-02-18 16:56 - 00006946 _____ C:\Users\Daniel Burkus\Desktop\TechSpot Post.txt
    2016-02-18 15:31 - 2016-02-18 15:31 - 00000000 ____D C:\Users\Daniel Burkus\Personal History and Related Documents (+ Address)
    2016-02-18 15:31 - 2015-11-14 13:34 - 00000618 _____ C:\Users\Daniel Burkus\Desktop\On-line Dictionaries.txt
    2016-02-18 15:31 - 2014-10-17 19:19 - 00000590 _____ C:\Users\Daniel Burkus\Desktop\On-line Book Downloads.txt
    2016-02-18 15:21 - 2016-02-18 15:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
    2016-02-18 14:54 - 2016-02-18 14:54 - 00147618 _____ C:\Users\Daniel Burkus\Desktop\Microsoft’s Free Security Tools – Microsoft Safety Scanner (MSERT).htm
    2016-02-18 14:54 - 2016-02-18 14:54 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Microsoft’s Free Security Tools – Microsoft Safety Scanner (MSERT)_files
    2016-02-18 14:34 - 2016-02-18 14:35 - 00144786 _____ C:\Users\Daniel Burkus\Desktop\How to Slow Down an Animated GIF in GIMP.htm
    2016-02-18 14:34 - 2016-02-18 14:35 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\How to Slow Down an Animated GIF in GIMP_files
    2016-02-18 14:33 - 2016-02-18 14:35 - 76225536 _____ (The GIMP Team ) C:\Users\Daniel Burkus\Desktop\gimp-2.8.0-setup.exe
    2016-02-18 10:22 - 2016-02-18 10:22 - 36004862 _____ C:\Users\Daniel Burkus\Desktop\Meditation (HuffPost).mp4
    2016-02-18 09:42 - 2016-02-18 09:42 - 00003272 ____N C:\bootsqm.dat
    2016-02-18 09:04 - 2016-02-18 09:04 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ADS Scanner 2
    2016-02-18 09:04 - 2016-02-18 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADS Scanner 2
    2016-02-18 09:04 - 2016-02-18 09:04 - 00000000 ____D C:\Program Files\Pointstone
    2016-02-18 06:51 - 2016-02-18 06:52 - 05722200 _____ C:\Users\Daniel Burkus\Desktop\attack puppy.mp4
    2016-02-17 17:11 - 2016-02-17 20:51 - 00000000 ____D C:\EEK
    2016-02-17 16:25 - 2016-02-17 16:26 - 00203156 _____ C:\TDSSKiller.3.1.0.9_17.02.2016_16.25.26_log.txt
    2016-02-17 09:00 - 2016-02-17 12:07 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\CrashDumps
    2016-02-17 08:42 - 2016-02-19 07:41 - 00000000 ____D C:\FRST
    2016-02-16 21:34 - 2016-02-16 21:34 - 00139775 _____ C:\Users\Daniel Burkus\Desktop\How to remove BitLocker encryption on Windows 7 - Microsoft Community.htm
    2016-02-16 21:34 - 2016-02-16 21:34 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\How to remove BitLocker encryption on Windows 7 - Microsoft Community_files
    2016-02-16 21:33 - 2016-02-16 21:33 - 00071472 _____ C:\Users\Daniel Burkus\Desktop\Turning Off BitLocker Drive Encryption (Windows 7).htm
    2016-02-16 21:33 - 2016-02-16 21:33 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Turning Off BitLocker Drive Encryption (Windows 7)_files
    2016-02-16 20:13 - 2016-02-16 20:12 - 00000268 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (5), Notes.txt
    2016-02-16 20:13 - 2016-02-16 20:12 - 00000268 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (4), Notes.txt
    2016-02-16 20:13 - 2016-02-16 20:12 - 00000268 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (3), Notes.txt
    2016-02-16 20:13 - 2016-02-16 20:12 - 00000268 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (2), Notes.txt
    2016-02-16 20:12 - 2016-02-16 20:12 - 00000268 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (1), Notes.txt
    2016-02-16 20:08 - 2016-02-16 20:11 - 00000304 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (5).txt
    2016-02-16 20:08 - 2016-02-16 20:10 - 00000304 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (4).txt
    2016-02-16 20:08 - 2016-02-16 20:10 - 00000304 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (3).txt
    2016-02-16 20:08 - 2016-02-16 20:10 - 00000304 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (2).txt
    2016-02-16 20:06 - 2016-02-16 20:10 - 00000306 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (1).txt
    2016-02-16 20:05 - 2016-02-16 20:05 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho
    2016-02-16 14:24 - 2016-02-16 14:24 - 00000176 _____ C:\Users\Daniel Burkus\Desktop\Bleeping Computer Question URL.txt
    2016-02-16 12:55 - 2016-02-16 13:09 - 00205484 _____ C:\TDSSKiller.3.1.0.9_16.02.2016_12.55.34_log.txt
    2016-02-15 15:37 - 2016-02-15 15:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
    2016-02-15 14:58 - 2016-02-18 20:11 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2016-02-15 14:57 - 2016-02-18 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2016-02-15 14:57 - 2016-02-18 20:10 - 00000000 ____D C:\Program Files\RogueKiller
    2016-02-15 14:57 - 2016-02-15 15:30 - 00000000 ____D C:\ProgramData\RogueKiller
    2016-02-15 14:36 - 2016-02-15 14:39 - 00204716 _____ C:\TDSSKiller.3.1.0.9_15.02.2016_14.36.18_log.txt
    2016-02-15 14:34 - 2016-02-15 14:34 - 00000366 _____ C:\TDSSKiller.3.0.0.34_15.02.2016_14.34.02_log.txt
    2016-02-15 13:47 - 2016-02-15 13:48 - 00000000 ____D C:\Users\Daniel Burkus\Mozilla ''Black-screen'' problem
    2016-02-15 11:26 - 2016-02-15 11:26 - 00000145 _____ C:\Users\Daniel Burkus\Desktop\For O Seung-il.txt
    2016-02-15 10:49 - 2016-02-15 10:50 - 00000000 ____D C:\Users\Daniel Burkus\HP DeskJet Printer Manuals
    2016-02-14 07:49 - 2016-02-14 07:48 - 00451006 ____R C:\Windows\system32\Drivers\etc\hosts.20160214-074935.backup
    2016-02-14 07:48 - 2016-02-05 20:00 - 00001048 _____ C:\Windows\system32\Drivers\etc\hosts.20160214-074847.backup
    2016-02-13 22:15 - 2016-02-13 22:16 - 00196568 _____ C:\TDSSKiller.3.0.0.34_13.02.2016_22.15.54_log.txt
    2016-02-13 21:56 - 2016-02-19 07:35 - 00825382 _____ C:\Windows\ntbtlog.txt
    2016-02-13 15:55 - 2016-02-13 15:55 - 04685551 _____ C:\Users\Daniel Burkus\Desktop\who is dada.mp4
    2016-02-12 06:49 - 2016-02-12 09:39 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2016-02-11 22:16 - 2016-02-12 21:51 - 00000561 _____ C:\Users\Daniel Burkus\Desktop\Windows Update.lnk
    2016-02-10 18:33 - 2016-02-10 18:33 - 00954510 _____ C:\Users\Daniel Burkus\Desktop\puppy sings to singing greeting card.mp4
    2016-02-10 08:11 - 2016-01-22 15:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2016-02-10 08:11 - 2016-01-22 15:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-02-10 08:11 - 2016-01-22 15:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-02-10 08:11 - 2016-01-22 15:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2016-02-10 08:11 - 2016-01-22 15:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-02-10 08:11 - 2016-01-22 15:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2016-02-10 08:11 - 2016-01-22 15:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2016-02-10 08:11 - 2016-01-22 15:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2016-02-10 08:11 - 2016-01-22 15:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2016-02-10 08:11 - 2016-01-22 15:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2016-02-10 08:11 - 2016-01-22 15:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2016-02-10 08:11 - 2016-01-22 15:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-02-10 08:11 - 2016-01-22 15:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2016-02-10 08:11 - 2016-01-22 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2016-02-10 08:11 - 2016-01-22 15:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
    2016-02-10 08:11 - 2016-01-22 15:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2016-02-10 08:11 - 2016-01-22 14:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2016-02-10 08:11 - 2016-01-22 14:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2016-02-10 08:11 - 2016-01-22 13:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2016-02-10 08:11 - 2016-01-22 13:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2016-02-10 08:11 - 2016-01-22 13:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2016-02-10 08:11 - 2016-01-22 13:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2016-02-10 08:11 - 2016-01-22 13:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2016-02-10 08:11 - 2016-01-22 13:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2016-02-10 08:11 - 2016-01-22 13:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2016-02-10 08:11 - 2016-01-22 13:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 13:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 13:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 13:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-17 03:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2016-02-10 08:11 - 2016-01-17 03:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2016-02-10 08:11 - 2016-01-11 23:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2016-02-10 08:11 - 2016-01-11 23:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2016-02-10 08:11 - 2016-01-11 23:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2016-02-10 08:11 - 2016-01-11 23:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2016-02-10 08:11 - 2016-01-11 23:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2016-02-10 08:10 - 2016-02-06 19:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-02-10 08:10 - 2016-02-06 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-02-10 08:10 - 2016-02-06 18:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-02-10 08:10 - 2016-02-06 18:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2016-02-10 08:10 - 2016-02-06 18:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-02-10 08:10 - 2016-02-06 17:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-02-10 08:10 - 2016-01-22 15:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2016-02-10 08:10 - 2016-01-22 15:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2016-02-10 08:10 - 2016-01-22 14:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2016-02-10 08:10 - 2016-01-22 14:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
    2016-02-10 08:10 - 2016-01-17 03:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2016-02-10 08:10 - 2016-01-08 02:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-02-10 08:10 - 2016-01-08 02:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2016-02-10 08:10 - 2016-01-07 03:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2016-02-10 08:10 - 2016-01-07 02:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2016-02-10 08:09 - 2016-01-23 05:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2016-02-10 08:09 - 2016-01-22 15:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2016-02-10 08:09 - 2016-01-22 15:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-02-10 08:09 - 2016-01-22 15:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2016-02-10 08:09 - 2016-01-22 15:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-02-10 08:09 - 2016-01-22 15:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2016-02-10 08:09 - 2016-01-22 15:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2016-02-10 08:09 - 2016-01-22 14:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-02-10 08:09 - 2016-01-22 14:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2016-02-10 08:09 - 2016-01-22 14:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2016-02-10 08:09 - 2016-01-22 14:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-02-10 08:09 - 2016-01-22 14:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2016-02-10 08:09 - 2016-01-22 14:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2016-02-10 08:09 - 2016-01-22 14:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2016-02-10 08:09 - 2016-01-22 14:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-02-10 08:09 - 2016-01-22 14:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2016-02-10 08:09 - 2016-01-22 14:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2016-02-10 08:09 - 2016-01-22 14:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2016-02-10 08:09 - 2016-01-22 14:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-02-10 08:09 - 2016-01-22 14:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-02-10 08:09 - 2016-01-22 14:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-02-10 08:09 - 2016-01-22 14:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2016-02-10 08:09 - 2016-01-22 14:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2016-02-10 08:09 - 2016-01-22 14:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-02-10 08:09 - 2016-01-22 14:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2016-02-10 08:09 - 2016-01-22 14:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-02-10 08:09 - 2016-01-22 14:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2016-02-10 08:09 - 2016-01-22 14:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-02-10 08:09 - 2016-01-22 14:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2016-02-10 08:09 - 2016-01-12 03:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2016-02-10 08:09 - 2016-01-12 03:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2016-02-10 08:09 - 2016-01-12 03:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
     
