Solved Suspected RAT

yesame · Dec 5, 2014

I was playing counter strike and someone said hey want to play in a PUG and I said sure then he sent me a file and when I ran it nothing happened then the next day all my in game items were gone so I believe I have a RAT installed

MBAM log:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/12/2014
Scan Time: 3:00:05 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.05.02
Rootkit Database: v2014.12.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Peter

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 323180
Time Elapsed: 10 min, 49 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

When running DDS it said:
"DDS is not meant to run in 'Compatibility Mode'.
The program shall now exit."

Broni · Dec 5, 2014

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

======================================

Running some file from unknown person is a very bad idea but you know it by now.

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
Otherwise just double-click on RogueKiller.exe
Pre-scan will start. Let it finish.
Click on SCAN button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.
If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download

Malwarebytes Anti-Rootkit to your desktop.

Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
Double click on downloaded file. OK self extracting prompt.
MBAR will start. Click "Next" to continue.
Click in the following screen "Update" to obtain the latest malware definitions.
Once the update is complete select "Next" and click "Scan".
When the scan is finished and no malware has been found select "Exit".
If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
- "mbar-log-{date} (xx-xx-xx).txt"
- "system-log.txt"

NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

yesame · Dec 5, 2014

RogueKiller V10.0.8.0 [Nov 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Peter [Administrator]
Mode : Delete -- Date : 12/06/2014 10:31:14

¤¤¤ Processes : 2 ¤¤¤
[Suspicious.Path] rubyw.exe -- C:\Users\Peter\AppData\Local\Temp\ocr96DB.tmp\bin\rubyw.exe[-] -> Killed [TermProc]
[Suspicious.Path] rubyw.exe -- C:\Users\Peter\AppData\Local\Temp\ocr507C.tmp\bin\rubyw.exe[-] -> Killed [TermProc]

¤¤¤ Registry : 10 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{60D17B77-DCB1-4342-960E-31341390E077} | NameServer : 203.12.160.35,203.12.160.36 [AUSTRALIA (AU)][AUSTRALIA (AU)] -> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CDC787AD-E791-48E8-A3F3-AB19C7BF8B65} | DhcpNameServer : 209.222.18.222 209.222.18.218 [UNITED STATES (US)][UNITED STATES (US)] -> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{60D17B77-DCB1-4342-960E-31341390E077} | NameServer : 203.12.160.35,203.12.160.36 [AUSTRALIA (AU)][AUSTRALIA (AU)] -> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{CDC787AD-E791-48E8-A3F3-AB19C7BF8B65} | DhcpNameServer : 209.222.18.222 209.222.18.218 [UNITED STATES (US)][UNITED STATES (US)] -> Not selected
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD1002FAEX-00Y9A0 ATA Device +++++
--- User ---
[MBR] 0922922f0c0927ac95bc232c90118ac1
[BSP] bf12eea01cbca8141f886dd2972cad7e : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 953517 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST3000DM001-9YN166 +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_12062014_103002.log

yesame · Dec 5, 2014

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.12.05.14

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17416
Peter :: PETER-PC [administrator]

6/12/2014 10:36:28 AM
mbar-log-2014-12-06 (10-36-28).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 324741
Time elapsed: 11 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

yesame · Dec 5, 2014

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.2.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.3.9200 Windows 8.1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17416

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 3.206000 GHz
Memory total: 4294164480, free: 1268199424

Downloaded database version: v2014.12.05.14
Downloaded database version: v2014.12.03.01
=======================================
Initializing...
------------ Kernel report ------------
12/06/2014 10:36:16
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\WdFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\system32\DRIVERS\tap0901.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\drivers\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\System32\drivers\usbohci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\serial.sys
\SystemRoot\System32\drivers\serenum.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\AtihdWB6.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\AMDACPKSL.SYS
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\point64.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\mslldp.sys
\SystemRoot\system32\Drivers\WdNisDrv.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\System32\cdd.dll
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffe001ac6f84e0
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000028\
Lower Device Object: 0xffffe001abd60060
Lower Device Driver Name: \Driver\storahci\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffe001ac6f9770
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xffffe001abd69060
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe001ac6f9770, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe001ac6f9230, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe001ac6f9770, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe001abd65c50, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe001abd69060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A95564C6

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 716800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 718848 Numsec = 1952802816