  5. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    2016-02-10 08:09 - 2016-01-12 03:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2016-02-10 08:09 - 2016-01-12 03:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2016-02-10 08:09 - 2016-01-12 03:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2016-02-10 08:09 - 2016-01-12 03:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2016-02-10 08:09 - 2016-01-12 03:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2016-02-10 08:09 - 2016-01-12 03:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2016-02-10 08:09 - 2016-01-12 03:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2016-02-10 08:09 - 2016-01-12 03:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2016-02-09 21:49 - 2015-07-30 22:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-02-09 15:38 - 2016-02-09 21:46 - 00032856 _____ C:\Users\Daniel Burkus\Desktop\git'on mules.jpeg
    2016-02-09 12:43 - 2009-09-27 09:39 - 00415744 ___SH (The Public) C:\Windows\system32\avisynth.dll
    2016-02-09 12:43 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\system32\AVSredirect.dll
    2016-02-09 12:43 - 2004-02-22 10:11 - 00764416 ___SH (Abysmal Software) C:\Windows\system32\devil.dll
    2016-02-09 12:43 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\system32\yv12vfw.dll
    2016-02-09 12:43 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\system32\i420vfw.dll
    2016-02-09 07:41 - 2016-02-09 07:41 - 00000459 _____ C:\Users\Daniel Burkus\Desktop\Kat Parasite for Bill.txt
    2016-02-07 13:30 - 2016-02-07 13:30 - 00127882 _____ C:\Users\Daniel Burkus\Desktop\Chinese Zodiac.jpeg
    2016-02-06 17:28 - 2016-02-13 13:44 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\vlc
    2016-02-06 17:27 - 2016-02-06 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2016-02-06 17:26 - 2016-02-06 17:26 - 00000000 ____D C:\Program Files\VideoLAN
    2016-02-05 19:18 - 2016-02-09 17:05 - 00000000 ____D C:\Users\Daniel Burkus\Doctor Web
    2016-02-04 22:12 - 2016-02-04 22:12 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Diplodocidae (Dinosauria, Sauropoda)
    2016-02-02 19:48 - 2016-02-02 19:49 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\This could be a pipe - Foucault, irrealism and ''Ceci n'est pas une pipe''
    2016-02-01 18:47 - 2016-02-01 18:47 - 00000000 ____D C:\Windows\system32\spp32
    2016-02-01 15:43 - 2016-02-01 15:43 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\ElevatedDiagnostics
    2016-01-31 19:55 - 2016-02-11 06:13 - 00000000 ___SD C:\Windows\system32\CompatTel
    2016-01-31 19:55 - 2016-02-11 06:13 - 00000000 ____D C:\Windows\system32\appraiser
    2016-01-31 19:35 - 2016-01-31 19:35 - 00000000 ____H C:\Windows\system32\Default.rdp
    2016-01-31 17:25 - 2016-01-31 17:25 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\GWX
    2016-01-31 15:46 - 2012-02-11 14:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2016-01-31 15:45 - 2015-11-17 05:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2016-01-31 15:45 - 2015-06-04 05:17 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2016-01-31 15:45 - 2011-03-11 14:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
    2016-01-31 15:44 - 2014-07-09 10:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2016-01-31 15:44 - 2014-07-09 10:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2016-01-31 15:44 - 2014-07-09 10:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2016-01-31 15:44 - 2014-07-09 10:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2016-01-31 15:44 - 2014-07-09 10:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2016-01-31 15:44 - 2013-11-26 17:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
    2016-01-31 15:44 - 2011-03-11 14:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
    2016-01-31 15:44 - 2011-03-11 14:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
    2016-01-31 15:44 - 2011-03-11 14:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
    2016-01-31 15:44 - 2011-03-11 14:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
    2016-01-31 15:44 - 2011-03-11 14:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
    2016-01-31 15:44 - 2011-03-11 14:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
    2016-01-31 15:44 - 2011-03-11 13:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
    2016-01-31 14:33 - 2016-01-31 14:33 - 00000000 ____D C:\eRightSoft
    2016-01-31 08:35 - 2015-11-11 03:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2016-01-31 08:35 - 2015-11-11 03:39 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2016-01-31 08:35 - 2009-07-14 10:16 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2016-01-31 08:34 - 2015-02-03 12:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2016-01-31 08:33 - 2015-12-09 06:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2016-01-31 08:33 - 2015-07-31 02:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2016-01-31 08:32 - 2015-02-04 11:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2016-01-31 03:17 - 2015-01-09 08:44 - 00419936 _____ C:\Windows\system32\locale.nls
    2016-01-31 02:44 - 2016-01-31 02:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2016-01-31 02:44 - 2016-01-31 02:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2016-01-31 02:44 - 2016-01-31 02:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2016-01-31 02:44 - 2016-01-31 02:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2016-01-31 02:44 - 2016-01-31 02:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2016-01-31 02:44 - 2016-01-31 02:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2016-01-31 02:44 - 2016-01-31 02:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2016-01-31 02:44 - 2016-01-31 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2016-01-31 02:44 - 2016-01-31 02:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2016-01-31 02:42 - 2016-01-31 02:42 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
    2016-01-31 02:42 - 2016-01-31 02:42 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2016-01-31 00:46 - 2016-01-31 00:57 - 00000000 ___SD C:\Windows\system32\GWX
    2016-01-30 23:23 - 2012-07-26 12:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
    2016-01-30 23:23 - 2012-07-26 12:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
    2016-01-30 23:23 - 2012-07-26 12:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
    2016-01-30 23:23 - 2012-07-26 12:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
    2016-01-30 23:23 - 2012-07-26 12:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
    2016-01-30 23:23 - 2012-07-26 11:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
    2016-01-30 23:23 - 2012-07-26 11:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
    2016-01-30 23:23 - 2012-06-02 23:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
    2016-01-30 23:20 - 2014-07-01 07:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
    2016-01-30 23:20 - 2014-06-06 15:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2016-01-30 23:20 - 2014-03-10 06:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
    2016-01-30 23:20 - 2014-03-10 06:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
    2016-01-30 23:19 - 2012-03-01 14:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
    2016-01-30 23:19 - 2012-03-01 14:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
    2016-01-30 21:51 - 2009-06-11 06:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160130-215144.backup
    2016-01-30 20:04 - 2015-01-09 11:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
    2016-01-30 20:04 - 2015-01-09 11:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
    2016-01-30 20:04 - 2015-01-09 11:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
    2016-01-30 19:55 - 2015-01-29 12:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2016-01-30 19:55 - 2013-09-08 11:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
    2016-01-30 19:55 - 2013-07-03 12:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
    2016-01-30 19:55 - 2013-07-03 12:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
    2016-01-30 19:54 - 2015-07-18 22:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
    2016-01-30 19:54 - 2015-07-18 22:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
    2016-01-30 19:54 - 2015-07-11 02:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2016-01-30 19:54 - 2015-07-11 02:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
    2016-01-30 19:54 - 2015-07-11 02:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
    2016-01-30 19:54 - 2013-10-04 10:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
    2016-01-30 19:54 - 2013-10-04 10:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
    2016-01-30 19:54 - 2012-07-05 04:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
    2016-01-30 19:53 - 2013-02-12 12:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
    2016-01-30 19:53 - 2011-04-29 11:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2016-01-30 19:53 - 2011-04-29 11:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2016-01-30 19:53 - 2011-04-29 11:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2016-01-30 19:52 - 2015-11-12 03:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
    2016-01-30 19:52 - 2015-11-12 03:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
    2016-01-30 19:52 - 2015-09-23 22:09 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2016-01-30 19:52 - 2015-09-23 22:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2016-01-30 19:52 - 2015-07-10 02:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
    2016-01-30 19:52 - 2015-07-10 02:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
    2016-01-30 19:52 - 2015-07-02 05:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2016-01-30 19:52 - 2015-07-02 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2016-01-30 19:52 - 2013-10-30 11:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
    2016-01-30 19:52 - 2012-11-02 14:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
    2016-01-30 19:52 - 2011-06-16 13:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
    2016-01-30 19:52 - 2011-02-18 14:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
    2016-01-30 19:51 - 2015-08-28 02:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2016-01-30 19:51 - 2015-08-28 02:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2016-01-30 19:51 - 2015-08-28 02:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
    2016-01-30 19:51 - 2015-08-28 02:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2016-01-30 19:51 - 2015-08-06 02:41 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2016-01-30 19:51 - 2013-01-24 13:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
    2016-01-30 19:50 - 2015-06-16 06:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2016-01-30 19:50 - 2015-06-16 06:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2016-01-30 19:50 - 2015-06-16 06:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    2016-01-30 19:50 - 2015-06-16 06:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
    2016-01-30 19:50 - 2014-11-11 11:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2016-01-30 19:50 - 2014-06-16 10:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2016-01-30 19:50 - 2014-06-16 10:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2016-01-30 19:50 - 2014-06-16 10:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2016-01-30 19:50 - 2013-10-19 10:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
    2016-01-30 19:50 - 2011-03-03 14:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2016-01-30 19:50 - 2011-03-03 14:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2016-01-30 19:50 - 2011-03-03 14:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
    2016-01-30 19:49 - 2015-10-30 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2016-01-30 19:49 - 2015-10-30 02:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2016-01-30 19:49 - 2015-10-30 02:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2016-01-30 19:49 - 2015-10-30 02:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2016-01-30 19:49 - 2015-07-16 02:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2016-01-30 19:49 - 2015-07-16 02:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2016-01-30 19:49 - 2015-07-16 02:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
    2016-01-30 19:49 - 2015-06-12 02:57 - 00919552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2016-01-30 19:49 - 2015-06-12 02:15 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2016-01-30 19:49 - 2015-06-12 02:15 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
    2016-01-30 19:49 - 2014-08-12 10:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
    2016-01-30 19:49 - 2014-03-04 18:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
    2016-01-30 19:49 - 2014-03-04 18:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
    2016-01-30 19:49 - 2014-03-04 18:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
    2016-01-30 19:49 - 2014-03-04 18:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
    2016-01-30 19:49 - 2014-03-04 18:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
    2016-01-30 19:49 - 2014-03-04 18:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
    2016-01-30 19:49 - 2014-03-04 18:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
    2016-01-30 19:49 - 2013-10-12 11:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
    2016-01-30 19:49 - 2013-10-12 11:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
    2016-01-30 19:49 - 2013-10-12 10:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
    2016-01-30 19:49 - 2013-10-12 10:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
    2016-01-30 19:49 - 2012-08-22 05:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
    2016-01-30 19:48 - 2015-11-06 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2016-01-30 19:48 - 2015-10-14 01:31 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2016-01-30 19:48 - 2015-10-14 01:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2016-01-30 19:48 - 2013-05-10 12:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
    2016-01-30 19:48 - 2011-12-30 14:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
    2016-01-30 19:48 - 2011-08-17 13:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
    2016-01-30 19:48 - 2011-08-17 13:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
    2016-01-30 19:48 - 2011-05-24 19:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
    2016-01-30 19:47 - 2015-10-13 13:50 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2016-01-30 19:47 - 2015-09-02 11:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2016-01-30 19:47 - 2015-09-02 11:48 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2016-01-30 19:47 - 2015-09-02 11:48 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2016-01-30 19:47 - 2015-09-02 11:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2016-01-30 19:47 - 2015-09-02 10:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2016-01-30 19:47 - 2014-09-04 14:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2016-01-30 19:47 - 2014-01-28 11:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2016-01-30 19:47 - 2013-03-19 12:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
    2016-01-30 19:47 - 2011-08-27 13:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
    2016-01-30 19:46 - 2015-11-04 03:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
    2016-01-30 19:46 - 2015-04-11 12:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
    2016-01-30 19:46 - 2015-03-04 13:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
    2016-01-30 19:46 - 2015-03-04 13:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2016-01-30 19:46 - 2015-01-17 11:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2016-01-30 19:46 - 2013-08-28 09:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
    2016-01-30 19:46 - 2013-05-13 12:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
    2016-01-30 19:46 - 2013-05-13 12:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
    2016-01-30 19:46 - 2013-04-26 13:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2016-01-30 19:46 - 2011-05-03 13:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2016-01-30 19:45 - 2015-07-23 02:53 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2016-01-30 19:45 - 2015-07-23 02:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2016-01-30 19:45 - 2015-07-23 01:38 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2016-01-30 19:45 - 2014-02-04 11:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
    2016-01-30 19:45 - 2014-02-04 11:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2016-01-30 19:45 - 2014-02-04 11:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
    2016-01-30 19:45 - 2014-02-04 11:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
    2016-01-30 19:45 - 2012-10-04 01:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
    2016-01-30 19:45 - 2012-10-04 01:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
    2016-01-30 19:45 - 2012-10-04 01:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
    2016-01-30 19:45 - 2012-10-04 00:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
    2016-01-30 19:43 - 2015-07-10 02:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2016-01-30 19:43 - 2015-07-10 02:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2016-01-30 19:43 - 2014-06-18 10:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2016-01-30 19:43 - 2012-07-05 06:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
    2016-01-30 19:43 - 2012-07-05 06:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
    2016-01-30 19:43 - 2012-07-05 06:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
    2016-01-30 19:43 - 2012-06-06 14:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
    2016-01-30 19:43 - 2011-05-04 13:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2016-01-30 19:43 - 2011-05-04 13:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2016-01-30 19:43 - 2011-05-04 13:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2016-01-30 19:43 - 2011-05-04 13:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2016-01-30 19:43 - 2011-05-04 13:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
    2016-01-30 19:43 - 2011-05-04 13:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
    2016-01-30 19:43 - 2011-05-04 13:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2016-01-30 19:43 - 2011-05-04 13:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2016-01-30 19:43 - 2011-05-04 13:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
    2016-01-30 19:43 - 2011-02-12 14:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
    2016-01-30 19:42 - 2015-05-26 03:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2016-01-30 19:42 - 2015-05-26 03:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2016-01-30 19:42 - 2015-05-26 03:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2016-01-30 19:42 - 2015-05-26 03:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
    2016-01-30 19:42 - 2015-05-26 03:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2016-01-30 19:42 - 2015-05-26 03:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
    2016-01-30 19:42 - 2015-04-18 11:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2016-01-30 19:42 - 2014-01-24 11:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2016-01-30 19:42 - 2013-04-26 08:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
    2016-01-30 19:42 - 2010-12-23 14:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
    2016-01-30 19:42 - 2010-12-23 14:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
    2016-01-30 19:41 - 2015-11-04 03:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
    2016-01-30 19:41 - 2015-04-28 04:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2016-01-30 19:41 - 2015-04-28 04:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2016-01-30 19:41 - 2015-04-28 04:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2016-01-30 19:41 - 2015-04-28 04:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
    2016-01-30 19:41 - 2015-04-13 12:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2016-01-30 19:40 - 2015-12-09 06:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2016-01-30 19:40 - 2015-12-09 06:53 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2016-01-30 19:40 - 2015-10-02 02:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2016-01-30 19:40 - 2015-10-02 02:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2016-01-30 19:40 - 2015-10-02 02:50 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2016-01-30 19:40 - 2015-10-02 02:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2016-01-30 19:40 - 2015-10-02 02:50 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2016-01-30 19:40 - 2015-10-02 01:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2016-01-30 19:40 - 2014-08-01 20:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2016-01-30 19:40 - 2014-04-05 11:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2016-01-30 19:40 - 2014-04-05 11:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2016-01-30 19:40 - 2013-11-26 20:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
    2016-01-30 19:39 - 2014-06-19 07:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
    2016-01-30 19:39 - 2014-06-19 07:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
    2016-01-30 19:39 - 2014-06-19 07:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
    2016-01-30 19:39 - 2012-12-07 21:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
    2016-01-30 19:39 - 2012-12-07 21:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
    2016-01-30 19:39 - 2012-12-07 19:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
    2016-01-30 19:39 - 2012-12-07 19:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
    2016-01-30 19:36 - 2015-11-06 04:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
    2016-01-30 19:36 - 2015-11-05 18:48 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2016-01-30 19:36 - 2015-02-03 12:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2016-01-30 19:36 - 2014-12-19 11:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2016-01-30 19:36 - 2014-12-12 02:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2016-01-30 19:36 - 2014-11-26 12:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2016-01-30 19:36 - 2014-10-25 10:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2016-01-30 19:36 - 2013-07-26 10:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
    2016-01-30 19:36 - 2012-09-26 07:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
    2016-01-30 19:36 - 2012-03-17 16:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
    2016-01-30 19:36 - 2011-12-16 16:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
    2016-01-30 19:36 - 2011-11-17 14:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
    2016-01-30 19:36 - 2011-06-15 17:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
    2016-01-30 19:36 - 2011-06-15 17:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
    2016-01-30 19:36 - 2011-06-15 17:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
    2016-01-30 19:36 - 2011-06-15 17:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
    2016-01-30 19:36 - 2011-06-15 17:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
    2016-01-30 19:35 - 2015-11-14 07:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
    2016-01-30 19:35 - 2015-11-14 07:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
    2016-01-30 19:35 - 2015-11-14 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
    2016-01-30 19:35 - 2015-02-18 16:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2016-01-30 19:35 - 2014-10-30 10:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
    2016-01-30 19:35 - 2014-07-17 10:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
    2016-01-30 19:35 - 2014-07-17 10:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
    2016-01-30 19:35 - 2014-07-17 10:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2016-01-30 19:35 - 2014-07-17 10:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
    2016-01-30 19:35 - 2014-07-17 10:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
    2016-01-30 19:35 - 2014-07-17 10:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
    2016-01-30 19:35 - 2013-10-12 11:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2016-01-30 19:35 - 2013-10-12 11:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2016-01-30 19:35 - 2013-10-12 11:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
    2016-01-30 19:35 - 2013-08-05 10:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
    2016-01-30 19:35 - 2012-05-14 13:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2016-01-30 19:35 - 2012-04-26 13:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
    2016-01-30 19:35 - 2012-04-26 13:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
    2016-01-30 19:35 - 2012-01-04 17:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
    2016-01-30 19:34 - 2015-06-25 18:48 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2016-01-30 19:34 - 2015-06-25 18:44 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2016-01-30 19:34 - 2012-11-23 11:48 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
    2016-01-30 19:34 - 2012-10-10 02:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
    2016-01-30 19:34 - 2012-10-10 02:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
    2016-01-30 19:33 - 2015-07-15 11:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
    2016-01-30 19:33 - 2015-04-30 03:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2016-01-30 19:33 - 2015-04-30 03:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
    2016-01-30 19:33 - 2015-04-30 03:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
    2016-01-30 19:33 - 2015-04-30 03:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
    2016-01-30 19:33 - 2015-04-30 03:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2016-01-30 19:33 - 2015-02-25 12:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2016-01-30 19:33 - 2014-12-06 12:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2016-01-30 19:33 - 2014-01-29 11:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2016-01-30 19:33 - 2013-07-12 19:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
    2016-01-30 19:33 - 2012-10-04 01:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2016-01-30 19:33 - 2012-10-04 01:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2016-01-30 19:33 - 2011-03-11 14:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
    2016-01-30 19:33 - 2011-03-11 14:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
    2016-01-30 19:33 - 2011-02-23 13:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
    2016-01-30 19:32 - 2015-12-09 06:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2016-01-30 19:32 - 2015-12-09 06:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
    2016-01-30 19:32 - 2015-12-09 06:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
    2016-01-30 19:32 - 2015-12-09 06:54 - 01202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
    2016-01-30 19:32 - 2015-12-09 06:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
    2016-01-30 19:32 - 2015-12-09 06:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
    2016-01-30 19:32 - 2015-12-09 06:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
    2016-01-30 19:32 - 2015-12-09 06:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
    2016-01-30 19:32 - 2015-12-09 06:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
    2016-01-30 19:32 - 2015-12-09 06:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
    2016-01-30 19:32 - 2015-12-09 06:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
    2016-01-30 19:32 - 2015-12-09 06:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
    2016-01-30 19:32 - 2015-12-09 06:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2016-01-30 19:32 - 2015-12-09 06:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2016-01-30 19:32 - 2015-12-09 06:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
    2016-01-30 19:32 - 2015-12-09 06:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
    2016-01-30 19:32 - 2015-12-09 06:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
    2016-01-30 19:32 - 2015-12-09 06:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
    2016-01-30 19:32 - 2015-12-09 06:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2016-01-30 19:32 - 2015-12-09 06:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2016-01-30 19:32 - 2015-12-09 06:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
    2016-01-30 19:32 - 2015-12-09 06:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2016-01-30 19:32 - 2015-12-09 06:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
    2016-01-30 19:32 - 2015-12-09 06:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
    2016-01-30 19:32 - 2015-12-09 06:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
    2016-01-30 19:32 - 2015-12-09 06:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
    2016-01-30 19:32 - 2015-12-09 06:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
    2016-01-30 19:32 - 2015-12-09 06:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
    2016-01-30 19:32 - 2015-12-09 06:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
    2016-01-30 19:32 - 2015-12-09 06:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2016-01-30 19:32 - 2015-12-09 06:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
    2016-01-30 19:32 - 2015-12-09 06:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
    2016-01-30 19:32 - 2015-12-09 06:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
    2016-01-30 19:32 - 2015-12-09 06:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
    2016-01-30 19:32 - 2015-12-09 06:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
    2016-01-30 19:32 - 2015-12-09 06:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
    2016-01-30 19:32 - 2015-12-09 06:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
    2016-01-30 19:32 - 2015-12-09 06:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2016-01-30 19:32 - 2015-12-09 06:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
    2016-01-30 19:32 - 2015-12-09 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
    2016-01-30 19:32 - 2015-06-02 08:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
    2016-01-30 19:32 - 2015-02-03 12:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2016-01-30 19:32 - 2015-02-03 12:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2016-01-30 19:32 - 2015-02-03 12:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
    2016-01-30 19:32 - 2015-02-03 12:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2016-01-30 19:32 - 2015-02-03 12:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
    2016-01-30 19:32 - 2015-02-03 12:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
    2016-01-30 19:32 - 2014-11-01 07:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2016-01-30 19:32 - 2014-06-28 09:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2016-01-30 19:32 - 2014-06-28 09:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
     
  6. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    2016-01-30 19:32 - 2013-11-27 10:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2016-01-30 19:32 - 2013-11-27 10:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2016-01-30 19:32 - 2013-11-27 10:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2016-01-30 19:32 - 2013-11-27 10:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2016-01-30 19:32 - 2013-11-27 10:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
    2016-01-30 19:32 - 2013-11-27 10:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
    2016-01-30 19:32 - 2013-11-27 10:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2016-01-30 19:32 - 2013-06-26 07:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
    2016-01-30 19:32 - 2012-11-29 07:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
    2016-01-30 19:32 - 2012-11-29 07:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
    2016-01-30 19:32 - 2012-11-29 07:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
    2016-01-30 19:31 - 2015-04-25 02:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2016-01-30 19:31 - 2014-12-08 11:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2016-01-30 19:31 - 2014-10-14 10:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2016-01-30 19:31 - 2013-12-04 11:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
    2016-01-30 19:31 - 2013-12-04 11:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
    2016-01-30 19:31 - 2013-12-04 11:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
    2016-01-30 19:31 - 2013-12-04 11:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
    2016-01-30 19:31 - 2013-12-04 11:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
    2016-01-30 19:31 - 2013-12-04 10:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
    2016-01-30 19:31 - 2013-12-04 10:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
    2016-01-30 19:31 - 2013-12-04 10:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
    2016-01-30 19:31 - 2013-12-04 10:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
    2016-01-30 18:52 - 2014-10-03 10:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2016-01-30 18:52 - 2014-10-03 10:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
    2016-01-30 18:52 - 2014-10-03 10:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2016-01-30 18:52 - 2014-10-03 10:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
    2016-01-30 18:52 - 2014-10-03 10:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
    2016-01-30 18:33 - 2012-02-17 14:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
    2016-01-30 18:33 - 2012-02-17 13:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
    2016-01-30 17:47 - 2016-01-30 17:47 - 00001179 _____ C:\Users\Daniel Burkus\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
    2016-01-30 17:47 - 2016-01-30 17:47 - 00001179 _____ C:\Users\Daniel Burkus\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
    2016-01-30 17:47 - 2016-01-30 17:47 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\GRETECH
    2016-01-30 17:47 - 2016-01-30 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
    2016-01-30 15:37 - 2016-01-30 15:37 - 00000000 ____D C:\ProgramData\Hnc
    2016-01-30 15:36 - 2016-01-31 08:50 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Hnc
    2016-01-30 10:13 - 2016-01-30 10:13 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
    2016-01-30 09:32 - 2016-02-07 15:21 - 00000202 _____ C:\Windows\NeroDigital.ini
    2016-01-30 09:30 - 2016-01-30 09:30 - 00023694 _____ C:\Windows\system32\win32k2.sys
    2016-01-30 09:27 - 2016-01-30 09:27 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
    2016-01-30 09:27 - 2016-01-30 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
    2016-01-30 09:26 - 2016-01-30 09:27 - 00000000 ____D C:\Users\Daniel M. Burkus\Virtual Machines
    2016-01-30 09:26 - 2016-01-30 09:26 - 00000000 ____D C:\Users\Daniel M. Burkus
    2016-01-30 09:24 - 2016-01-30 09:31 - 00000000 ____D C:\Users\Daniel Burkus\MP3 Splitter-Joiner
    2016-01-30 09:21 - 2016-01-30 09:21 - 00000000 ____D C:\Program Files\Common Files\Ahead
    2016-01-30 09:21 - 2005-09-01 11:03 - 00127488 ____N (Ahead Software AG) C:\Windows\system32\Drivers\imagesrv.sys
    2016-01-30 09:21 - 2005-09-01 11:03 - 00005888 ____N (Ahead Software AG) C:\Windows\system32\Drivers\imagedrv.sys
    2016-01-30 09:21 - 2004-07-26 16:16 - 01568768 ____N (Pegasus Imaging Corp.) C:\Windows\system32\ImagX7.dll
    2016-01-30 09:21 - 2004-07-26 16:16 - 00476320 ____N (Pegasus Imaging Corp.) C:\Windows\system32\ImagXpr7.dll
    2016-01-30 09:21 - 2004-07-26 16:16 - 00471040 ____N (Pegasus Imaging Corp.) C:\Windows\system32\ImagXRA7.dll
    2016-01-30 09:21 - 2004-07-26 16:16 - 00262144 ____N (Pegasus Imaging Corp.) C:\Windows\system32\ImagXR7.dll
    2016-01-30 09:21 - 2004-07-09 08:43 - 00364544 ____N (Pegasus Imaging Corp.) C:\Windows\system32\TwnLib4.dll
    2016-01-30 09:21 - 2001-07-09 10:50 - 00155648 _____ (Ahead Software Gmbh) C:\Windows\system32\NeroCheck.exe
    2016-01-30 09:21 - 2000-06-26 10:45 - 00106496 _____ (Pegasus Software) C:\Windows\system32\TwnLib20.dll
    2016-01-30 09:08 - 2016-01-30 09:19 - 00000000 ____D C:\Users\Daniel Burkus\NeroBurning .exe file (with license)
    2016-01-30 09:04 - 2016-02-15 14:08 - 00000000 ___RD C:\Users\Daniel Burkus\Virtual Machines
    2016-01-30 08:56 - 2016-01-30 09:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
    2016-01-30 08:56 - 2016-01-30 08:56 - 00000000 ____D C:\Program Files\Windows Virtual PC
    2016-01-30 08:52 - 2010-11-20 21:30 - 00296064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcvmm.sys
    2016-01-30 08:52 - 2010-11-20 21:30 - 00172416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpchbus.sys
    2016-01-30 08:52 - 2010-11-20 21:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\vpchbuspipe.dll
    2016-01-30 08:52 - 2010-11-20 21:17 - 02171392 _____ (Microsoft Corporation) C:\Windows\system32\VPCWizard.exe
    2016-01-30 08:52 - 2010-11-20 19:50 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcusb.sys
    2016-01-30 08:52 - 2010-11-20 19:50 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcnfltr.sys
    2016-01-30 08:51 - 2010-11-20 21:17 - 03330560 _____ (Microsoft Corporation) C:\Windows\system32\vpc.exe
    2016-01-30 08:51 - 2010-11-20 21:17 - 01260032 _____ (Microsoft Corporation) C:\Windows\system32\VPCSettings.exe
    2016-01-30 08:51 - 2010-11-20 19:52 - 01003008 _____ (Microsoft Corporation) C:\Windows\system32\VMWindow.exe
    2016-01-30 08:51 - 2010-11-20 19:52 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\vmsal.exe
    2016-01-30 08:51 - 2010-11-20 19:50 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\VMCPropertyHandler.dll
    2016-01-30 08:34 - 2016-01-30 08:34 - 00002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Hangul 2002.lnk
    2016-01-30 08:34 - 2016-01-30 08:34 - 00000048 _____ C:\Windows\Hjimesv.ini
    2016-01-30 08:34 - 2016-01-30 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HAANSOFT
    2016-01-30 08:30 - 2016-01-30 08:34 - 00000000 ____D C:\HNC
    2016-01-30 08:24 - 2016-01-30 08:27 - 00000016 _____ C:\Windows\system32\hwincfg.ini
    2016-01-30 08:07 - 2016-01-30 08:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    2016-01-30 08:06 - 2016-01-30 08:07 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2016-01-30 08:06 - 2016-01-30 08:06 - 00000000 ____D C:\Program Files\Adobe
    2016-01-30 08:05 - 2016-01-30 08:06 - 00000000 ____D C:\ProgramData\Adobe
    2016-01-30 08:04 - 2016-01-30 08:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2016-01-30 08:04 - 2016-01-30 08:04 - 00000000 ____D C:\Program Files\CCleaner
    2016-01-30 07:59 - 2016-01-30 07:59 - 00000000 ____D C:\Program Files\HyperCam 2
    2016-01-30 07:57 - 2016-01-31 19:22 - 00001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
    2016-01-30 07:55 - 2016-02-06 10:09 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\Paint.NET
    2016-01-30 07:54 - 2016-01-31 19:22 - 00000000 ____D C:\Program Files\Paint.NET
    2016-01-30 07:50 - 2016-01-30 07:50 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
    2016-01-30 07:47 - 2016-01-30 07:51 - 00000000 ____D C:\Program Files\Unlocker
    2016-01-30 07:44 - 2016-01-30 07:46 - 00000000 ____D C:\Program Files\VirtualDub
    2016-01-30 07:44 - 2016-01-30 07:44 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\JAM Software
    2016-01-30 07:44 - 2016-01-30 07:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
    2016-01-30 07:44 - 2016-01-30 07:44 - 00000000 ____D C:\Program Files\JAM Software
    2016-01-30 07:39 - 2016-01-30 07:40 - 00000000 ____D C:\Program Files\XP Card Games
    2016-01-29 22:14 - 2016-01-29 22:14 - 00000000 ____D C:\Windows\system32\SPReview
    2016-01-29 22:12 - 2016-01-29 22:12 - 00000000 ____D C:\Windows\system32\EventProviders
    2016-01-29 21:33 - 2016-02-08 21:54 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\MPC-HC
    2016-01-29 21:31 - 2016-01-29 21:31 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\WinRAR
    2016-01-29 21:31 - 2016-01-29 21:31 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2016-01-29 21:31 - 2016-01-29 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2016-01-29 21:31 - 2016-01-29 21:31 - 00000000 ____D C:\Program Files\WinRAR
    2016-01-29 21:30 - 2016-01-29 21:30 - 00000000 ____D C:\Users\Daniel Burkus\WinRAR
    2016-01-29 21:26 - 2016-01-29 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
    2016-01-29 21:26 - 2016-01-29 21:26 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
    2016-01-29 21:26 - 2014-04-25 03:00 - 00112640 _____ C:\Windows\system32\ff_vfw.dll
    2016-01-29 21:26 - 2013-12-01 21:10 - 00218200 _____ C:\Windows\system32\unrar.dll
    2016-01-29 21:26 - 2013-03-18 01:21 - 03649536 _____ (x264vfw project) C:\Windows\system32\x264vfw.dll
    2016-01-29 21:26 - 2012-07-21 19:54 - 00122880 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
    2016-01-29 21:26 - 2011-12-08 02:32 - 00216064 _____ ( ) C:\Windows\system32\lagarith.dll
    2016-01-29 21:26 - 2011-06-24 23:44 - 00243200 _____ C:\Windows\system32\xvidvfw.dll
    2016-01-29 21:26 - 2011-06-24 23:28 - 00650752 _____ C:\Windows\system32\xvidcore.dll
    2016-01-29 21:25 - 2010-11-20 21:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
    2016-01-29 21:25 - 2010-11-20 21:29 - 00520064 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
    2016-01-29 21:25 - 2010-11-20 21:29 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
    2016-01-29 21:25 - 2010-11-20 21:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
    2016-01-29 21:25 - 2010-11-20 21:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
    2016-01-29 21:25 - 2010-11-20 21:21 - 01086976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2016-01-29 21:25 - 2010-11-20 21:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
    2016-01-29 21:25 - 2010-11-20 21:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
    2016-01-29 21:25 - 2010-11-20 21:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
    2016-01-29 21:25 - 2010-11-20 21:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
    2016-01-29 21:25 - 2010-11-20 21:21 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2016-01-29 21:25 - 2010-11-20 21:20 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
    2016-01-29 21:25 - 2010-11-20 21:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
    2016-01-29 21:25 - 2010-11-20 21:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
    2016-01-29 21:25 - 2010-11-20 21:19 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
    2016-01-29 21:25 - 2010-11-20 21:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
    2016-01-29 21:25 - 2010-11-20 21:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
    2016-01-29 21:25 - 2010-11-20 21:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
    2016-01-29 21:25 - 2010-11-20 21:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
    2016-01-29 21:25 - 2010-11-20 21:17 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
    2016-01-29 21:25 - 2010-11-20 21:17 - 00080896 _____ C:\Windows\system32\RDVGHelper.exe
    2016-01-29 21:25 - 2010-11-20 21:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\PushPrinterConnections.exe
    2016-01-29 21:25 - 2010-11-20 19:24 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
    2016-01-29 21:25 - 2010-11-20 19:22 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
    2016-01-29 21:25 - 2010-11-05 11:20 - 00146852 _____ C:\Windows\system32\systemsf.ebd
    2016-01-29 21:25 - 2010-11-05 10:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
    2016-01-29 21:25 - 2010-11-05 10:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
    2016-01-29 21:25 - 2010-11-05 10:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
    2016-01-29 21:24 - 2010-11-20 21:30 - 00245632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2016-01-29 21:24 - 2010-11-20 21:30 - 00116096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
    2016-01-29 21:24 - 2010-11-20 21:24 - 00271664 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
    2016-01-29 21:24 - 2010-11-20 21:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
    2016-01-29 21:24 - 2010-11-20 21:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
    2016-01-29 21:24 - 2010-11-20 21:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
    2016-01-29 21:24 - 2010-11-20 21:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
    2016-01-29 21:24 - 2010-11-20 21:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
    2016-01-29 21:24 - 2010-11-20 21:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
    2016-01-29 21:24 - 2010-11-20 21:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
    2016-01-29 21:24 - 2010-11-20 21:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
    2016-01-29 21:24 - 2010-11-20 21:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
    2016-01-29 21:24 - 2010-11-20 21:20 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
    2016-01-29 21:24 - 2010-11-20 21:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
    2016-01-29 21:24 - 2010-11-20 21:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
    2016-01-29 21:24 - 2010-11-20 21:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
    2016-01-29 21:24 - 2010-11-20 21:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
    2016-01-29 21:24 - 2010-11-20 21:19 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
    2016-01-29 21:24 - 2010-11-20 21:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
    2016-01-29 21:24 - 2010-11-20 21:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
    2016-01-29 21:24 - 2010-11-20 21:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
    2016-01-29 21:24 - 2010-11-20 21:19 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
    2016-01-29 21:24 - 2010-11-20 21:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
    2016-01-29 21:24 - 2010-11-20 21:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
    2016-01-29 21:24 - 2010-11-20 21:18 - 00863744 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
    2016-01-29 21:24 - 2010-11-20 21:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
    2016-01-29 21:24 - 2010-11-20 21:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
    2016-01-29 21:24 - 2010-11-20 21:18 - 00546304 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
    2016-01-29 21:24 - 2010-11-20 21:18 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2016-01-29 21:24 - 2010-11-20 21:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
    2016-01-29 21:24 - 2010-11-20 21:18 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
    2016-01-29 21:24 - 2010-11-20 21:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
    2016-01-29 21:24 - 2010-11-20 21:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
    2016-01-29 21:24 - 2010-11-20 21:18 - 00252928 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
    2016-01-29 21:24 - 2010-11-20 21:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
    2016-01-29 21:24 - 2010-11-20 21:17 - 03367424 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
    2016-01-29 21:24 - 2010-11-20 21:17 - 01203200 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
    2016-01-29 21:24 - 2010-11-20 21:17 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
    2016-01-29 21:24 - 2010-11-20 21:17 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
    2016-01-29 21:24 - 2010-11-20 21:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
    2016-01-29 21:24 - 2010-11-20 21:17 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
    2016-01-29 21:24 - 2010-11-20 21:17 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
    2016-01-29 21:24 - 2010-11-20 21:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
    2016-01-29 21:24 - 2010-11-20 21:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
    2016-01-29 21:24 - 2010-11-20 21:17 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
    2016-01-29 21:24 - 2010-11-20 21:17 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
    2016-01-29 21:24 - 2010-11-20 21:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
    2016-01-29 21:24 - 2010-11-20 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys
    2016-01-29 21:24 - 2010-11-20 17:44 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
    2016-01-29 21:24 - 2010-11-20 17:44 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
    2016-01-29 21:24 - 2010-11-05 10:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
    2016-01-29 21:23 - 2016-01-29 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
    2016-01-29 21:23 - 2010-11-20 21:36 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
    2016-01-29 21:23 - 2010-11-20 21:30 - 00175360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
    2016-01-29 21:23 - 2010-11-20 21:30 - 00173440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
    2016-01-29 21:23 - 2010-11-20 21:30 - 00160128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2016-01-29 21:23 - 2010-11-20 21:30 - 00153984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
    2016-01-29 21:23 - 2010-11-20 21:30 - 00140160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
    2016-01-29 21:23 - 2010-11-20 21:30 - 00130432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
    2016-01-29 21:23 - 2010-11-20 21:30 - 00085376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys
    2016-01-29 21:23 - 2010-11-20 21:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
    2016-01-29 21:23 - 2010-11-20 21:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
    2016-01-29 21:23 - 2010-11-20 21:30 - 00040704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
    2016-01-29 21:23 - 2010-11-20 21:30 - 00028032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
    2016-01-29 21:23 - 2010-11-20 21:30 - 00028032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
    2016-01-29 21:23 - 2010-11-20 21:29 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll
    2016-01-29 21:23 - 2010-11-20 21:29 - 00274304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
    2016-01-29 21:23 - 2010-11-20 21:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
    2016-01-29 21:23 - 2010-11-20 21:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2016-01-29 21:23 - 2010-11-20 21:29 - 00043392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
    2016-01-29 21:23 - 2010-11-20 21:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll
    2016-01-29 21:23 - 2010-11-20 21:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
    2016-01-29 21:23 - 2010-11-20 21:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
    2016-01-29 21:23 - 2010-11-20 21:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
    2016-01-29 21:23 - 2010-11-20 21:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
    2016-01-29 21:23 - 2010-11-20 21:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
    2016-01-29 21:23 - 2010-11-20 21:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
    2016-01-29 21:23 - 2010-11-20 21:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
    2016-01-29 21:23 - 2010-11-20 21:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
    2016-01-29 21:23 - 2010-11-20 21:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
    2016-01-29 21:23 - 2010-11-20 21:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
    2016-01-29 21:23 - 2010-11-20 21:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
    2016-01-29 21:23 - 2010-11-20 21:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
    2016-01-29 21:23 - 2010-11-20 21:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
    2016-01-29 21:23 - 2010-11-20 21:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
    2016-01-29 21:23 - 2010-11-20 21:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
    2016-01-29 21:23 - 2010-11-20 21:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
    2016-01-29 21:23 - 2010-11-20 21:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
    2016-01-29 21:23 - 2010-11-20 21:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
    2016-01-29 21:23 - 2010-11-20 21:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
    2016-01-29 21:23 - 2010-11-20 21:17 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00098816 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe
    2016-01-29 21:23 - 2010-11-20 21:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
    2016-01-29 21:23 - 2010-11-20 21:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
    2016-01-29 21:23 - 2010-11-20 21:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
    2016-01-29 21:23 - 2010-11-20 21:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
    2016-01-29 21:23 - 2010-11-20 21:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
    2016-01-29 21:23 - 2010-11-20 21:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
    2016-01-29 21:23 - 2010-11-20 21:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
    2016-01-29 21:23 - 2010-11-20 21:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
    2016-01-29 21:23 - 2010-11-20 21:16 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
    2016-01-29 21:23 - 2010-11-20 21:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
    2016-01-29 21:23 - 2010-11-20 19:24 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
    2016-01-29 21:23 - 2010-11-20 18:59 - 00035968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
    2016-01-29 21:23 - 2010-11-20 18:14 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
    2016-01-29 21:23 - 2010-11-20 17:42 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
    2016-01-29 21:23 - 2010-11-20 17:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
    2016-01-29 21:23 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
    2016-01-29 21:23 - 2009-07-14 10:16 - 00001536 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
    2016-01-29 21:23 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
    2016-01-29 21:22 - 2010-11-20 21:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
    2016-01-29 21:22 - 2010-11-20 21:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
    2016-01-29 21:22 - 2010-11-20 21:29 - 00137088 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
     