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffe001ac6f84e0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe001ac6f7040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe001ac6f84e0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffe001abd60060, DeviceName: \Device\00000028\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 0

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 3452035597
GPT Header CurrentLba = 1 BackupLba 5860533167
GPT Header FirstUsableLba 34 LastUsableLba 5860533134
GPT Header Guid 564614bf-e96a-4ba9-9162-7aa8ac4be52d
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 3452035597
Backup GPT header CurrentLba = 5860533167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 5860533134
Backup GPT header Guid 564614bf-e96a-4ba9-9162-7aa8ac4be52d
Backup GPT header Contains 128 partition entries starting at LBA 5860533135
Backup GPT header Partition entry size = 128

Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 7054a2d0-e367-450b-96c4-8cffc4c56d35
FirstLBA 34 Last LBA 262177
Attributes 0
Partition Name Microsoft reserved partition

Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 49c146db-3cd5-4975-bda-8c177821183
FirstLBA 264192 Last LBA 5860532223
Attributes 0
Partition Name Basic data partition

Disk Size: 3000592982016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished

Broni · Dec 5, 2014

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

yesame · Dec 5, 2014

# AdwCleaner v4.104 - Report created 06/12/2014 at 13:25:22
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 8.1 Pro (64 bits)
# Username : Peter - PETER-PC
# Running from : C:\Users\Peter\Downloads\adwcleaner_4.104.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v39.0.2171.71

*************************

AdwCleaner[R0].txt - [731 octets] - [06/12/2014 13:23:10]
AdwCleaner[S0].txt - [653 octets] - [06/12/2014 13:25:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [712 octets] ##########

yesame · Dec 5, 2014

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8.1 Pro x64
Ran by Peter on Sat 06/12/2014 at 13:32:21.65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 06/12/2014 at 13:34:14.92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

yesame · Dec 5, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014

Ran by Peter (administrator) on PETER-PC on 06-12-2014 13:35:18

Running from C:\Users\Peter\Desktop

Loaded Profile: Peter (Available profiles: Peter)

Platform: Windows 8.1 Pro (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

() C:\Program Files\pia_manager\pia_manager.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe

(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Dropbox, Inc.) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(http://www.ruby-lang.org/) C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\bin\rubyw.exe

() C:\Program Files\pia_manager\pia_manager.exe

(http://www.ruby-lang.org/) C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\bin\rubyw.exe

() C:\Program Files\pia_manager\pia_tray\pia_tray.exe

(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-21] (IvoSoft)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-08] (Oracle Corporation)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-03] (Apple Inc.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-16] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKU\S-1-5-21-193590417-541393071-4071897925-1001\...\Run: [GoogleChromeAutoLaunch_14883A56D9D426BB697F73C8366CAF1F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [916296 2014-11-25] (Google Inc.)

HKU\S-1-5-21-193590417-541393071-4071897925-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524000 2014-10-24] (Skype Technologies S.A.)

HKU\S-1-5-21-193590417-541393071-4071897925-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-19] (Valve Corporation)

HKU\S-1-5-21-193590417-541393071-4071897925-1001\...\Run: [AdobeBridge] => [X]

Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)

ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-193590417-541393071-4071897925-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-au/?ocid=iehp

HKU\S-1-5-21-193590417-541393071-4071897925-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCF5605A0990BD001

HKU\S-1-5-21-193590417-541393071-4071897925-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.7,ja;q=0.3

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)

BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)

Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)

Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

Tcpip\..\Interfaces\{60D17B77-DCB1-4342-960E-31341390E077}: [NameServer] 203.12.160.35,203.12.160.36

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()

FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)

FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll (Unity Technologies ApS)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

Chrome:

=======

CHR HomePage: Default -> https://www.google.com.au/

CHR StartupUrls: Default -> "hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AU&userid=05a4263e-dec7-4658-98a6-86923de245fb&searchtype=hp"

CHR DefaultSearchKeyword: Default -> google.com.au_

CHR DefaultSearchURL: Default -> https://www.google.com.au/search?q={searchTerms}

CHR DefaultSuggestURL: Default ->

CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-07]

CHR Extension: (Uploads Only for Youtube™) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajdnlgehefnmaiighnbaibekhdfhnipd [2014-11-07]

CHR Extension: (Google Docs) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-07]

CHR Extension: (Google Drive) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-07]

CHR Extension: (CIRC) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bebigdkelppomhhjaaianniiifjbgocn [2014-12-03]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-08]

CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-07]

CHR Extension: (Google Search) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-07]

CHR Extension: (APNG) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehkepjiconegkhpodgoaeamnpckdbblp [2014-11-07]

CHR Extension: (Video Downloader professional) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-11-07]

CHR Extension: (Google Sheets) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-07]

CHR Extension: (AdBlock) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-07]

CHR Extension: (tviggr) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmolgbmkhjnoekekdogckilbbedhdnoh [2014-11-07]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]

CHR Extension: (Your Quality for YouTube™) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfcilgimggemnogfigihdkmapdhhlbph [2014-11-07]

CHR Extension: (Google Wallet) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-07]

CHR Extension: (Gmail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-07]

CHR HKU\S-1-5-21-193590417-541393071-4071897925-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-16] (Advanced Micro Devices, Inc.) [File not signed]

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [610688 2014-11-04] ()

S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174624 2014-11-27] (EasyAntiCheat Ltd)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-05] (Electronic Arts)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-12-05] ()

R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [965776 2014-10-26] (@ByELDI) [File not signed]

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-12] (Advanced Micro Devices)

S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-12] (Advanced Micro Devices)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-22] (Advanced Micro Devices)

U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-12-06] ()

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

S3 WinRing0_1_2_0; \??\C:\Users\Peter\Desktop\Things\Programs\OpenHardwareMonitor\OpenHardwareMonitor.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 13:35 - 2014-12-06 13:35 - 00016426 _____ () C:\Users\Peter\Desktop\FRST.txt

2014-12-06 13:35 - 2014-12-06 13:35 - 00000000 ____D () C:\FRST

2014-12-06 13:34 - 2014-12-06 13:34 - 00000626 _____ () C:\Users\Peter\Desktop\JRT.txt

2014-12-06 13:31 - 2014-12-06 13:31 - 00000000 ____D () C:\Windows\ERUNT

2014-12-06 13:30 - 2014-12-06 13:30 - 00000000 ____D () C:\Users\Peter\AppData\Local\CrashDumps

2014-12-06 13:23 - 2014-12-06 13:25 - 00000000 ____D () C:\AdwCleaner

2014-12-06 13:23 - 2014-12-06 13:23 - 00000055 _____ () C:\AdwCleanerDebug.txt

2014-12-06 13:22 - 2014-12-06 13:22 - 02153472 _____ () C:\Users\Peter\Desktop\adwcleaner_4.104.exe

2014-12-06 13:22 - 2014-12-06 13:22 - 02117632 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe

2014-12-06 13:22 - 2014-12-06 13:22 - 01707646 _____ (Thisisu) C:\Users\Peter\Desktop\JRT.exe

2014-12-06 10:36 - 2014-12-06 10:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-12-06 10:35 - 2014-12-06 10:53 - 00000000 ____D () C:\Users\Peter\Desktop\mbar

2014-12-06 10:34 - 2014-12-06 10:34 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Peter\Desktop\mbar-1.08.2.1001.exe

2014-12-06 10:26 - 2014-12-06 10:26 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys

2014-12-06 10:26 - 2014-12-06 10:26 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-12-06 10:25 - 2014-12-06 10:26 - 15196248 _____ () C:\Users\Peter\Desktop\RogueKiller.exe

2014-12-05 22:00 - 2014-12-05 22:00 - 00000000 ____D () C:\Users\Peter\AppData\Local\ESN

2014-12-05 21:58 - 2014-12-05 21:58 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins

2014-12-05 21:57 - 2014-12-05 22:04 - 00000000 ____D () C:\Users\Peter\Documents\Battlefield 3

2014-12-05 21:57 - 2014-12-05 21:57 - 00000000 ____D () C:\ProgramData\EA Core

2014-12-05 21:53 - 2014-12-06 13:34 - 00092983 _____ () C:\Windows\WindowsUpdate.log

2014-12-05 15:20 - 2014-12-06 13:26 - 00000690 _____ () C:\Windows\PFRO.log

2014-12-05 15:20 - 2014-12-05 15:20 - 456733763 _____ () C:\Windows\MEMORY.DMP

2014-12-05 15:20 - 2014-12-05 15:20 - 00279496 _____ () C:\Windows\Minidump\120514-19578-01.dmp