  7. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    2016-01-29 21:22 - 2010-11-20 21:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\sppinst.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
    2016-01-29 21:22 - 2010-11-20 21:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\sppuinotify.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\utildll.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
    2016-01-29 21:22 - 2010-11-20 21:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
    2016-01-29 21:22 - 2010-11-20 21:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
    2016-01-29 21:22 - 2010-11-20 21:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll
    2016-01-29 21:22 - 2010-11-20 21:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
    2016-01-29 21:22 - 2010-11-20 21:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
    2016-01-29 21:22 - 2010-11-20 21:19 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
    2016-01-29 21:22 - 2010-11-20 21:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\activeds.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\adsldp.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll
    2016-01-29 21:22 - 2010-11-20 21:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll
    2016-01-29 21:22 - 2010-11-20 21:17 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\MuiUnattend.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00066048 _____ C:\Windows\system32\PrintBrmUi.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shadow.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
    2016-01-29 21:22 - 2010-11-20 21:17 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2016-01-29 21:22 - 2010-11-20 21:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
    2016-01-29 21:22 - 2010-11-20 21:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
    2016-01-29 21:22 - 2010-11-20 21:16 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
    2016-01-29 21:22 - 2010-11-20 21:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl
    2016-01-29 21:22 - 2010-11-20 21:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
    2016-01-29 21:22 - 2010-11-20 21:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
    2016-01-29 21:22 - 2010-11-20 21:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
    2016-01-29 21:22 - 2010-11-20 21:16 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
    2016-01-29 21:22 - 2010-11-20 21:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
    2016-01-29 21:22 - 2010-11-20 21:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
    2016-01-29 21:22 - 2010-11-20 21:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
    2016-01-29 21:22 - 2010-11-20 21:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
    2016-01-29 21:22 - 2010-11-20 21:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
    2016-01-29 21:22 - 2010-11-20 21:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
    2016-01-29 21:22 - 2010-11-20 21:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
    2016-01-29 21:22 - 2010-11-20 21:16 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
    2016-01-29 21:22 - 2010-11-20 21:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
    2016-01-29 21:22 - 2010-11-20 21:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
    2016-01-29 21:22 - 2010-11-20 21:16 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
    2016-01-29 21:22 - 2010-11-20 21:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
    2016-01-29 21:22 - 2010-11-20 21:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
    2016-01-29 21:22 - 2010-11-20 21:16 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
    2016-01-29 21:22 - 2010-11-20 21:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
    2016-01-29 21:22 - 2010-11-20 21:16 - 00065024 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
    2016-01-29 21:22 - 2010-11-20 21:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
    2016-01-29 21:22 - 2010-11-20 21:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
    2016-01-29 21:22 - 2010-11-20 21:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
    2016-01-29 21:22 - 2010-11-20 21:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
    2016-01-29 21:22 - 2010-11-20 21:16 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
    2016-01-29 21:22 - 2010-11-20 21:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
    2016-01-29 21:22 - 2010-11-20 21:16 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
    2016-01-29 21:22 - 2010-11-20 21:16 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
    2016-01-29 21:22 - 2010-11-20 21:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
    2016-01-29 21:22 - 2010-11-20 21:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
    2016-01-29 21:22 - 2010-11-20 21:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
    2016-01-29 21:22 - 2010-11-20 21:03 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\vmbusres.dll
    2016-01-29 21:22 - 2010-11-20 21:03 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\vmstorfltres.dll
    2016-01-29 21:22 - 2010-11-20 21:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
    2016-01-29 21:22 - 2010-11-20 21:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
    2016-01-29 21:22 - 2010-11-20 19:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys
    2016-01-29 21:22 - 2010-11-20 19:22 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
    2016-01-29 21:22 - 2010-11-20 19:07 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
    2016-01-29 21:22 - 2010-11-20 19:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
    2016-01-29 21:22 - 2010-11-20 19:06 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
    2016-01-29 21:22 - 2010-11-20 19:06 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
    2016-01-29 21:22 - 2010-11-20 18:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
    2016-01-29 21:22 - 2010-11-20 18:50 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
    2016-01-29 21:22 - 2010-11-20 17:47 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys
    2016-01-29 21:22 - 2010-11-20 17:42 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
    2016-01-29 21:22 - 2010-11-20 17:39 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
    2016-01-29 21:22 - 2010-11-20 17:38 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
    2016-01-29 21:22 - 2010-11-20 14:23 - 00053600 _____ C:\Windows\system32\dosx.exe
    2016-01-29 21:22 - 2010-11-10 10:45 - 00010429 _____ C:\Windows\system32\ScavengeSpace.xml
    2016-01-29 21:22 - 2010-11-05 11:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll
    2016-01-29 21:22 - 2009-07-14 10:16 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
    2016-01-29 21:21 - 2016-01-29 21:21 - 00000000 ____D C:\Program Files\Common Files\PX Storage Engine
    2016-01-29 21:21 - 2010-11-20 21:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll
    2016-01-29 21:21 - 2010-11-20 21:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
    2016-01-29 21:21 - 2010-11-20 21:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
    2016-01-29 21:21 - 2010-11-20 21:20 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\lzhfldr2.dll
    2016-01-29 21:21 - 2010-11-20 21:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
    2016-01-29 21:21 - 2010-11-20 21:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
    2016-01-29 21:21 - 2010-11-20 21:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
    2016-01-29 21:21 - 2010-11-20 21:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
    2016-01-29 21:21 - 2010-11-20 21:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll
    2016-01-29 21:21 - 2010-11-20 21:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll
    2016-01-29 21:21 - 2010-11-20 21:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL
    2016-01-29 21:21 - 2010-11-20 21:00 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL
    2016-01-29 21:21 - 2010-11-20 20:57 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
    2016-01-29 21:21 - 2010-11-20 20:56 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll
    2016-01-29 21:21 - 2010-11-20 19:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys
    2016-01-29 21:21 - 2010-11-20 19:21 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\RDPREFDD.dll
    2016-01-29 21:21 - 2010-11-20 19:21 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys
    2016-01-29 21:21 - 2010-11-20 19:07 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
    2016-01-29 21:21 - 2010-11-20 19:00 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
    2016-01-29 21:21 - 2010-11-20 19:00 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
    2016-01-29 21:21 - 2010-11-20 19:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
    2016-01-29 21:21 - 2010-11-20 19:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
    2016-01-29 21:21 - 2010-11-20 18:59 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
    2016-01-29 21:21 - 2010-11-20 18:59 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
    2016-01-29 21:21 - 2010-11-20 18:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
    2016-01-29 21:21 - 2010-11-20 18:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
    2016-01-29 21:21 - 2010-11-20 18:24 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
    2016-01-29 21:21 - 2010-11-20 18:19 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
    2016-01-29 21:21 - 2010-11-20 18:14 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\VmbusCoinstaller.dll
    2016-01-29 21:21 - 2010-11-20 18:14 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\VmdCoinstall.dll
    2016-01-29 21:21 - 2010-11-20 18:14 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
    2016-01-29 21:21 - 2010-11-20 18:14 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
    2016-01-29 21:21 - 2010-11-20 18:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
    2016-01-29 21:21 - 2010-11-20 18:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
    2016-01-29 21:21 - 2010-11-20 18:14 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
    2016-01-29 21:21 - 2010-11-05 11:20 - 00105559 _____ C:\Windows\system32\RacRules.xml
    2016-01-29 21:20 - 2016-01-30 08:13 - 00000000 ____D C:\Program Files\Winamp
    2016-01-29 21:20 - 2016-01-29 21:28 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Winamp
    2016-01-29 21:20 - 2010-11-20 21:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
    2016-01-29 21:20 - 2010-11-20 21:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
    2016-01-29 21:18 - 2016-01-29 21:18 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\NVIDIA
    2016-01-29 21:04 - 2016-01-29 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Toolkit
    2016-01-29 21:04 - 2016-01-29 21:04 - 00000000 ____D C:\MP3Toolkit
    2016-01-29 21:03 - 2016-01-29 21:03 - 00000000 ____D C:\Program Files\Lame For Audacity
    2016-01-29 21:03 - 2016-01-29 21:03 - 00000000 ____D C:\Program Files\FFmpeg for Audacity
    2016-01-29 21:02 - 2016-01-29 21:02 - 00000977 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
    2016-01-29 21:02 - 2016-01-29 21:02 - 00000000 ____D C:\Program Files\Audacity
    2016-01-29 20:50 - 2016-01-29 20:50 - 00000000 ____D C:\Program Files\GPLGS
    2016-01-29 20:46 - 2016-01-29 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
     
  8. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    2016-01-29 20:46 - 2014-03-07 10:03 - 03109520 __RSH (FFmpeg Project) C:\Windows\system32\avcodec-lav-55.dll
    2016-01-29 20:46 - 2014-03-07 10:03 - 00550032 __RSH (FFmpeg Project) C:\Windows\system32\avformat-lav-55.dll
    2016-01-29 20:46 - 2014-03-07 10:03 - 00313520 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\system32\HLvideo.dll
    2016-01-29 20:46 - 2014-03-07 10:03 - 00203408 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\system32\HLsplit.dll
    2016-01-29 20:46 - 2014-03-07 10:03 - 00181392 __RSH (FFmpeg Project) C:\Windows\system32\avutil-lav-52.dll
    2016-01-29 20:46 - 2014-03-07 10:03 - 00166544 __RSH (Intel Corp.) C:\Windows\system32\IntelQuickSyncDecoder.dll
    2016-01-29 20:46 - 2014-03-07 10:03 - 00122512 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\system32\HLaudio.dll
    2016-01-29 20:46 - 2014-03-07 10:03 - 00118416 __RSH (FFmpeg Project) C:\Windows\system32\swscale-lav-2.dll
    2016-01-29 20:46 - 2014-03-07 10:03 - 00109712 __RSH C:\Windows\system32\libbluray.dll
    2016-01-29 20:46 - 2014-03-07 10:03 - 00098960 __RSH (FFmpeg Project) C:\Windows\system32\avfilter-lav-4.dll
    2016-01-29 20:46 - 2014-03-07 10:03 - 00059536 __RSH (FFmpeg Project) C:\Windows\system32\avresample-lav-1.dll
    2016-01-29 20:46 - 2014-01-31 15:20 - 00000493 __RSH C:\Windows\system32\LAVFilters.Dependencies.manifest
    2016-01-29 20:46 - 2013-01-31 21:37 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
    2016-01-29 20:46 - 2013-01-31 21:37 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
    2016-01-29 20:46 - 2012-10-05 18:54 - 00188416 __RSH C:\Windows\system32\winDCE32.dll
    2016-01-29 20:46 - 2012-07-11 22:00 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Olepau32.ax
    2016-01-29 20:46 - 2011-06-14 19:05 - 00121344 __RSH C:\Windows\system32\TAKDSDecoder.ax
    2016-01-29 20:46 - 2011-02-11 09:26 - 00112128 __RSH C:\Windows\system32\OptimFROG.dll
    2016-01-29 20:46 - 2010-01-06 23:00 - 00107520 __RSH C:\Windows\system32\TAKDSDecoder.dll
    2016-01-29 20:46 - 2009-08-10 22:00 - 00352768 __RSH C:\Windows\system32\ac3DX.ax
    2016-01-29 20:46 - 2005-02-22 16:55 - 00081920 __RSH C:\Windows\system32\aac_parser.ax
    2016-01-29 20:46 - 2004-10-10 08:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\system32\pncrt.dll
    2016-01-29 20:46 - 2004-07-02 16:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\system32\drvc.dll
    2016-01-29 20:46 - 2004-04-27 15:03 - 00017408 __RSH (RadLight) C:\Windows\system32\RLOFRDec.ax
    2016-01-29 20:46 - 2004-04-05 09:31 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
    2016-01-29 20:46 - 2004-04-05 09:31 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
    2016-01-29 20:17 - 2015-10-26 16:39 - 00001080 _____ C:\Users\Daniel Burkus\Letter to Alan Palmer's student.txt
    2016-01-29 20:17 - 2014-07-30 10:14 - 00080241 _____ C:\Users\Daniel Burkus\Prostaglandin E1 - Wikipedia, the free encyclopedia.htm
    2016-01-29 20:17 - 2014-07-29 19:40 - 00000009 _____ C:\Users\Daniel Burkus\Jheanelle.txt
    2016-01-29 20:17 - 2014-07-27 18:32 - 00001994 _____ C:\Users\Daniel Burkus\Electronic Transfer Bank Information.txt
    2016-01-29 20:17 - 2014-07-03 12:06 - 00000562 _____ C:\Users\Daniel Burkus\The Different Languages of Love.txt
    2016-01-29 20:17 - 2014-06-15 06:35 - 00008288 _____ C:\Users\Daniel Burkus\Tumblr Letter.txt
    2016-01-29 20:17 - 2014-05-27 22:45 - 00030720 _____ C:\Users\Daniel Burkus\Korean Culture and Chanoyu.hwp
    2016-01-29 20:17 - 2014-05-27 22:44 - 00051814 _____ C:\Users\Daniel Burkus\Korean Culture and Chanoyu.pdf
    2016-01-29 20:17 - 2014-05-26 18:52 - 00022016 _____ C:\Users\Daniel Burkus\Leo and Scorpio.hwp
    2016-01-29 20:17 - 2014-05-14 13:46 - 00276462 _____ C:\Users\Daniel Burkus\SeaTools for DOS.EN.pdf
    2016-01-29 20:16 - 2016-01-30 10:36 - 00000000 ____D C:\Users\Daniel Burkus\River Sumida Wallpaper and Profile Photo
    2016-01-29 20:16 - 2016-01-29 20:16 - 00000000 ____D C:\Users\Daniel Burkus\Personal History
    2016-01-29 20:16 - 2016-01-29 20:16 - 00000000 ____D C:\Users\Daniel Burkus\Nikon D5100 Digital Camera - Copy
    2016-01-29 20:16 - 2016-01-29 20:16 - 00000000 ____D C:\Users\Daniel Burkus\Letters
    2016-01-29 20:16 - 2016-01-29 20:16 - 00000000 ____D C:\Users\Daniel Burkus\How to Clean a Gourd
    2016-01-29 20:16 - 2016-01-29 20:16 - 00000000 ____D C:\Users\Daniel Burkus\Help
    2016-01-29 20:16 - 2016-01-29 20:16 - 00000000 ____D C:\Users\Daniel Burkus\GomPlayer
    2016-01-29 20:16 - 2016-01-29 20:16 - 00000000 ____D C:\Users\Daniel Burkus\Changing to Google.com
    2016-01-29 20:16 - 2016-01-29 20:16 - 00000000 ____D C:\Users\Daniel Burkus\BlueScreen Error
    2016-01-29 20:16 - 2016-01-29 20:16 - 00000000 ____D C:\Users\Daniel Burkus\BitLock Keys
    2016-01-29 20:16 - 2014-06-13 11:22 - 00000244 _____ C:\Users\Daniel Burkus\Blog Template.txt
    2016-01-29 20:16 - 2014-05-02 09:37 - 00120474 _____ C:\Users\Daniel Burkus\Your request has been received.htm
    2016-01-29 20:15 - 2016-02-18 21:20 - 00358912 ___SH C:\Users\Daniel Burkus\Thumbs.db
    2016-01-29 20:15 - 2016-01-29 20:15 - 00000000 ____D C:\Users\Daniel Burkus\Your request has been received_files
    2016-01-29 20:15 - 2015-12-26 19:56 - 00009553 _____ C:\Users\Daniel Burkus\5679835f1600000001eb96fe.jpeg
    2016-01-29 20:15 - 2014-10-13 18:28 - 00000071 _____ C:\Users\Daniel Burkus\10 Word Story.txt
    2016-01-29 20:15 - 2014-05-07 19:08 - 00000042 _____ C:\Users\Daniel Burkus\Avast Offline License Key.txt
    2016-01-29 20:10 - 2016-02-18 08:26 - 00000000 ___RD C:\Users\Daniel Burkus\Desktop\WORK
    2016-01-29 20:10 - 2016-01-29 20:10 - 00000000 ____D C:\Users\Daniel Burkus\Windows Update Problems
    2016-01-29 20:10 - 2016-01-29 20:10 - 00000000 ____D C:\Users\Daniel Burkus\Waterfall Photos
    2016-01-29 19:18 - 2016-01-22 08:53 - 00000117 _____ C:\Users\Daniel Burkus\Desktop\Possible DLL.txt
    2016-01-29 19:18 - 2015-10-25 09:26 - 00012884 _____ C:\Users\Daniel Burkus\Desktop\Substituting the Small Unryu-gama for the Ro-gama (Notes).txt
    2016-01-29 19:18 - 2015-10-25 09:25 - 00000898 _____ C:\Users\Daniel Burkus\Desktop\Substituting the Small Unryu-gama for the Ro-gama (Text).txt
    2016-01-29 19:18 - 2015-09-26 12:43 - 00212976 _____ C:\Users\Daniel Burkus\Desktop\Pygmalion (George Bernard Shaw).txt
    2016-01-29 19:18 - 2015-09-25 21:38 - 00520016 _____ C:\Users\Daniel Burkus\Desktop\Perks of Being a Wallflower, The (Stephen Chbosky).pdf
    2016-01-29 19:17 - 2016-01-25 08:49 - 00000986 _____ C:\Users\Daniel Burkus\Desktop\Address.txt
    2016-01-29 19:16 - 2016-02-15 11:14 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Chanoyu Related Documents and HWP Files
    2016-01-29 19:16 - 2016-02-09 14:24 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Random (9) - Chabana
    2016-01-29 19:16 - 2016-01-31 19:42 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Reference Files
    2016-01-29 19:16 - 2016-01-31 14:56 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Temae Training Course
    2016-01-29 19:16 - 2016-01-29 19:16 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Random (8) - Yo-kai
    2016-01-29 19:16 - 2016-01-29 19:16 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Random (6) - The Relationship Between Chanoyu and the Hyakujō Shin-ki [百丈清規]
    2016-01-29 19:16 - 2016-01-28 14:09 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Random (5) - Resting the Hishaku on the Futaoki
    2016-01-29 19:16 - 2015-07-14 13:20 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Random (7) - Asa-kai
    2016-01-29 19:14 - 2016-01-29 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
    2016-01-29 19:14 - 2016-01-29 19:14 - 00000000 ____D C:\Program Files\Acro Software
    2016-01-29 19:14 - 2016-01-22 16:56 - 00089008 _____ C:\Windows\system32\cpwmon2k.dll
    2016-01-29 19:10 - 2016-01-29 19:10 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\IrfanView
    2016-01-29 19:10 - 2016-01-29 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
    2016-01-29 19:10 - 2016-01-29 19:10 - 00000000 ____D C:\Program Files\IrfanView
    2016-01-29 19:03 - 2016-01-29 19:03 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\Foxit Reader
    2016-01-29 19:01 - 2016-01-29 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
    2016-01-29 19:01 - 2016-01-29 19:03 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Foxit Software
    2016-01-29 19:01 - 2016-01-29 19:01 - 00000000 ____D C:\Users\Public\Foxit Software
    2016-01-29 19:01 - 2016-01-29 19:01 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Foxit AgentInformation
    2016-01-29 19:01 - 2016-01-29 19:01 - 00000000 ____D C:\Program Files\Foxit Software
    2016-01-29 18:54 - 2016-01-30 17:46 - 00000000 ____D C:\Program Files\GRETECH
    2016-01-29 18:19 - 2016-02-17 01:06 - 00000914 _____ C:\Users\Daniel Burkus\Desktop\Blog Post Template.txt
    2016-01-29 18:19 - 2016-01-30 20:48 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\AV Media Files
    2016-01-29 18:19 - 2016-01-29 18:19 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\4-7 San-tan San-ro (Ro Sumi-temae)
    2016-01-29 18:19 - 2016-01-28 20:21 - 01216301 _____ C:\Users\Daniel Burkus\Desktop\Hunger Games, The (Suzanne Collins).pdf
    2016-01-29 18:19 - 2016-01-25 10:52 - 00000049 _____ C:\Users\Daniel Burkus\Desktop\filter.txt
    2016-01-29 18:19 - 2016-01-25 07:39 - 00000156 _____ C:\Users\Daniel Burkus\Desktop\Movies to Search and Download.txt
    2016-01-29 18:19 - 2015-12-29 21:55 - 00000000 _____ C:\Users\Daniel Burkus\Desktop\movie.txt.txt
    2016-01-29 18:19 - 2015-10-25 07:33 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\4-7.3 - Substituting the Small Unryu-gama
    2016-01-29 18:19 - 2015-06-15 14:10 - 00000048 _____ C:\Users\Daniel Burkus\Desktop\GoComics URL.txt
    2016-01-29 18:06 - 2016-01-29 18:06 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
    2016-01-29 18:05 - 2016-01-29 18:05 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
    2016-01-29 18:04 - 2016-01-29 18:04 - 00000000 _____ C:\Windows\ativpsrm.bin
    2016-01-29 18:01 - 2016-01-29 01:14 - 00000000 ____D C:\Windows\Panther
    2016-01-29 17:52 - 2016-01-29 20:46 - 00000000 ____D C:\Program Files\eRightSoft
    2016-01-29 17:50 - 2016-01-29 17:51 - 00000000 ____D C:\Program Files\XP Paint
    2016-01-29 16:48 - 2016-01-29 16:59 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
    2016-01-29 16:48 - 2016-01-29 16:50 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2016-01-29 16:48 - 2016-01-29 16:48 - 00002131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2016-01-29 16:48 - 2016-01-29 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2016-01-29 16:48 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
    2016-01-29 16:35 - 2016-01-29 16:30 - 00322760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2016-01-29 16:32 - 2016-01-29 16:32 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\AVAST Software
    2016-01-29 16:32 - 2016-01-29 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2016-01-29 16:31 - 2016-01-29 16:31 - 00812208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2016-01-29 16:31 - 2016-01-29 16:31 - 00449384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2016-01-29 16:31 - 2016-01-29 16:31 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2016-01-29 16:31 - 2016-01-29 16:30 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
    2016-01-29 16:31 - 2016-01-29 16:30 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2016-01-29 16:31 - 2016-01-29 16:30 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2016-01-29 16:31 - 2016-01-29 16:30 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2016-01-29 16:31 - 2016-01-29 16:30 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
    2016-01-29 16:30 - 2016-01-29 16:30 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
    2016-01-29 16:29 - 2016-01-29 16:29 - 00000000 ____D C:\Program Files\AVAST Software
    2016-01-29 16:28 - 2016-01-29 16:28 - 00000000 ____D C:\ProgramData\AVAST Software
    2016-01-29 16:22 - 2016-02-19 06:51 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2016-01-29 16:22 - 2016-02-18 15:16 - 00000000 ____D C:\Users\Daniel Burkus\A - Software Shortcuts
    2016-01-29 16:22 - 2016-01-29 16:22 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\SUPERAntiSpyware.com
    2016-01-29 16:22 - 2016-01-29 16:22 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2016-01-29 16:22 - 2016-01-29 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2016-01-29 16:21 - 2016-02-18 17:41 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-01-29 16:21 - 2016-01-29 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-01-29 16:20 - 2016-01-29 16:21 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
    2016-01-29 16:20 - 2016-01-29 16:20 - 00000000 ____D C:\ProgramData\Malwarebytes
    2016-01-29 16:20 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
    2016-01-29 16:20 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2016-01-29 16:20 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2016-01-29 16:01 - 2016-02-12 13:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2016-01-29 16:01 - 2016-01-29 16:08 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\Mozilla
    2016-01-29 16:01 - 2016-01-29 16:01 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2016-01-29 16:01 - 2016-01-29 16:01 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Mozilla
    2016-01-29 15:54 - 2016-01-29 15:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh6_01009.Wdf
    2016-01-29 15:53 - 2016-01-29 15:53 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
    2016-01-29 15:53 - 2016-01-29 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNDA3100v2 Smart Wizard
    2016-01-29 15:53 - 2016-01-29 15:53 - 00000000 ____D C:\Program Files\NETGEAR
    2016-01-29 15:53 - 2010-02-03 11:20 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\system32\wpcap.dll
    2016-01-29 15:53 - 2010-02-03 11:20 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\system32\Packet.dll
    2016-01-29 15:53 - 2010-02-03 11:20 - 00053299 _____ C:\Windows\system32\pthreadVC.dll
    2016-01-29 15:53 - 2010-02-03 11:20 - 00050704 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
    2016-01-29 15:53 - 2009-11-06 08:37 - 00699896 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh6.sys
    2016-01-29 15:53 - 2009-11-06 08:31 - 03862528 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv.dll
    2016-01-29 15:53 - 2009-11-06 08:31 - 03551232 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui.dll
    2016-01-29 15:53 - 2009-11-06 08:31 - 01176312 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
    2016-01-29 15:53 - 2009-11-06 08:31 - 00091376 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
    2016-01-29 15:53 - 2007-01-19 18:20 - 00021728 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
    2016-01-29 05:10 - 2016-01-29 15:44 - 00000351 _____ C:\prefs.js
    2016-01-29 05:05 - 2016-01-29 05:05 - 00001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\KakaoTalk.lnk
    2016-01-29 05:05 - 2016-01-29 05:05 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\Kakao
    2016-01-29 05:05 - 2016-01-29 05:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KakaoTalk
    2016-01-29 05:04 - 2016-01-29 05:04 - 00000000 ____D C:\Program Files\Kakao
    2016-01-29 05:02 - 2016-01-29 05:02 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2016-01-29 05:02 - 2016-01-29 05:02 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2016-01-29 05:02 - 2016-01-29 05:02 - 00000000 ____D C:\Windows\system32\Macromed
    2016-01-29 05:02 - 2016-01-29 05:02 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Macromedia
    2016-01-29 05:02 - 2016-01-29 05:02 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Adobe
    2016-01-29 05:01 - 2016-01-29 05:01 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
    2016-01-29 05:00 - 2016-01-29 18:37 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
    2016-01-29 04:57 - 2016-01-29 04:57 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\AVG
    2016-01-29 04:56 - 2016-01-29 16:55 - 00000000 ____D C:\Program Files\Common Files\AV
    2016-01-29 04:56 - 2016-01-29 04:56 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\TuneUp Software
    2016-01-29 04:54 - 2016-01-29 17:01 - 00000000 ____D C:\ProgramData\MFAData
    2016-01-29 04:54 - 2016-01-29 04:54 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\MFAData
    2016-01-29 04:53 - 2016-01-31 17:22 - 00064568 _____ C:\Users\Daniel Burkus\AppData\Local\GDIPFONTCACHEV1.DAT
    2016-01-29 04:53 - 2016-01-29 18:38 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\AvgSetupLog
    2016-01-29 04:53 - 2016-01-29 18:38 - 00000000 ____D C:\ProgramData\Avg
    2016-01-29 04:53 - 2016-01-29 17:01 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\Avg
    2016-01-29 02:52 - 2016-01-29 02:52 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\NVIDIA
    2016-01-29 02:52 - 2016-01-29 02:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2016-01-29 02:19 - 2016-01-29 02:19 - 00000406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Messenger Center.lnk
    2016-01-29 02:19 - 2016-01-29 02:19 - 00000406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Center.lnk
    2016-01-29 02:16 - 2016-02-18 15:33 - 00429336 _____ C:\Windows\system32\perfh012.dat
    2016-01-29 02:16 - 2016-02-18 15:33 - 00417690 _____ C:\Windows\system32\perfh011.dat
    2016-01-29 02:16 - 2016-02-18 15:33 - 00401934 _____ C:\Windows\system32\prfh0404.dat
    2016-01-29 02:16 - 2016-02-18 15:33 - 00384862 _____ C:\Windows\system32\prfh0804.dat
    2016-01-29 02:16 - 2016-02-18 15:33 - 00122062 _____ C:\Windows\system32\perfc011.dat
    2016-01-29 02:16 - 2016-02-18 15:33 - 00120346 _____ C:\Windows\system32\perfc012.dat
    2016-01-29 02:16 - 2016-02-18 15:33 - 00119554 _____ C:\Windows\system32\prfc0804.dat
    2016-01-29 02:16 - 2016-02-18 15:33 - 00115052 _____ C:\Windows\system32\prfc0404.dat
    2016-01-29 02:16 - 2016-01-29 01:56 - 00141988 _____ C:\Windows\system32\perfi011.dat
    2016-01-29 02:16 - 2016-01-29 01:56 - 00031548 _____ C:\Windows\system32\perfd011.dat
    2016-01-29 02:16 - 2016-01-29 01:34 - 00117840 _____ C:\Windows\system32\prfi0404.dat
    2016-01-29 02:16 - 2016-01-29 01:34 - 00031548 _____ C:\Windows\system32\prfd0404.dat
    2016-01-29 02:16 - 2016-01-29 01:30 - 00157694 _____ C:\Windows\system32\perfi012.dat
    2016-01-29 02:16 - 2016-01-29 01:30 - 00031548 _____ C:\Windows\system32\perfd012.dat
    2016-01-29 02:16 - 2016-01-29 01:25 - 00111310 _____ C:\Windows\system32\prfi0804.dat
    2016-01-29 02:16 - 2016-01-29 01:25 - 00031548 _____ C:\Windows\system32\prfd0804.dat
    2016-01-29 02:11 - 2016-01-30 05:48 - 00000000 ____D C:\Windows\system32\ja
    2016-01-29 02:11 - 2016-01-29 02:11 - 00000000 ____D C:\Windows\system32\0411
    2016-01-29 02:10 - 2016-01-29 02:10 - 00000000 ____D C:\Windows\system32\zh-CHT
    2016-01-29 02:09 - 2016-01-30 05:48 - 00000000 ____D C:\Windows\system32\zh-CHS
    2016-01-29 02:09 - 2016-01-30 05:48 - 00000000 ____D C:\Windows\system32\ko
    2016-01-29 02:09 - 2016-01-29 02:11 - 00000000 ____D C:\Windows\system32\XPSViewer
    2016-01-29 01:50 - 2016-02-19 07:39 - 00000000 ____D C:\ProgramData\NVIDIA
    2016-01-29 01:50 - 2015-02-04 11:06 - 04388040 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2016-01-29 01:50 - 2015-02-04 11:06 - 03060936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
    2016-01-29 01:50 - 2015-02-04 11:05 - 02553032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2016-01-29 01:50 - 2015-02-04 11:05 - 00670536 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    2016-01-29 01:50 - 2015-02-04 11:05 - 00374928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2016-01-29 01:50 - 2015-02-04 11:05 - 00061584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2016-01-29 01:50 - 2015-02-04 08:57 - 00606920 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe
    2016-01-29 01:50 - 2015-02-04 01:18 - 04229086 _____ C:\Windows\system32\nvcoproc.bin
    2016-01-29 01:49 - 2016-01-29 01:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2016-01-29 01:49 - 2016-01-29 01:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2016-01-29 01:49 - 2015-02-20 00:44 - 00060744 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
    2016-01-29 01:39 - 2016-02-10 22:30 - 00000000 ____D C:\Windows\system32\MRT
    2016-01-29 01:39 - 2016-02-10 22:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-01-29 01:18 - 2015-12-02 13:25 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2016-01-29 01:16 - 2016-02-18 15:33 - 02850866 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-01-29 01:14 - 2016-02-18 21:29 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\VirtualStore
    2016-01-29 01:14 - 2016-02-18 21:20 - 00000000 ____D C:\Users\Daniel Burkus
    2016-01-29 01:14 - 2016-01-29 01:14 - 00001413 _____ C:\Users\Daniel Burkus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2016-01-29 01:14 - 2016-01-29 01:14 - 00000020 ___SH C:\Users\Daniel Burkus\ntuser.ini
    2016-01-29 01:14 - 2016-01-29 01:14 - 00000000 _SHDL C:\Users\Daniel Burkus\My Documents
    2016-01-29 01:14 - 2009-07-14 16:48 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Media Center Programs

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-19 07:39 - 2009-07-14 13:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-02-18 18:13 - 2009-07-14 13:34 - 00013904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2016-02-18 18:13 - 2009-07-14 13:34 - 00013904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2016-02-18 15:33 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\inf
    2016-02-15 14:19 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\system32\NDF
    2016-02-11 17:31 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\rescache
    2016-02-11 06:16 - 2009-07-14 13:33 - 00309064 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-02-11 06:13 - 2009-07-14 16:50 - 00000000 ____D C:\Program Files\Windows Journal
    2016-02-01 15:41 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\AppCompat
    2016-01-31 19:55 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\PolicyDefinitions
    2016-01-31 06:01 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\tracing
    2016-01-31 06:01 - 2009-07-14 11:37 - 00000000 ____D C:\Program Files\Common Files\System
    2016-01-31 06:00 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
    2016-01-31 00:56 - 2009-07-14 13:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2016-01-31 00:47 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\system32\Dism
    2016-01-31 00:46 - 2009-07-14 13:52 - 00000000 ____D C:\Program Files\Windows Defender
    2016-01-30 21:51 - 2009-07-14 11:04 - 00450902 ____R C:\Windows\system32\Drivers\etc\hosts.20160205-070017.backup
    2016-01-30 08:30 - 2009-07-14 16:49 - 00000000 ____D C:\Windows\ShellNew
    2016-01-30 05:49 - 2009-07-14 16:49 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
    2016-01-30 05:49 - 2009-07-14 13:52 - 00000000 ____D C:\Program Files\Windows Sidebar
    2016-01-30 05:49 - 2009-07-14 13:52 - 00000000 ____D C:\Program Files\Windows Portable Devices
    2016-01-30 05:49 - 2009-07-14 13:52 - 00000000 ____D C:\Program Files\Windows Photo Viewer
    2016-01-30 05:49 - 2009-07-14 13:52 - 00000000 ____D C:\Program Files\DVD Maker
    2016-01-30 05:49 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\servicing
    2016-01-30 05:48 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\system32\sysprep
    2016-01-30 05:48 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\system32\Setup
    2016-01-30 05:48 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\system32\oobe
    2016-01-30 05:48 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\system32\migwiz
    2016-01-30 05:48 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\system32\manifeststore
    2016-01-29 22:28 - 2009-07-14 11:05 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
    2016-01-29 18:05 - 2009-07-14 13:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2016-01-29 18:03 - 2009-07-14 16:49 - 00000000 ____D C:\Windows\CSC
    2016-01-29 18:01 - 2009-07-14 13:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
    2016-01-29 15:54 - 2009-07-14 11:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2016-01-29 05:02 - 2009-07-14 13:52 - 00000000 ____D C:\Windows\Downloaded Program Files
    2016-01-29 02:11 - 2009-07-14 13:56 - 00000000 ____D C:\Windows\system32\winrm
    2016-01-29 02:11 - 2009-07-14 13:56 - 00000000 ____D C:\Windows\system32\WCN
    2016-01-29 02:11 - 2009-07-14 13:56 - 00000000 ____D C:\Windows\system32\slmgr
    2016-01-29 02:11 - 2009-07-14 13:56 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
    2016-01-29 02:11 - 2009-07-14 13:56 - 00000000 ____D C:\Windows\DigitalLocker
    2016-01-29 02:11 - 2009-07-14 13:52 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
    2016-01-29 02:11 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\system32\MUI
    2016-01-29 02:11 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\system32\com
    2016-01-29 02:11 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\IME
    2016-01-29 01:50 - 2009-07-14 11:37 - 00000000 ____D C:\Windows\Help
    2016-01-29 01:14 - 2009-07-14 11:37 - 00000000 __RHD C:\Users\Public\Libraries

    Some files in TEMP:
    ====================
    C:\Users\Daniel Burkus\AppData\Local\Temp\converter.exe
    C:\Users\Daniel Burkus\AppData\Local\Temp\dllnt_dump.dll
    C:\Users\Daniel Burkus\AppData\Local\Temp\GomAudDnInstaller.exe
    C:\Users\Daniel Burkus\AppData\Local\Temp\ntdll_dump.dll
    C:\Users\Daniel Burkus\AppData\Local\Temp\paint.net.4.0.9.install.exe
    C:\Users\Daniel Burkus\AppData\Local\Temp\UNINSTALL.EXE


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll
    [2016-01-31 08:35] - [2009-07-14 10:16] - 0811520 ____A (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1

    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-02-18 13:06

    ==================== End of FRST.txt ============================
     
  9. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-02-2016
    Ran by Daniel Burkus (2016-02-19 07:42:50)
    Running from C:\Users\Daniel Burkus\Desktop\Downloads
    Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2016-01-28 16:14:06)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1259038908-1583320175-680065255-500 - Administrator - Disabled)
    Daniel Burkus (S-1-5-21-1259038908-1583320175-680065255-1001 - Administrator - Enabled) => C:\Users\Daniel Burkus
    Guest (S-1-5-21-1259038908-1583320175-680065255-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1259038908-1583320175-680065255-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.4) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
    ADS Scanner 2 (HKLM\...\ADS Scanner 2) (Version: 2 - Pointstone Software, LLC)
    Ashampoo Movie Shrink & Burn 2 (HKLM\...\Ashampoo Movie Shrink & Burn 2) (Version: - ashampoo Technology GmbH & Co. KG)
    Audacity 2.0.6 (HKLM\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
    Avast Free Antivirus (HKLM\...\Avast) (Version: 11.1.2245 - AVAST Software)
    CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
    CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
    ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
    FFmpeg (Windows) for Audacity version 2.2.2 (HKLM\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
    Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
    GOM Player (HKLM\...\GOM Player) (Version: 2.1.47.5133 - Gretech Corporation)
    Hangul 2002 SE (HKLM\...\{CECBC29F-6D3A-4ED6-A686-7220EF9B69CC}) (Version: 5.7.5.3007 - Haansoft)
    IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.41 - Irfan Skiljan)
    KakaoTalk (HKLM\...\KakaoTalk) (Version: 2.1.0.1072 - Kakao Corp.)
    K-Lite Mega Codec Pack 10.4.5 (HKLM\...\KLiteCodecPack_is1) (Version: 10.4.5 - )
    LADSPA_plugins-win-0.4.15 (HKLM\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
    LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Mozilla Firefox 44.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
    MP3 Toolkit 1.0.5 (HKLM\...\MP3 Toolkit_is1) (Version: - MP3Toolkit.com)
    NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 1.03.000 - NETGEAR)
    NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
    NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
    NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
    paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507B}) (Version: 4.0.9 - dotPDN LLC)
    RogueKiller version 11 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 11 - Adlice Software)
    Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    SUPER © v2015.build.66+Recorder (2015/10/30) version v2015.buil (HKLM\...\{8E2A29F2-96BF-8259-4CA7-4C16C91728A3}_is1) (Version: v2015.build.66+Recorder - eRightSoft)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com)
    TreeSize Free V3.0.1 (HKLM\...\TreeSize Free_is1) (Version: 3.0.1 - JAM Software)
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
    Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
    WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {56FDB460-B837-44D0-BF48-B27FB59F8914} - System32\Tasks\{8BDA641D-7880-4690-8B38-75DCC0CDA57D} => pcalua.exe -a "C:\Users\Daniel Burkus\Virtual Machines\Install Files\EASY Video Editor (v 2.0)\EASY.exe plus Keygen\Easy Video Editor v2.0.exe" -d "C:\Users\Daniel Burkus\Virtual Machines\Install Files\EASY Video Editor (v 2.0)\EASY.exe plus Keygen"
    Task: {7609A09A-65AD-4EA1-9094-339D2D39D483} - System32\Tasks\{8703A1E3-955E-4714-B632-178F571D3F03} => pcalua.exe -a "C:\Users\Daniel Burkus\Virtual Machines\Install Files\NeroBurning .exe file (with Keygen)\Nero-6[1].6.0.18.exe" -d "C:\Users\Daniel Burkus\Virtual Machines\Install Files\NeroBurning .exe file (with Keygen)"
    Task: {8F56A2C2-DF1F-439B-BE9F-BBC72A825BE8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-01-29] (AVAST Software)
    Task: {B9B5EEE0-7447-4EC2-A8EB-FC19790E5369} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-29] (AVAST Software)
    Task: {FF55AC69-9AD3-4DC5-8418-69E159A58B32} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-16] (Piriform Ltd)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2016-01-29 01:50 - 2015-02-04 11:05 - 00106640 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
    2016-01-29 16:30 - 2016-01-29 16:30 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
    2016-01-29 16:30 - 2016-01-29 16:30 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2016-02-19 06:52 - 2016-02-19 06:52 - 02835968 _____ () C:\Program Files\AVAST Software\Avast\defs\16021801\algo.dll
    2016-01-29 16:30 - 2016-01-29 16:30 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
    2016-01-30 07:47 - 2010-07-05 06:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
    2016-01-29 16:48 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2016-01-29 16:48 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
    2016-01-29 16:48 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2016-01-29 16:48 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
    2016-01-29 16:48 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2016-01-29 15:53 - 2010-08-19 15:25 - 00272864 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
    2016-01-29 15:53 - 2010-07-29 20:41 - 00323584 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiLib.dll
    2016-01-29 16:30 - 2016-01-29 16:30 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2016-01-30 07:47 - 2010-07-05 04:51 - 00017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe
    2016-01-29 15:53 - 2010-08-27 09:32 - 04577760 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
    2016-01-29 15:53 - 2010-07-08 11:24 - 00258048 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

    There are 7871 more sites.