2014-12-05 14:56 - 2014-12-06 10:36 - 00135384 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-12-05 14:56 - 2014-12-06 10:35 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-12-05 14:56 - 2014-12-05 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-12-05 14:56 - 2014-12-05 14:56 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-12-05 14:56 - 2014-12-05 14:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-12-05 14:56 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-12-05 14:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-12-05 14:52 - 2014-12-05 14:52 - 00002259 _____ () C:\Windows\epplauncher.mif

2014-12-03 17:06 - 2014-12-03 17:06 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-12-03 10:09 - 2014-12-03 13:54 - 00000000 ____D () C:\Users\Peter\AppData\Local\QuickPar

2014-12-02 17:54 - 2014-12-02 17:54 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar

2014-12-02 17:54 - 2014-12-02 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar

2014-12-02 17:54 - 2014-12-02 17:54 - 00000000 ____D () C:\Program Files (x86)\QuickPar

2014-12-01 11:23 - 2014-12-01 11:38 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\ImgBurn

2014-12-01 11:18 - 2014-12-01 11:18 - 00001889 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk

2014-12-01 11:18 - 2014-12-01 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn

2014-12-01 11:18 - 2014-12-01 11:18 - 00000000 ____D () C:\Program Files (x86)\ImgBurn

2014-11-30 22:28 - 2014-12-06 00:06 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\TS3Client

2014-11-30 16:15 - 2014-12-03 15:37 - 00505156 _____ () C:\Windows\system32\perfh011.dat

2014-11-30 16:15 - 2014-12-03 15:37 - 00135458 _____ () C:\Windows\system32\perfc011.dat

2014-11-30 16:15 - 2014-11-30 16:10 - 00144476 _____ () C:\Windows\system32\perfi011.dat

2014-11-30 16:15 - 2014-11-30 16:10 - 00033362 _____ () C:\Windows\system32\perfd011.dat

2014-11-30 16:12 - 2014-11-30 16:12 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer

2014-11-30 16:12 - 2014-11-30 16:12 - 00000000 ____D () C:\Windows\SysWOW64\ja

2014-11-30 16:12 - 2014-11-30 16:12 - 00000000 ____D () C:\Windows\system32\ja

2014-11-30 16:02 - 2013-08-21 22:15 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lzhfldr2.dll

2014-11-30 16:01 - 2013-08-22 05:30 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\lzhfldr2.dll

2014-11-30 13:11 - 2014-11-30 13:12 - 00000000 ____D () C:\Users\Peter\AppData\Local\PAYDAY 2

2014-11-30 13:11 - 2014-11-30 13:11 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-11-30 13:11 - 2014-11-30 13:11 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-11-29 23:26 - 2014-11-29 23:29 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\.technic

2014-11-27 19:59 - 2014-11-27 19:59 - 00174624 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe

2014-11-27 18:28 - 2014-11-29 19:17 - 00000000 ____D () C:\ProgramData\boost_interprocess

2014-11-27 15:59 - 2014-11-27 15:59 - 00000132 _____ () C:\Users\Peter\AppData\Roaming\Adobe PNG Format CS6 Prefs

2014-11-26 23:41 - 2014-11-26 23:41 - 00001091 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk

2014-11-26 23:41 - 2014-11-26 23:41 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2014-11-26 23:40 - 2014-11-26 23:49 - 00000000 ____D () C:\Program Files\Adobe

2014-11-26 23:40 - 2014-11-26 23:40 - 00001369 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk

2014-11-26 23:40 - 2014-11-26 23:40 - 00001053 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk

2014-11-26 23:39 - 2014-11-26 23:49 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-11-26 23:39 - 2014-11-26 23:39 - 00001539 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk

2014-11-26 23:38 - 2014-11-26 23:41 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2014-11-26 23:35 - 2014-11-27 15:53 - 00000000 ____D () C:\Users\Peter\AppData\Local\Adobe

2014-11-26 23:35 - 2014-11-26 23:41 - 00000000 ____D () C:\ProgramData\Adobe

2014-11-26 09:52 - 2014-11-26 09:52 - 04443312 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2014-11-22 19:49 - 2014-11-23 17:47 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Mp3tag

2014-11-22 19:48 - 2014-11-22 19:48 - 00000000 ____D () C:\Program Files (x86)\Mp3tag

2014-11-22 15:31 - 2014-11-22 15:31 - 00000000 ____D () C:\Users\Peter\AppData\Local\Anime4000

2014-11-22 00:21 - 2014-11-22 00:21 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\MAXON

2014-11-21 23:26 - 2014-11-21 23:26 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\mkvtoolnix

2014-11-21 23:13 - 2014-11-21 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix

2014-11-21 23:13 - 2014-11-21 23:13 - 00000000 ____D () C:\Program Files\MKVToolNix

2014-11-21 21:20 - 2014-11-21 21:20 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader

2014-11-21 21:16 - 2014-12-03 13:46 - 00000000 ____D () C:\Users\Peter\AppData\Local\JDownloader v2.0

2014-11-21 13:57 - 2014-11-23 09:33 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\HandBrake

2014-11-21 13:15 - 2014-11-21 13:15 - 00003584 _____ () C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-11-21 10:23 - 2014-11-21 10:23 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake

2014-11-21 10:23 - 2014-11-21 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake

2014-11-21 10:23 - 2014-11-21 10:23 - 00000000 ____D () C:\Program Files\Handbrake

2014-11-20 11:17 - 2014-11-20 11:17 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\MediaInfo

2014-11-19 13:39 - 2014-12-02 22:01 - 00801792 ___SH () C:\Users\Peter\Desktop\Thumbs.db

2014-11-19 12:52 - 2014-11-19 13:02 - 00000000 ____D () C:\Users\Peter\Downloads\crysis 3

2014-11-19 08:54 - 2014-11-19 08:54 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Far Cry 4

2014-11-19 08:20 - 2014-11-10 09:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-11-19 08:20 - 2014-11-10 09:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-11-19 08:20 - 2014-11-10 09:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll

2014-11-19 08:20 - 2014-11-10 09:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

2014-11-18 18:06 - 2014-11-19 13:02 - 00040960 ___SH () C:\Users\Peter\Downloads\Thumbs.db

2014-11-18 15:01 - 2014-11-18 15:01 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive

2014-11-18 15:01 - 2014-11-18 15:01 - 00000000 ____D () C:\Users\Peter\AppData\Local\ArmA 2 OA

2014-11-18 15:01 - 2014-11-18 15:01 - 00000000 ____D () C:\ProgramData\Bohemia Interactive Studio

2014-11-18 13:16 - 2014-11-18 13:16 - 00000000 ____D () C:\Users\Peter\AppData\Local\Arma 3

2014-11-18 13:16 - 2014-11-18 13:16 - 00000000 ____D () C:\ProgramData\Bohemia Interactive

2014-11-18 11:30 - 2014-11-18 11:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

2014-11-18 08:15 - 2014-11-24 11:54 - 00001558 _____ () C:\Users\Peter\.pia_manager_crash.log

2014-11-16 20:50 - 2014-11-16 20:50 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\11bitstudios

2014-11-16 20:50 - 2014-11-16 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine

2014-11-16 19:28 - 2014-11-16 19:28 - 00000000 ____D () C:\Users\Peter\AppData\Local\SCE

2014-11-16 08:53 - 2014-11-16 08:53 - 00000000 __SHD () C:\Users\Peter\AppData\Local\EmieUserList

2014-11-16 08:53 - 2014-11-16 08:53 - 00000000 __SHD () C:\Users\Peter\AppData\Local\EmieSiteList

2014-11-16 08:53 - 2014-11-16 08:53 - 00000000 __SHD () C:\Users\Peter\AppData\Local\EmieBrowserModeList

2014-11-16 08:52 - 2014-11-16 08:53 - 00000000 ____D () C:\Program Files (x86)\PCSX2 1.2.1

2014-11-16 08:52 - 2014-11-16 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2

2014-11-16 08:44 - 2014-11-16 08:54 - 00000000 ____D () C:\Users\Peter\Documents\PCSX2

2014-11-15 17:45 - 2014-11-15 17:45 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe

2014-11-15 17:45 - 2014-11-15 17:45 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe

2014-11-15 17:45 - 2014-11-15 17:45 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe

2014-11-15 17:45 - 2014-11-15 17:45 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe

2014-11-15 17:45 - 2014-11-15 17:45 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe

2014-11-15 17:45 - 2014-11-15 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center

2014-11-15 17:45 - 2014-11-15 17:45 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center

2014-11-14 21:53 - 2014-11-14 21:53 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Games