    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\123simsen.com -> www.123simsen.com

    There are 7871 more sites.


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 11:04 - 2016-02-18 20:34 - 00000768 ____A C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1 localhost

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1259038908-1583320175-680065255-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel Burkus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: Media is not connected to internet.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{763C9D5E-ECFE-4D3A-AF81-CC4EBB84CF83}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
    FirewallRules: [{B8C3A556-31F9-4237-BA72-805C9C7E79A6}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
    FirewallRules: [{E7E15744-6AA7-40EA-87BE-E5FD2DC12D96}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{CCBC611D-95BA-48BA-AC62-BC052843BA17}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{AB035A13-5F60-4C15-AD6D-F3740287AB2A}] => (Allow) C:\Program Files\Winamp\winamp.exe
    FirewallRules: [{46A04708-A71C-47A9-B967-D1C29970E410}] => (Allow) C:\Program Files\Winamp\winamp.exe
    FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
    FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
    FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
    FirewallRules: [{B36792AD-C22F-4AD5-A86A-58D4966FB2AF}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Restore Points =========================

    17-02-2016 20:53:23 Windows Update

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/18/2016 09:12:53 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (02/17/2016 12:07:04 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: XP Paint.exe, version: 5.1.2600.2180, time stamp: 0x41107cd3
    Faulting module name: XP Paint.exe, version: 5.1.2600.2180, time stamp: 0x41107cd3
    Exception code: 0xc0000005
    Fault offset: 0x00014e6d
    Faulting process id: 0x2360
    Faulting application start time: 0xXP Paint.exe0
    Faulting application path: XP Paint.exe1
    Faulting module path: XP Paint.exe2
    Report Id: XP Paint.exe3

    Error: (02/17/2016 10:39:14 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (02/17/2016 10:10:22 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (02/17/2016 09:00:11 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Explorer.EXE, version: 6.1.7601.19135, time stamp: 0x56a1ba55
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x08170fef
    Faulting process id: 0x72c
    Faulting application start time: 0xExplorer.EXE0
    Faulting application path: Explorer.EXE1
    Faulting module path: Explorer.EXE2
    Report Id: Explorer.EXE3

    Error: (02/16/2016 03:42:11 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (02/15/2016 03:00:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program explorer.exe version 6.1.7601.19135 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1a84

    Start Time: 01d167b60c1b34db

    Termination Time: 0

    Application Path: C:\Windows\explorer.exe

    Report Id: 6690b405-d3a9-11e5-980b-000ee8e22084

    Error: (02/15/2016 02:59:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program Explorer.EXE version 6.1.7601.19135 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 760

    Start Time: 01d167b232fd3fd6

    Termination Time: 0

    Application Path: C:\Windows\Explorer.EXE

    Report Id: 415efa20-d3a9-11e5-980b-000ee8e22084

    Error: (02/14/2016 04:58:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program firefox.exe version 44.0.2.5884 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 42c4

    Start Time: 01d166f3464ece99

    Termination Time: 30

    Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

    Report Id: c2c11b8a-d2f0-11e5-9243-000ee8e22084

    Error: (02/13/2016 02:01:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: XP Paint.exe, version: 5.1.2600.2180, time stamp: 0x41107cd3
    Faulting module name: XP Paint.exe, version: 5.1.2600.2180, time stamp: 0x41107cd3
    Exception code: 0xc0000005
    Fault offset: 0x00014e6d
    Faulting process id: 0x7e34
    Faulting application start time: 0xXP Paint.exe0
    Faulting application path: XP Paint.exe1
    Faulting module path: XP Paint.exe2
    Report Id: XP Paint.exe3


    System errors:
    =============
    Error: (02/19/2016 07:41:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535

    Error: (02/19/2016 07:41:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (02/19/2016 07:41:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535

    Error: (02/19/2016 07:41:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (02/19/2016 07:41:02 AM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801

    Error: (02/19/2016 07:41:02 AM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801

    Error: (02/19/2016 07:40:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535

    Error: (02/19/2016 07:40:47 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (02/19/2016 07:40:47 AM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801

    Error: (02/19/2016 07:40:23 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    epp32


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3600+
    Percentage of memory in use: 37%
    Total physical RAM: 3071.3 MB
    Available physical RAM: 1906.82 MB
    Total Virtual: 6140.93 MB
    Available Virtual: 4886.07 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:232.79 GB) (Free:47.02 GB) NTFS
    Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive f: (Data Storage) (Fixed) (Total:232.88 GB) (Free:70.05 GB) NTFS
    Drive g: (Data Storage) (Fixed) (Total:232.79 GB) (Free:224.26 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 697FBEB8)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: BCE48856)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: B31CAE79)
    Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  10. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    Broni, I hope the above is everything you need.

    -- Daniel M. Burkus
     
  11. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    So far I don't see much but we'll run couple more tools to make sure...

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2
    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
    [​IMG] Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
    NOTE. If you already have MBAM 2.0 installed scroll down.
    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    If you already have MBAM 2.0 installed:
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    How to get logs:
    (Export log to save as txt)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • Attach that saved log to your next reply.
    (Copy to clipboard for pasting into forum replies or tickets)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.
    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
  12. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    RogueKiller V11.0.12.0 [Feb 15 2016] (Free) by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/software/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
    Started in : Normal mode
    User : Daniel Burkus [Administrator]
    Started from : C:\Users\Daniel Burkus\Desktop\RogueKiller.exe
    Mode : Delete -- Date : 02/19/2016 10:10:58

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 0 ¤¤¤

    ¤¤¤ Tasks : 0 ¤¤¤

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

    ¤¤¤ Web browsers : 1 ¤¤¤
    [PUM.HomePage][FIREFX:Config] nkge34u5.default : user_pref("browser.startup.homepage", "https://login.yahoo.com/?.src=ym&.intl=us&.lang=en-US&.done=https://mail.yahoo.com"); -> Not selected

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: +++++
    --- User ---
    [MBR] b1a2fd097a23ca69b6b12abaa342e59f
    [BSP] ce62516d74e7e2fae782be4f7008cdb8 : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: SAMSUNG SP2504C ATA Device +++++
    --- User ---
    [MBR] 049945051fe77a2a7945126d5255a9c2
    [BSP] 320f4a557e8738f56ad4a861745f1b0e : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238372 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive2: SAMSUNG SP2504C ATA Device +++++
    --- User ---
    [MBR] d151fc54efa59ff995497b97b7e64c5e
    [BSP] bac9892ba4763ddb0e6fe1b910530a9c : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 238472 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK
     
  13. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 2/19/2016
    Scan Time: 10:17 AM
    Logfile: Scan.txt
    Administrator: Yes

    Version: 2.2.0.1024
    Malware Database: v2016.02.18.05
    Rootkit Database: v2016.02.17.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x86
    File System: NTFS
    User: Daniel Burkus

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 299998
    Time Elapsed: 13 min, 32 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  14. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    # AdwCleaner v5.035 - Logfile created 19/02/2016 at 10:52:00
    # Updated 18/02/2016 by Xplode
    # Database : 2016-02-18.5 [Server]
    # Operating system : Windows 7 Ultimate Service Pack 1 (x86)
    # Username : Daniel Burkus - PC
    # Running from : C:\Users\Daniel Burkus\Desktop\adwcleaner_5.035.exe
    # Option : Cleaning
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Folders ] *****

    [-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
    [-] Folder Deleted : C:\ProgramData\AVG Security Toolbar

    ***** [ Files ] *****


    ***** [ DLLs ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****

    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Key Deleted : HKCU\Software\Yahoo\Companion

    ***** [ Web browsers ] *****


    *************************

    :: "Tracing" keys removed
    :: Winsock settings cleared

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1344 bytes] ##########
     
  15. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.3 (02.09.2016)
    Operating System: Windows 7 Ultimate x86
    Ran by Daniel Burkus (Administrator) on Fri 02/19/2016 at 10:56:28.79
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 28

    Failed to delete: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EM5EVRP3 (Temporary Internet Files Folder)
    Failed to delete: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOT2DECF (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\kakao (Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\extensions\jid1-LYopfl0r00ZV5k@jetpack.xpi (File)
    Successfully deleted: C:\Program Files\kakao (Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2TM2IMY0 (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3XGCFKOZ (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6X8Z71Y (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CGCVK8DK (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CL5FYE94 (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EM5EVRP3 (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IJ2FLBRE (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOT2DECF (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OEP6CM4Y (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8LU7UTX (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHIIP38Z (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Daniel Burkus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YPPD06UW (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\prefetch\TREESIZEFREE.EXE-2E3A7403.pf (File)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2TM2IMY0 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3XGCFKOZ (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6X8Z71Y (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CGCVK8DK (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CL5FYE94 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IJ2FLBRE (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OEP6CM4Y (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8LU7UTX (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHIIP38Z (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YPPD06UW (Temporary Internet Files Folder)

    Deleted the following from C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\prefs.js
    user_pref(browser.urlbar.suggest.searches, true);



    Registry: 0





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Fri 02/19/2016 at 10:59:48.81
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  16. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    And that is it for the next four scans (RogueKiller, Malwarebytes, AdwareCleaner, and JunkwareCleaner). Please let me know what to do next, at your convenience!

    -- Daniel M. Burkus
     
  17. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      If the connection is not there use restore point you created prior to running Combofix.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try the following...

    Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    Restart computer in safe mode

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    When the scan is done Notepad will open with rKill.txt log.
    NOTE. rKill.txt log will also be present on your desktop.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
     
  18. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    First I am posting the two old RogueKiller files:

    1) RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
    Started in : Safe mode with network support
    User : Daniel Burkus [Admin rights]
    Mode : Scan -- Date : 02/13/2016 22:12:34
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 4 ¤¤¤
    [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
    [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Scheduled tasks : 0 ¤¤¤

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Browser Addons : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤
    [Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736309AE)
    [Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736249A1)
    [Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73650731)
    [Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73626395)
    [Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362940E)
    [Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736308ED)
    [Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7363E6B3)
    [Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7363D395)
    [Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736294AB)
    [Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73626A18)
    [Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73623982)
    [Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7363D9DA)
    [Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73643B52)
    [Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736535E7)
    [Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736253E5)
    [Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736251BF)
    [Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73624EA1)
    [Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736263E6)
    [Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362FCAF)
    [Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652FEB)
    [Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73623F9A)
    [Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73623F9A)
    [Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736506CC)
    [Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73624BAF)
    [Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736304BC)
    [Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73630473)
    [Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652E7F)
    [Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736305DD)
    [Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73630FB1)
    [Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362CD2E)
    [Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362F8BF)
    [Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7363165D)
    [Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362BF93)
    [Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73627C1F)
    [Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362616C)
    [Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652932)
    [Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362616C)
    [Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652412)
    [Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362FF21)
    [Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362616C)
    [Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736523B1)
    [Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736286E9)
    [Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736306E2)
    [Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362CDB1)
    [Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652350)
    [Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73643FBB)
    [Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73633611)
    [Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736339D9)
    [Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736522E4)
    [Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73653172)
    [Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73643274)
    [Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7365301E)
    [Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736529C4)
    [Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652BD3)
    [Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7365320B)
    [Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652B3F)
    [Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73622D57)
    [Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362F992)
    [Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73631081)
    [Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362DF46)
    [Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73633CE3)
    [Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362F869)
    [Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73622E9A)
    [Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362F785)
    [Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736260AB)
    [Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7365312B)
    [Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736285B4)
    [Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736273D2)
    [Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73643D43)
    [Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73653296)
    [Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73630134)
    [Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7363CFE6)
    [Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362B176)
    [Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7365068D)
    [Address] EAT @explorer.exe (DllCanUnloadNow) : MPR.dll -> HOOKED (C:\Windows\system32\EXPLORERFRAME.dll @ 0x71B7008E)
    [Address] EAT @explorer.exe (DllGetClassObject) : MPR.dll -> HOOKED (C:\Windows\system32\EXPLORERFRAME.dll @ 0x71B6CC9D)
    [Address] EAT @explorer.exe (DllGetVersion) : MPR.dll -> HOOKED (C:\Windows\system32\EXPLORERFRAME.dll @ 0x71C23180)

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts




    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3250318AS ATA Device +++++
    --- User ---
    [MBR] b1a2fd097a23ca69b6b12abaa342e59f
    [BSP] ce62516d74e7e2fae782be4f7008cdb8 : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) SAMSUNG SP2504C ATA Device +++++
    --- User ---
    [MBR] 049945051fe77a2a7945126d5255a9c2
    [BSP] 320f4a557e8738f56ad4a861745f1b0e : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 238372 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) SAMSUNG SP2504C ATA Device +++++
    --- User ---
    [MBR] d151fc54efa59ff995497b97b7e64c5e
    [BSP] bac9892ba4763ddb0e6fe1b910530a9c : Windows 7/8 MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 238472 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_S_02132016_221234.txt >>



    2) RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
    Started in : Safe mode with network support
    User : Daniel Burkus [Admin rights]
    Mode : Remove -- Date : 02/13/2016 22:13:18
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 4 ¤¤¤
    [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
    [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Scheduled tasks : 0 ¤¤¤

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Browser Addons : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤
    [Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736309AE)
    [Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736249A1)
    [Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73650731)
    [Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73626395)
    [Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362940E)
    [Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736308ED)
    [Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7363E6B3)
    [Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7363D395)
    [Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736294AB)
    [Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73626A18)
    [Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73623982)
    [Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7363D9DA)
    [Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73643B52)
    [Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736535E7)
    [Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736253E5)
    [Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736251BF)
    [Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73624EA1)
    [Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736263E6)
    [Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362FCAF)
    [Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652FEB)
    [Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73623F9A)
    [Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73623F9A)
    [Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736506CC)
    [Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73624BAF)
    [Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736304BC)
    [Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73630473)
    [Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652E7F)
    [Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736305DD)
    [Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73630FB1)
    [Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362CD2E)
    [Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362F8BF)
    [Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7363165D)
    [Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362BF93)
    [Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73627C1F)
    [Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362616C)
    [Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652932)
    [Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362616C)
    [Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652412)
    [Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362FF21)
    [Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362616C)
    [Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736523B1)
    [Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736286E9)
    [Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736306E2)
    [Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362CDB1)
    [Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652350)
    [Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73643FBB)
    [Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73633611)
    [Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736339D9)
    [Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736522E4)
    [Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73653172)
    [Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73643274)
    [Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7365301E)
    [Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736529C4)
    [Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652BD3)
    [Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7365320B)
    [Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73652B3F)
    [Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73622D57)
    [Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362F992)
    [Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73631081)
    [Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362DF46)
    [Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73633CE3)
    [Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362F869)
    [Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73622E9A)
    [Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362F785)
    [Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736260AB)
    [Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7365312B)
    [Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736285B4)
    [Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x736273D2)
    [Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73643D43)
    [Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73653296)
    [Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73630134)
    [Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7363CFE6)
    [Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7362B176)
    [Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7365068D)
    [Address] EAT @explorer.exe (DllCanUnloadNow) : MPR.dll -> HOOKED (C:\Windows\system32\EXPLORERFRAME.dll @ 0x71B7008E)
    [Address] EAT @explorer.exe (DllGetClassObject) : MPR.dll -> HOOKED (C:\Windows\system32\EXPLORERFRAME.dll @ 0x71B6CC9D)
    [Address] EAT @explorer.exe (DllGetVersion) : MPR.dll -> HOOKED (C:\Windows\system32\EXPLORERFRAME.dll @ 0x71C23180)

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts




    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3250318AS ATA Device +++++
    --- User ---
    [MBR] b1a2fd097a23ca69b6b12abaa342e59f
    [BSP] ce62516d74e7e2fae782be4f7008cdb8 : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) SAMSUNG SP2504C ATA Device +++++
    --- User ---
    [MBR] 049945051fe77a2a7945126d5255a9c2
    [BSP] 320f4a557e8738f56ad4a861745f1b0e : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 238372 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) SAMSUNG SP2504C ATA Device +++++
    --- User ---
    [MBR] d151fc54efa59ff995497b97b7e64c5e
    [BSP] bac9892ba4763ddb0e6fe1b910530a9c : Windows 7/8 MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 238472 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_D_02132016_221318.txt >>
    RKreport[0]_S_02132016_221234.txt
     
  19. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    Here is the ComboFix log:

    ComboFix 16-02-15.01 - Daniel Burkus 02/19/2016 15:01:37.1.2 - x86
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3071.1975 [GMT 9:00]
    Running from: c:\users\Daniel Burkus\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\system32\Packet.dll
    c:\windows\system32\pthreadVC.dll
    c:\windows\system32\wpcap.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Service_NPF
    .
    .
    ((((((((((((((((((((((((( Files Created from 2016-01-19 to 2016-02-19 )))))))))))))))))))))))))))))))
    .
    .
    2016-02-19 01:45 . 2016-02-19 01:52 -------- d-----w- C:\AdwCleaner
    2016-02-18 12:37 . 2016-02-18 12:37 -------- d-----w- c:\program files\ESET
    2016-02-18 00:04 . 2016-02-18 00:04 -------- d-----w- c:\program files\Pointstone
    2016-02-17 22:03 . 2016-02-17 22:03 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AB805B9B-5621-464B-AF2D-84E67EE41C58}\offreg.5488.dll
    2016-02-17 22:01 . 2015-12-16 01:15 9014120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AB805B9B-5621-464B-AF2D-84E67EE41C58}\mpengine.dll
    2016-02-17 08:11 . 2016-02-17 11:51 -------- d-----w- C:\EEK
    2016-02-16 23:42 . 2016-02-18 22:46 -------- d-----w- C:\FRST
    2016-02-15 05:58 . 2016-02-19 01:43 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
    2016-02-15 05:57 . 2016-02-18 11:10 -------- d-----w- c:\program files\RogueKiller
    2016-02-15 05:57 . 2016-02-15 06:30 -------- d-----w- c:\programdata\RogueKiller
    2016-02-09 23:10 . 2016-01-16 18:36 1413632 ----a-w- c:\windows\system32\ole32.dll
    2016-02-09 23:09 . 2016-01-22 06:07 37888 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
    2016-02-09 12:49 . 2015-07-30 13:13 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-02-09 03:43 . 2004-02-22 01:11 764416 --sh--w- c:\windows\system32\devil.dll
    2016-02-09 03:43 . 2009-09-27 00:39 415744 --sh--w- c:\windows\system32\avisynth.dll
    2016-02-09 03:43 . 2005-07-14 03:31 32256 --sh--w- c:\windows\system32\AVSredirect.dll
    2016-02-09 03:43 . 2004-01-24 15:00 70656 --sh--w- c:\windows\system32\yv12vfw.dll
    2016-02-09 03:43 . 2004-01-24 15:00 70656 --sh--w- c:\windows\system32\i420vfw.dll
    2016-02-06 08:26 . 2016-02-06 08:26 -------- d-----w- c:\program files\VideoLAN
    2016-02-01 09:47 . 2016-02-01 09:47 -------- d-----w- c:\windows\system32\spp32
    2016-01-31 10:55 . 2016-02-10 21:13 -------- d-s---w- c:\windows\system32\CompatTel
    2016-01-31 10:55 . 2016-02-10 21:13 -------- d-----w- c:\windows\system32\appraiser
    2016-01-31 06:46 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
    2016-01-31 06:45 . 2015-06-03 20:17 1167520 ----a-w- c:\windows\system32\aitstatic.exe
    2016-01-31 06:45 . 2015-11-16 20:12 176128 ----a-w- c:\windows\system32\aepic.dll
    2016-01-31 06:45 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\system32\esent.dll
    2016-01-31 05:33 . 2016-01-31 05:33 -------- d-----w- C:\eRightSoft
    2016-01-30 23:35 . 2015-11-10 18:39 909824 ----a-w- c:\windows\system32\FntCache.dll
    2016-01-30 23:35 . 2015-11-10 18:39 1251328 ----a-w- c:\windows\system32\DWrite.dll
    2016-01-30 23:35 . 2009-07-14 01:16 811520 ----a-w- c:\windows\system32\user32.dll
    2016-01-30 23:34 . 2015-02-03 03:12 1230848 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2016-01-30 23:33 . 2015-07-30 17:57 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
    2016-01-30 23:33 . 2015-12-08 21:54 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
    2016-01-30 23:32 . 2015-02-04 02:54 417792 ----a-w- c:\windows\system32\WMPhoto.dll
    2016-01-30 17:42 . 2016-01-30 17:42 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2016-01-30 15:46 . 2016-01-30 15:57 -------- d-s---w- c:\windows\system32\GWX
    2016-01-30 14:23 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
    2016-01-30 14:23 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
    2016-01-30 14:23 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
    2016-01-30 14:23 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
    2016-01-30 14:23 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
    2016-01-30 14:23 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
    2016-01-30 14:23 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
    2016-01-30 14:20 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll
    2016-01-30 14:20 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll
    2016-01-30 14:20 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe
    2016-01-30 14:20 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
    2016-01-30 14:19 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
    2016-01-30 14:19 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
    2016-01-30 13:56 . 2016-01-30 13:56 -------- d-----w- c:\windows\Migration
    2016-01-30 11:04 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll
    2016-01-30 11:04 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll
    2016-01-30 11:04 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll
    2016-01-30 10:55 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
    2016-01-30 10:55 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
    2016-01-30 10:55 . 2013-09-08 02:03 231424 ----a-w- c:\windows\system32\mswsock.dll
    2016-01-30 10:55 . 2015-01-29 03:02 844288 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
    2016-01-30 10:55 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\system32\wpdshext.dll
    2016-01-30 10:53 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
    2016-01-30 10:53 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
    2016-01-30 10:53 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2016-01-30 10:53 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
    2016-01-30 10:52 . 2015-11-11 18:39 1242624 ----a-w- c:\windows\system32\comsvcs.dll
    2016-01-30 10:52 . 2015-11-11 18:39 487936 ----a-w- c:\windows\system32\catsrvut.dll
    2016-01-30 10:52 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
    2016-01-30 10:52 . 2015-07-01 20:30 206848 ----a-w- c:\windows\system32\WebClnt.dll
    2016-01-30 10:52 . 2015-07-01 20:30 82432 ----a-w- c:\windows\system32\davclnt.dll
    2016-01-30 10:52 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe
    2016-01-30 10:52 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
    2016-01-30 10:52 . 2015-07-09 17:42 179712 ----a-w- c:\windows\system32\notepad.exe
    2016-01-30 10:52 . 2015-07-09 17:42 179712 ----a-w- c:\windows\notepad.exe
    2016-01-30 10:52 . 2015-09-23 13:09 371920 ----a-w- c:\windows\system32\drivers\cng.sys
    2016-01-30 10:52 . 2015-09-23 13:09 251000 ----a-w- c:\windows\system32\bcryptprimitives.dll
    2016-01-30 10:51 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\system32\msxml6.dll
    2016-01-30 10:51 . 2015-08-27 17:58 1241088 ----a-w- c:\windows\system32\msxml3.dll
    2016-01-30 10:51 . 2015-08-27 17:51 2048 ----a-w- c:\windows\system32\msxml6r.dll
    2016-01-30 10:51 . 2015-08-27 17:51 2048 ----a-w- c:\windows\system32\msxml3r.dll
    2016-01-30 10:51 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
    2016-01-30 10:51 . 2015-08-05 17:41 751104 ----a-w- c:\windows\system32\schedsvc.dll
    2016-01-30 10:49 . 2014-03-04 09:17 538112 ----a-w- c:\windows\system32\objsel.dll
    2016-01-30 10:48 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
    2016-01-30 10:48 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax
    2016-01-30 10:48 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
    2016-01-30 10:48 . 2015-11-05 19:00 2048 ----a-w- c:\windows\system32\tzres.dll
    2016-01-30 10:48 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
    2016-01-30 10:48 . 2015-10-13 16:31 338944 ----a-w- c:\windows\system32\drivers\afd.sys
    2016-01-30 10:48 . 2015-10-13 16:31 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
    2016-01-30 10:48 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
    2016-01-30 10:46 . 2015-11-03 18:55 179712 ----a-w- c:\windows\system32\els.dll
    2016-01-30 10:46 . 2015-04-11 03:07 54656 ----a-w- c:\windows\system32\drivers\stream.sys
    2016-01-30 10:46 . 2015-03-04 04:16 249784 ----a-w- c:\windows\system32\clfs.sys
    2016-01-30 10:46 . 2015-03-04 04:10 58880 ----a-w- c:\windows\system32\clfsw32.dll
    2016-01-30 10:46 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
    2016-01-30 10:46 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll
    2016-01-30 10:46 . 2013-08-28 00:57 434688 ----a-w- c:\windows\system32\scavengeui.dll
    2016-01-30 10:46 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
    2016-01-30 10:46 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
    2016-01-30 10:46 . 2015-01-17 02:30 828928 ----a-w- c:\windows\system32\msctf.dll
    2016-01-30 10:45 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
    2016-01-30 10:45 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
    2016-01-30 10:45 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
    2016-01-30 10:45 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
    2016-01-30 10:45 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
    2016-01-30 10:45 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
    2016-01-30 10:45 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
    2016-01-30 10:45 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
    2016-01-30 10:45 . 2015-07-22 17:53 937984 ----a-w- c:\windows\system32\diagtrack.dll
    2016-01-30 10:45 . 2015-07-22 16:38 41984 ----a-w- c:\windows\system32\UtcResources.dll
    2016-01-30 10:45 . 2015-07-22 17:53 635392 ----a-w- c:\windows\system32\tdh.dll
    2016-01-30 10:42 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll
    2016-01-30 10:42 . 2014-01-24 02:18 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
    2016-01-30 10:42 . 2010-12-23 05:54 850944 ----a-w- c:\windows\system32\sbe.dll
    2016-01-30 10:42 . 2010-12-23 05:50 199680 ----a-w- c:\windows\system32\mpg2splt.ax
    2016-01-30 10:42 . 2015-04-18 02:56 342016 ----a-w- c:\windows\system32\certcli.dll
    2016-01-30 10:42 . 2015-05-25 18:00 364544 ----a-w- c:\windows\system32\tracerpt.exe
    2016-01-30 10:42 . 2015-05-25 18:01 92160 ----a-w- c:\windows\system32\sechost.dll
    2016-01-30 10:42 . 2015-05-25 18:00 40448 ----a-w- c:\windows\system32\typeperf.exe
    2016-01-30 10:42 . 2015-05-25 18:00 37888 ----a-w- c:\windows\system32\relog.exe
    2016-01-30 10:42 . 2015-05-25 18:00 82944 ----a-w- c:\windows\system32\logman.exe
    2016-01-30 10:42 . 2015-05-25 18:00 17408 ----a-w- c:\windows\system32\diskperf.exe
    2016-01-30 10:41 . 2015-04-27 19:05 179200 ----a-w- c:\windows\system32\wintrust.dll
    2016-01-30 10:41 . 2015-04-27 19:04 143872 ----a-w- c:\windows\system32\cryptsvc.dll
    2016-01-30 10:41 . 2015-04-27 19:04 1174528 ----a-w- c:\windows\system32\crypt32.dll
    2016-01-30 10:41 . 2015-04-27 19:04 103936 ----a-w- c:\windows\system32\cryptnet.dll
    2016-01-30 10:41 . 2015-11-03 18:56 627712 ----a-w- c:\windows\system32\usp10.dll
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2016-01-29 13:28 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
    2014-03-07 01:03 3109520 --sha-r- c:\windows\System32\avcodec-lav-55.dll
    2014-03-07 01:03 98960 --sha-r- c:\windows\System32\avfilter-lav-4.dll
    2014-03-07 01:03 550032 --sha-r- c:\windows\System32\avformat-lav-55.dll
    2009-09-27 00:39 415744 --sh--w- c:\windows\System32\avisynth.dll
    2014-03-07 01:03 59536 --sha-r- c:\windows\System32\avresample-lav-1.dll
    2005-07-14 03:31 32256 --sh--w- c:\windows\System32\AVSredirect.dll
    2014-03-07 01:03 181392 --sha-r- c:\windows\System32\avutil-lav-52.dll
    2004-02-22 01:11 764416 --sh--w- c:\windows\System32\devil.dll
    2014-03-07 01:03 122512 --sha-r- c:\windows\System32\HLaudio.dll
    2014-03-07 01:03 203408 --sha-r- c:\windows\System32\HLsplit.dll
    2014-03-07 01:03 313520 --sha-r- c:\windows\System32\HLvideo.dll
    2004-01-24 15:00 70656 --sh--w- c:\windows\System32\i420vfw.dll
    2014-03-07 01:03 166544 --sha-r- c:\windows\System32\IntelQuickSyncDecoder.dll
    2014-03-07 01:03 109712 --sha-r- c:\windows\System32\libbluray.dll
    2011-02-11 00:26 112128 --sha-r- c:\windows\System32\OptimFROG.dll
    2014-03-07 01:03 118416 --sha-r- c:\windows\System32\swscale-lav-2.dll
    2010-01-06 14:00 107520 --sha-r- c:\windows\System32\TAKDSDecoder.dll
    2012-10-05 09:54 188416 --sha-r- c:\windows\System32\winDCE32.dll
    2004-01-24 15:00 70656 --sh--w- c:\windows\System32\yv12vfw.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2016-01-29 07:30 750216 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2016-01-21 6819232]
    "SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-02-19 1793736]
    "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-01-29 7021880]
    "SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
    "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2016-01-29 280576]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    NETGEAR WNDA3100v2 Smart Wizard.lnk - c:\program files\NETGEAR\WNDA3100v2\WNDA3100v2.exe [2016-1-29 4577760]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    "SoftwareSASGeneration"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux1"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean.exe
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    R1 epp32;epp32;c:\users\Daniel Burkus\Desktop\RUN\epp32.sys [x]
    R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
    R2 WSWNDA3100;WSWNDA3100;c:\program files\NETGEAR\WNDA3100v2\WifiSvc.exe [2010-08-19 272864]
    R3 cleanhlp;cleanhlp;c:\eek\Run\cleanhlp32.sys [2014-05-13 50200]
    R3 eapihdrv;eapihdrv;c:\users\DANIEL~1\AppData\Local\Temp\ehdrv.sys [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-01-22 102912]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-10-05 51928]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-06-11 15872]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    S0 aswRvrt;avast! Revert; [x]
    S0 aswVmm;avast! VM Monitor; [x]
    S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [2007-01-19 21728]
    S1 A2DDA;A2 Direct Disk Access Support Driver;c:\eek\RUN\a2ddax86.sys [2014-05-13 22056]
    S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2016-01-29 812208]
    S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2016-01-29 449384]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2014-07-22 142648]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-04-19 176128]
    S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2016-01-29 24016]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2016-01-29 81168]
    S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2016-01-29 117712]
    S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
    S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
    S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
    S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-03 409800]
    S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh6.sys [2009-11-05 699896]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-10-05 23256]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - WS2IFSL
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    utcsvc REG_MULTI_SZ DiagTrack
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = https://www.yahoo.com/
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\
    FF - prefs.js: browser.startup.homepage - hxxps://login.yahoo.com/?.src=ym&.intl=us&.lang=en-US&.done=https%3a//mail.yahoo.com
    .
    - - - - ORPHANS REMOVED - - - -
    .
    HKCU-Run-KakaoTalk - c:\program files\Kakao\KakaoTalk\KakaoTalk.exe
    Notify-SDWinLogon - SDWinLogon.dll
    SafeBoot-CleanHlp
    SafeBoot-CleanHlp.sys
    AddRemove-KakaoTalk - c:\program files\Kakao\KakaoTalk\uninstall.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\nvvsvc.exe
    c:\windows\system32\atieclxx.exe
    c:\program files\AVAST Software\Avast\AvastSvc.exe
    c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
    c:\windows\system32\nvvsvc.exe
    c:\windows\system32\WLANExt.exe
    c:\windows\system32\conhost.exe
    c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
    c:\windows\system32\taskhost.exe
    c:\windows\system32\GWX\GWX.exe
    c:\windows\system32\sppsvc.exe
    c:\program files\NVIDIA Corporation\Display\nvtray.exe
    c:\windows\servicing\TrustedInstaller.exe
    c:\windows\system32\conhost.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    .
    **************************************************************************
    .
    Completion time: 2016-02-19 15:22:57 - machine was rebooted
    ComboFix-quarantined-files.txt 2016-02-19 06:22
    .
    Pre-Run: 49,967,038,464 bytes free
    Post-Run: 51,855,773,696 bytes free
    .
    - - End Of File - - B244C8AFEDEF0B385EA691CCE6C82D31
    A36C5E4F47E84449FF07ED3517B43A31
     
  20. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    ComboFix had no problems running at all, so I did not need to run rKill.exe.
     
  21. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    I don't really see much there.
    It could be overheating as someone suggested ...

    Download siv.zip (System Information Viewer) from here: System Information Viewer
    Do NOT try to download siv32l.zip or siv64i.zip
    Unzip downloaded file.
    For 32-bit systems double click on SIV32X.exe to run the tool.
    For 64-bit systems double click on SIV64X.exe to run the tool.
    Click on Copy button at the bottom left.
    That will save all information to the Clipboard.
    Open Notepad.
    Hold CTRL key on your keyboard and press V key.
    That will paste all info to the Notepad.
    Copy all content and paste it into your next reply.
     
  22. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

  23. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    > I don't really see much there.
    > It could be overheating as someone suggested ...

    Yes, that makes sense.

    Broni, as I said, when this infection began, the little display on the front of the computer that shows CPU temperature and which cooling fans are functioning stopped working. The first time I removed (uninstalled) the Floppy Disk Drive and Floppy Drive Controller from the Device Manager, the little display lit up, and the fan that cools the CPU (which is audible and is easy to recognize when it is working) was turning on and off, as necessary. (This is the display circled in the right photo, below.) Since this display stopped working, the cooling system has apparently not functioned properly (the fan that cools the CPU stopped working), and this is probably why it was overheating and then shutting down.

    upload_2016-2-20_6-31-20.jpeg

    But after the first time, if I uninstall the Floppy Disk Drive and Floppy Drive Controller, the display (circled above) does not light up; still, the machine worked all day yesterday without shutting down (I tried different things that had been making it shut down before, such as doing a download, playing a movie DVD to the end, and so on), so the overheating issue appears to have been resolved (though I have not hear the CPU's special cooling fan -- and I have been listening for it). Furthermore, whenever the PC is shut down, the next time it is turned on it reinstalls the Floppy Drive. Do you have any suggestions?
     

    Attached Files:

  24. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Not sure about that floppy drive.
    Let's finish cleaning process and we'll see how it goes then.

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double click to run it.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
     
  25. Daniel Burkus

    Daniel Burkus TS Enthusiast Topic Starter Posts: 66

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-02-2016
    Ran by Daniel Burkus (administrator) on PC (20-02-2016 06:46:37)
    Running from C:\Users\Daniel Burkus\A - Software Shortcuts\Malware Scanning Tools
    Loaded Profiles: Daniel Burkus (Available Profiles: Daniel Burkus)
    Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
    () C:\Program Files\Unlocker\UnlockerAssistant.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    () C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-29] (AVAST Software)
    HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-05] ()
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-28] (Adobe Systems Incorporated)
    HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
    HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6819232 2016-01-22] (SUPERAntiSpyware)
    HKU\S-1-5-21-1259038908-1583320175-680065255-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2016-01-29] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-01-29] (AVAST Software)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Smart Wizard.lnk [2016-01-29]
    ShortcutTarget: NETGEAR WNDA3100v2 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
    BootExecute: autocheck autochk * sdnclean.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{66B87001-DA33-470B-9512-77BE9AE4D883}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{8B6A2BDC-C91C-41DA-8117-5DF8284C8C25}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{B3CE4C30-3C2F-4806-AE63-1892B7E644A5}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-1259038908-1583320175-680065255-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-1259038908-1583320175-680065255-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-1259038908-1583320175-680065255-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-28] (Adobe Systems Incorporated)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-29] (AVAST Software)
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    FireFox:
    ========
    FF ProfilePath: C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default
    FF Homepage: hxxps://login.yahoo.com/?.src=ym&.intl=us&.lang=en-US&.done=https%3a//mail.yahoo.com
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-19] ()
    FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
    FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
    FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-28] (Adobe Systems Inc.)
    FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\extensions\artur.dubovoy@gmail.com [2016-01-29]
    FF Extension: Restart application - C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\extensions\{c0af4d2f-2ce4-9471-49e2-1e5ca8a57dd2}.xpi [2016-01-29]
    FF Extension: Image and Flash Blocker - C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\extensions\imgflashblocker@shimon.chohen.xpi [2016-01-29]
    FF Extension: Webmail Ad Blocker - C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\Extensions\gmailnoads@mywebber.com.xpi [2016-01-29]
    FF Extension: NO Google Analytics - C:\Users\Daniel Burkus\AppData\Roaming\Mozilla\Firefox\Profiles\nkge34u5.default\Extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi [2016-01-29]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-29]
    FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-01-29]

    Chrome:
    =======
    CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-01-29]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-29]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-29] (AVAST Software)
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
    S2 WSWNDA3100; C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe [272864 2010-08-19] ()