2014-11-14 21:53 - 2014-11-14 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games

2014-11-14 21:51 - 2014-11-14 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Halo Combat Evolved

2014-11-14 16:52 - 2014-11-22 10:01 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Tera_Awesomium

2014-11-14 09:06 - 2014-07-24 19:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll

2014-11-14 09:06 - 2014-07-24 19:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll

2014-11-14 09:05 - 2014-07-25 01:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-11-14 09:05 - 2014-07-25 01:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys

2014-11-14 09:05 - 2014-07-25 01:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys

2014-11-14 09:05 - 2014-07-25 01:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-11-14 09:05 - 2014-07-25 01:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll

2014-11-14 09:05 - 2014-07-25 01:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll

2014-11-14 09:05 - 2014-07-25 01:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe

2014-11-14 09:05 - 2014-07-25 01:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2014-11-14 09:05 - 2014-07-25 01:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe

2014-11-14 09:05 - 2014-07-25 01:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2014-11-14 09:05 - 2014-07-25 01:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2014-11-14 09:05 - 2014-07-25 01:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2014-11-14 09:05 - 2014-07-25 01:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2014-11-14 09:05 - 2014-07-25 01:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe

2014-11-14 09:05 - 2014-07-25 01:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll

2014-11-14 09:05 - 2014-07-25 01:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll

2014-11-14 09:05 - 2014-07-25 01:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll

2014-11-14 09:05 - 2014-07-25 01:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll

2014-11-14 09:05 - 2014-07-25 01:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll

2014-11-14 09:05 - 2014-07-24 23:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll

2014-11-14 09:05 - 2014-07-24 23:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2014-11-14 09:05 - 2014-07-24 23:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe

2014-11-14 09:05 - 2014-07-24 23:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll

2014-11-14 09:05 - 2014-07-24 23:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll

2014-11-14 09:05 - 2014-07-24 23:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll

2014-11-14 09:05 - 2014-07-24 23:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll

2014-11-14 09:05 - 2014-07-24 23:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll

2014-11-14 09:05 - 2014-07-24 21:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL

2014-11-14 09:05 - 2014-07-24 21:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL

2014-11-14 09:05 - 2014-07-24 21:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL

2014-11-14 09:05 - 2014-07-24 21:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL

2014-11-14 09:05 - 2014-07-24 21:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL

2014-11-14 09:05 - 2014-07-24 21:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys

2014-11-14 09:05 - 2014-07-24 21:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys

2014-11-14 09:05 - 2014-07-24 21:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys

2014-11-14 09:05 - 2014-07-24 21:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys

2014-11-14 09:05 - 2014-07-24 21:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys

2014-11-14 09:05 - 2014-07-24 21:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys

2014-11-14 09:05 - 2014-07-24 21:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll

2014-11-14 09:05 - 2014-07-24 21:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll

2014-11-14 09:05 - 2014-07-24 21:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2014-11-14 09:05 - 2014-07-24 20:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL

2014-11-14 09:05 - 2014-07-24 20:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL

2014-11-14 09:05 - 2014-07-24 20:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL

2014-11-14 09:05 - 2014-07-24 20:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL

2014-11-14 09:05 - 2014-07-24 20:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL

2014-11-14 09:05 - 2014-07-24 20:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll

2014-11-14 09:05 - 2014-07-24 20:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl

2014-11-14 09:05 - 2014-07-24 20:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll

2014-11-14 09:05 - 2014-07-24 20:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll

2014-11-14 09:05 - 2014-07-24 20:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll

2014-11-14 09:05 - 2014-07-24 20:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll

2014-11-14 09:05 - 2014-07-24 20:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-11-14 09:05 - 2014-07-24 20:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2014-11-14 09:05 - 2014-07-24 20:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll

2014-11-14 09:05 - 2014-07-24 20:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll

2014-11-14 09:05 - 2014-07-24 19:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll

2014-11-14 09:05 - 2014-07-24 19:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl

2014-11-14 09:05 - 2014-07-24 19:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll

2014-11-14 09:05 - 2014-07-24 19:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll

2014-11-14 09:05 - 2014-07-24 19:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll

2014-11-14 09:05 - 2014-07-24 19:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll