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 A2DDA; C:\EEK\RUN\a2ddax86.sys [22056 2014-05-14] (Emsisoft GmbH)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2016-01-29] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2016-01-29] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2016-01-29] (AVAST Software)
    R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2016-01-29] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [812208 2016-01-29] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449384 2016-01-29] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [117712 2016-01-29] (AVAST Software)
    R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2016-01-29] (AVAST Software)
    R3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [699896 2009-11-06] (Broadcom Corporation)
    S3 cleanhlp; C:\EEK\Run\cleanhlp32.sys [50200 2014-05-14] (Emsisoft GmbH)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows (R) Codename Longhorn DDK provider)
    S3 SIVDriver; C:\Windows\system32\Drivers\SIVX32.sys [134928 2016-02-14] (Ray Hinchliffe)
    R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
    R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
    R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
    R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
    S3 catchme; \??\C:\Users\DANIEL~1\AppData\Local\Temp\catchme.sys [X]
    S3 eapihdrv; \??\C:\Users\DANIEL~1\AppData\Local\Temp\ehdrv.sys [X]
    S1 epp32; \??\C:\Users\Daniel Burkus\Desktop\RUN\epp32.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-20 06:20 - 2016-02-14 12:58 - 00134928 _____ (Ray Hinchliffe) C:\Windows\system32\Drivers\SIVX32.sys
    2016-02-19 20:41 - 2016-02-19 20:41 - 00000000 ____D C:\SUPERDelete
    2016-02-19 17:45 - 2016-02-19 17:45 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\Macromedia
    2016-02-19 17:18 - 2016-02-20 06:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2016-02-19 17:17 - 2016-02-19 17:18 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\Adobe
    2016-02-19 15:22 - 2016-02-19 15:22 - 00020808 _____ C:\ComboFix.txt
    2016-02-19 14:59 - 2011-06-26 15:45 - 00256000 _____ C:\Windows\PEV.exe
    2016-02-19 14:59 - 2010-11-08 02:20 - 00208896 _____ C:\Windows\MBR.exe
    2016-02-19 14:59 - 2009-04-20 13:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2016-02-19 14:59 - 2000-08-31 09:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2016-02-19 14:59 - 2000-08-31 09:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2016-02-19 14:59 - 2000-08-31 09:00 - 00098816 _____ C:\Windows\sed.exe
    2016-02-19 14:59 - 2000-08-31 09:00 - 00080412 _____ C:\Windows\grep.exe
    2016-02-19 14:59 - 2000-08-31 09:00 - 00068096 _____ C:\Windows\zip.exe
    2016-02-19 14:55 - 2016-02-19 15:23 - 00000000 ____D C:\Qoobox
    2016-02-19 14:55 - 2016-02-19 15:20 - 00000000 ____D C:\Windows\erdnt
    2016-02-19 11:07 - 2016-02-20 06:46 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Results
    2016-02-19 10:45 - 2016-02-19 10:52 - 00000000 ____D C:\AdwCleaner
    2016-02-19 09:39 - 2016-02-20 06:47 - 00017878 _____ C:\Users\Daniel Burkus\Desktop\Steps to Clean PC.txt
    2016-02-18 21:37 - 2016-02-18 21:37 - 00000000 ____D C:\Program Files\ESET
    2016-02-18 21:35 - 2016-02-18 21:37 - 00206066 _____ C:\TDSSKiller.3.1.0.9_18.02.2016_21.35.38_log.txt
    2016-02-18 17:00 - 2016-02-18 17:00 - 00000111 _____ C:\Users\Daniel Burkus\Desktop\TechSpot URL.txt
    2016-02-18 16:56 - 2016-02-18 16:56 - 00006946 _____ C:\Users\Daniel Burkus\Desktop\TechSpot Post.txt
    2016-02-18 15:31 - 2016-02-18 15:31 - 00000000 ____D C:\Users\Daniel Burkus\Personal History and Related Documents (+ Address)
    2016-02-18 15:31 - 2015-11-14 13:34 - 00000618 _____ C:\Users\Daniel Burkus\Desktop\On-line Dictionaries.txt
    2016-02-18 15:31 - 2014-10-17 19:19 - 00000590 _____ C:\Users\Daniel Burkus\Desktop\On-line Book Downloads.txt
    2016-02-18 15:21 - 2016-02-18 15:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
    2016-02-18 14:54 - 2016-02-18 14:54 - 00147618 _____ C:\Users\Daniel Burkus\Desktop\Microsoft’s Free Security Tools – Microsoft Safety Scanner (MSERT).htm
    2016-02-18 14:54 - 2016-02-18 14:54 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Microsoft’s Free Security Tools – Microsoft Safety Scanner (MSERT)_files
    2016-02-18 14:34 - 2016-02-18 14:35 - 00144786 _____ C:\Users\Daniel Burkus\Desktop\How to Slow Down an Animated GIF in GIMP.htm
    2016-02-18 14:34 - 2016-02-18 14:35 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\How to Slow Down an Animated GIF in GIMP_files
    2016-02-18 14:33 - 2016-02-18 14:35 - 76225536 _____ (The GIMP Team ) C:\Users\Daniel Burkus\Desktop\gimp-2.8.0-setup.exe
    2016-02-18 10:22 - 2016-02-18 10:22 - 36004862 _____ C:\Users\Daniel Burkus\Desktop\Meditation (HuffPost).mp4
    2016-02-18 09:04 - 2016-02-18 09:04 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ADS Scanner 2
    2016-02-18 09:04 - 2016-02-18 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADS Scanner 2
    2016-02-18 09:04 - 2016-02-18 09:04 - 00000000 ____D C:\Program Files\Pointstone
    2016-02-18 06:51 - 2016-02-18 06:52 - 05722200 _____ C:\Users\Daniel Burkus\Desktop\attack puppy.mp4
    2016-02-17 17:11 - 2016-02-17 20:51 - 00000000 ____D C:\EEK
    2016-02-17 16:25 - 2016-02-17 16:26 - 00203156 _____ C:\TDSSKiller.3.1.0.9_17.02.2016_16.25.26_log.txt
    2016-02-17 09:00 - 2016-02-19 20:30 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\CrashDumps
    2016-02-17 08:42 - 2016-02-20 06:46 - 00000000 ____D C:\FRST
    2016-02-16 21:34 - 2016-02-16 21:34 - 00139775 _____ C:\Users\Daniel Burkus\Desktop\How to remove BitLocker encryption on Windows 7 - Microsoft Community.htm
    2016-02-16 21:34 - 2016-02-16 21:34 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\How to remove BitLocker encryption on Windows 7 - Microsoft Community_files
    2016-02-16 21:33 - 2016-02-16 21:33 - 00071472 _____ C:\Users\Daniel Burkus\Desktop\Turning Off BitLocker Drive Encryption (Windows 7).htm
    2016-02-16 21:33 - 2016-02-16 21:33 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Turning Off BitLocker Drive Encryption (Windows 7)_files
    2016-02-16 20:13 - 2016-02-16 20:12 - 00000268 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (5), Notes.txt
    2016-02-16 20:13 - 2016-02-16 20:12 - 00000268 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (4), Notes.txt
    2016-02-16 20:13 - 2016-02-16 20:12 - 00000268 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (3), Notes.txt
    2016-02-16 20:13 - 2016-02-16 20:12 - 00000268 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (2), Notes.txt
    2016-02-16 20:12 - 2016-02-16 20:12 - 00000268 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (1), Notes.txt
    2016-02-16 20:08 - 2016-02-16 20:11 - 00000304 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (5).txt
    2016-02-16 20:08 - 2016-02-16 20:10 - 00000304 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (4).txt
    2016-02-16 20:08 - 2016-02-16 20:10 - 00000304 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (3).txt
    2016-02-16 20:08 - 2016-02-16 20:10 - 00000304 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (2).txt
    2016-02-16 20:06 - 2016-02-16 20:10 - 00000306 _____ C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho (1).txt
    2016-02-16 20:05 - 2016-02-16 20:05 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Matsue Sotoku-ate no Densho
    2016-02-16 14:24 - 2016-02-16 14:24 - 00000176 _____ C:\Users\Daniel Burkus\Desktop\Bleeping Computer Question URL.txt
    2016-02-16 12:55 - 2016-02-16 13:09 - 00205484 _____ C:\TDSSKiller.3.1.0.9_16.02.2016_12.55.34_log.txt
    2016-02-15 15:37 - 2016-02-15 15:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
    2016-02-15 14:58 - 2016-02-19 10:43 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2016-02-15 14:57 - 2016-02-18 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2016-02-15 14:57 - 2016-02-18 20:10 - 00000000 ____D C:\Program Files\RogueKiller
    2016-02-15 14:57 - 2016-02-15 15:30 - 00000000 ____D C:\ProgramData\RogueKiller
    2016-02-15 14:36 - 2016-02-15 14:39 - 00204716 _____ C:\TDSSKiller.3.1.0.9_15.02.2016_14.36.18_log.txt
    2016-02-15 14:34 - 2016-02-15 14:34 - 00000366 _____ C:\TDSSKiller.3.0.0.34_15.02.2016_14.34.02_log.txt
    2016-02-15 13:47 - 2016-02-15 13:48 - 00000000 ____D C:\Users\Daniel Burkus\Mozilla ''Black-screen'' problem
    2016-02-15 11:26 - 2016-02-15 11:26 - 00000145 _____ C:\Users\Daniel Burkus\Desktop\For O Seung-il.txt
    2016-02-15 10:49 - 2016-02-15 10:50 - 00000000 ____D C:\Users\Daniel Burkus\HP DeskJet Printer Manuals
    2016-02-14 07:49 - 2016-02-14 07:48 - 00451006 ____R C:\Windows\system32\Drivers\etc\hosts.20160214-074935.backup
    2016-02-14 07:48 - 2016-02-05 20:00 - 00001048 _____ C:\Windows\system32\Drivers\etc\hosts.20160214-074847.backup
    2016-02-13 22:15 - 2016-02-13 22:16 - 00196568 _____ C:\TDSSKiller.3.0.0.34_13.02.2016_22.15.54_log.txt
    2016-02-13 21:56 - 2016-02-19 07:35 - 00825382 _____ C:\Windows\ntbtlog.txt
    2016-02-13 15:55 - 2016-02-13 15:55 - 04685551 _____ C:\Users\Daniel Burkus\Desktop\who is dada.mp4
    2016-02-12 06:49 - 2016-02-12 09:39 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2016-02-11 22:16 - 2016-02-12 21:51 - 00000561 _____ C:\Users\Daniel Burkus\Desktop\Windows Update.lnk
    2016-02-10 18:33 - 2016-02-10 18:33 - 00954510 _____ C:\Users\Daniel Burkus\Desktop\puppy sings to singing greeting card.mp4
    2016-02-10 08:11 - 2016-01-22 15:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2016-02-10 08:11 - 2016-01-22 15:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-02-10 08:11 - 2016-01-22 15:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-02-10 08:11 - 2016-01-22 15:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2016-02-10 08:11 - 2016-01-22 15:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-02-10 08:11 - 2016-01-22 15:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2016-02-10 08:11 - 2016-01-22 15:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2016-02-10 08:11 - 2016-01-22 15:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2016-02-10 08:11 - 2016-01-22 15:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2016-02-10 08:11 - 2016-01-22 15:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2016-02-10 08:11 - 2016-01-22 15:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2016-02-10 08:11 - 2016-01-22 15:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-02-10 08:11 - 2016-01-22 15:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2016-02-10 08:11 - 2016-01-22 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2016-02-10 08:11 - 2016-01-22 15:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
    2016-02-10 08:11 - 2016-01-22 15:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
    2016-02-10 08:11 - 2016-01-22 15:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 14:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2016-02-10 08:11 - 2016-01-22 14:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2016-02-10 08:11 - 2016-01-22 14:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2016-02-10 08:11 - 2016-01-22 13:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2016-02-10 08:11 - 2016-01-22 13:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2016-02-10 08:11 - 2016-01-22 13:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2016-02-10 08:11 - 2016-01-22 13:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2016-02-10 08:11 - 2016-01-22 13:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2016-02-10 08:11 - 2016-01-22 13:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2016-02-10 08:11 - 2016-01-22 13:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2016-02-10 08:11 - 2016-01-22 13:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 13:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 13:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-22 13:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2016-02-10 08:11 - 2016-01-17 03:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2016-02-10 08:11 - 2016-01-17 03:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2016-02-10 08:11 - 2016-01-11 23:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2016-02-10 08:11 - 2016-01-11 23:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2016-02-10 08:11 - 2016-01-11 23:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2016-02-10 08:11 - 2016-01-11 23:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2016-02-10 08:11 - 2016-01-11 23:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2016-02-10 08:10 - 2016-02-06 19:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-02-10 08:10 - 2016-02-06 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-02-10 08:10 - 2016-02-06 18:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-02-10 08:10 - 2016-02-06 18:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2016-02-10 08:10 - 2016-02-06 18:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-02-10 08:10 - 2016-02-06 17:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-02-10 08:10 - 2016-01-22 15:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2016-02-10 08:10 - 2016-01-22 15:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2016-02-10 08:10 - 2016-01-22 14:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2016-02-10 08:10 - 2016-01-22 14:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
    2016-02-10 08:10 - 2016-01-17 03:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2016-02-10 08:10 - 2016-01-08 02:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-02-10 08:10 - 2016-01-08 02:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2016-02-10 08:10 - 2016-01-07 03:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2016-02-10 08:10 - 2016-01-07 02:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2016-02-10 08:09 - 2016-01-23 05:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2016-02-10 08:09 - 2016-01-22 15:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2016-02-10 08:09 - 2016-01-22 15:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-02-10 08:09 - 2016-01-22 15:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2016-02-10 08:09 - 2016-01-22 15:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-02-10 08:09 - 2016-01-22 15:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2016-02-10 08:09 - 2016-01-22 15:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2016-02-10 08:09 - 2016-01-22 14:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-02-10 08:09 - 2016-01-22 14:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2016-02-10 08:09 - 2016-01-22 14:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2016-02-10 08:09 - 2016-01-22 14:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-02-10 08:09 - 2016-01-22 14:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2016-02-10 08:09 - 2016-01-22 14:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2016-02-10 08:09 - 2016-01-22 14:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2016-02-10 08:09 - 2016-01-22 14:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-02-10 08:09 - 2016-01-22 14:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2016-02-10 08:09 - 2016-01-22 14:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2016-02-10 08:09 - 2016-01-22 14:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2016-02-10 08:09 - 2016-01-22 14:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-02-10 08:09 - 2016-01-22 14:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-02-10 08:09 - 2016-01-22 14:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-02-10 08:09 - 2016-01-22 14:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2016-02-10 08:09 - 2016-01-22 14:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2016-02-10 08:09 - 2016-01-22 14:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-02-10 08:09 - 2016-01-22 14:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2016-02-10 08:09 - 2016-01-22 14:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-02-10 08:09 - 2016-01-22 14:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2016-02-10 08:09 - 2016-01-22 14:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-02-10 08:09 - 2016-01-22 14:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2016-02-10 08:09 - 2016-01-12 03:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2016-02-10 08:09 - 2016-01-12 03:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2016-02-10 08:09 - 2016-01-12 03:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2016-02-10 08:09 - 2016-01-12 03:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2016-02-10 08:09 - 2016-01-12 03:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2016-02-10 08:09 - 2016-01-12 03:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2016-02-10 08:09 - 2016-01-12 03:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2016-02-10 08:09 - 2016-01-12 03:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2016-02-10 08:09 - 2016-01-12 03:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2016-02-10 08:09 - 2016-01-12 03:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2016-02-10 08:09 - 2016-01-12 03:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2016-02-09 21:49 - 2015-07-30 22:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-02-09 15:38 - 2016-02-09 21:46 - 00032856 _____ C:\Users\Daniel Burkus\Desktop\git'on mules.jpeg
    2016-02-09 12:43 - 2009-09-27 09:39 - 00415744 ___SH (The Public) C:\Windows\system32\avisynth.dll
    2016-02-09 12:43 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\system32\AVSredirect.dll
    2016-02-09 12:43 - 2004-02-22 10:11 - 00764416 ___SH (Abysmal Software) C:\Windows\system32\devil.dll
    2016-02-09 12:43 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\system32\yv12vfw.dll
    2016-02-09 12:43 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\system32\i420vfw.dll
    2016-02-09 07:41 - 2016-02-09 07:41 - 00000459 _____ C:\Users\Daniel Burkus\Desktop\Kat Parasite for Bill.txt
    2016-02-07 13:30 - 2016-02-07 13:30 - 00127882 _____ C:\Users\Daniel Burkus\Desktop\Chinese Zodiac.jpeg
    2016-02-06 17:28 - 2016-02-19 20:44 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Roaming\vlc
    2016-02-06 17:27 - 2016-02-06 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2016-02-06 17:26 - 2016-02-06 17:26 - 00000000 ____D C:\Program Files\VideoLAN
    2016-02-05 19:18 - 2016-02-09 17:05 - 00000000 ____D C:\Users\Daniel Burkus\Doctor Web
    2016-02-04 22:12 - 2016-02-04 22:12 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\Diplodocidae (Dinosauria, Sauropoda)
    2016-02-02 19:48 - 2016-02-02 19:49 - 00000000 ____D C:\Users\Daniel Burkus\Desktop\This could be a pipe - Foucault, irrealism and ''Ceci n'est pas une pipe''
    2016-02-01 18:47 - 2016-02-01 18:47 - 00000000 ____D C:\Windows\system32\spp32
    2016-02-01 15:43 - 2016-02-01 15:43 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\ElevatedDiagnostics
    2016-01-31 19:55 - 2016-02-11 06:13 - 00000000 ___SD C:\Windows\system32\CompatTel
    2016-01-31 19:55 - 2016-02-11 06:13 - 00000000 ____D C:\Windows\system32\appraiser
    2016-01-31 19:35 - 2016-01-31 19:35 - 00000000 ____H C:\Windows\system32\Default.rdp
    2016-01-31 17:25 - 2016-01-31 17:25 - 00000000 ____D C:\Users\Daniel Burkus\AppData\Local\GWX
    2016-01-31 15:46 - 2012-02-11 14:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2016-01-31 15:45 - 2015-11-17 05:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2016-01-31 15:45 - 2015-06-04 05:17 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2016-01-31 15:45 - 2011-03-11 14:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
    2016-01-31 15:44 - 2014-07-09 10:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2016-01-31 15:44 - 2014-07-09 10:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2016-01-31 15:44 - 2014-07-09 10:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2016-01-31 15:44 - 2014-07-09 10:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2016-01-31 15:44 - 2014-07-09 10:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2016-01-31 15:44 - 2013-11-26 17:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
    2016-01-31 15:44 - 2011-03-11 14:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
    2016-01-31 15:44 - 2011-03-11 14:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
    2016-01-31 15:44 - 2011-03-11 14:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
    2016-01-31 15:44 - 2011-03-11 14:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
    2016-01-31 15:44 - 2011-03-11 14:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
    2016-01-31 15:44 - 2011-03-11 14:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
    2016-01-31 15:44 - 2011-03-11 13:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
    2016-01-31 14:33 - 2016-01-31 14:33 - 00000000 ____D C:\eRightSoft
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...