2014-11-14 09:05 - 2014-07-24 19:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-11-14 09:05 - 2014-07-24 19:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll

2014-11-14 09:05 - 2014-07-24 19:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll

2014-11-14 09:05 - 2014-07-24 19:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll

2014-11-14 09:05 - 2014-07-24 19:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll

2014-11-14 09:05 - 2014-07-24 19:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll

2014-11-14 09:05 - 2014-07-24 19:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2014-11-14 09:05 - 2014-07-24 19:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll

2014-11-14 09:05 - 2014-07-24 19:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll

2014-11-14 09:05 - 2014-07-24 19:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll

2014-11-14 09:05 - 2014-07-24 19:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe

2014-11-14 09:05 - 2014-07-24 19:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll

2014-11-14 09:05 - 2014-07-24 19:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2014-11-14 09:05 - 2014-07-24 18:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll

2014-11-14 09:05 - 2014-07-24 18:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll

2014-11-14 09:05 - 2014-07-24 18:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll

2014-11-14 09:05 - 2014-07-24 18:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll

2014-11-14 09:05 - 2014-07-24 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll

2014-11-14 09:05 - 2014-07-24 18:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll

2014-11-14 09:05 - 2014-07-24 18:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll

2014-11-14 09:05 - 2014-07-24 18:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll

2014-11-14 09:05 - 2014-07-24 18:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll

2014-11-14 09:05 - 2014-07-24 18:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll

2014-11-14 09:05 - 2014-07-24 18:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll

2014-11-14 09:05 - 2014-07-24 18:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll

2014-11-14 09:05 - 2014-07-24 18:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll

2014-11-14 09:05 - 2014-07-24 18:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll

2014-11-14 09:05 - 2014-07-24 18:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll

2014-11-14 09:05 - 2014-07-24 18:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv

2014-11-14 09:05 - 2014-07-24 18:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll

2014-11-14 09:05 - 2014-07-24 18:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll

2014-11-14 09:05 - 2014-07-24 18:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe

2014-11-14 09:05 - 2014-07-24 18:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll

2014-11-14 09:05 - 2014-07-24 18:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll

2014-11-14 09:05 - 2014-07-24 18:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll

2014-11-14 09:05 - 2014-07-24 18:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll

2014-11-14 09:05 - 2014-07-24 18:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll

2014-11-14 09:05 - 2014-07-24 18:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv

2014-11-14 09:05 - 2014-07-24 18:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll

2014-11-14 09:05 - 2014-07-24 18:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll

2014-11-14 09:05 - 2014-07-24 18:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll

2014-11-14 09:05 - 2014-07-24 17:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll

2014-11-14 09:05 - 2014-07-24 17:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll

2014-11-14 09:05 - 2014-07-24 17:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2014-11-14 09:05 - 2014-07-24 17:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll

2014-11-14 09:05 - 2014-07-24 17:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll

2014-11-14 09:05 - 2014-07-24 17:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll

2014-11-14 09:05 - 2014-07-24 17:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll

2014-11-14 09:05 - 2014-07-24 17:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll

2014-11-14 09:05 - 2014-07-24 14:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls

2014-11-14 09:05 - 2014-07-24 14:11 - 00513544 _____ () C:\Windows\system32\locale.nls

2014-11-14 09:05 - 2014-07-12 15:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll

2014-11-14 09:05 - 2014-07-12 14:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll

2014-11-14 09:05 - 2014-07-04 22:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys

2014-11-14 09:05 - 2014-07-04 20:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll

2014-11-14 09:05 - 2014-07-04 20:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll

2014-11-14 09:05 - 2014-07-04 20:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll

2014-11-14 09:05 - 2014-07-04 20:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll

2014-11-14 09:05 - 2014-07-04 19:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll

2014-11-14 09:05 - 2014-07-04 19:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll

2014-11-14 09:05 - 2014-06-27 16:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys

2014-11-14 09:05 - 2014-06-26 10:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll

2014-11-14 09:05 - 2014-06-26 10:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll

2014-11-14 09:05 - 2014-06-20 09:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2014-11-14 09:05 - 2014-06-19 12:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys

2014-11-14 09:05 - 2014-06-14 16:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-11-14 09:05 - 2014-06-14 15:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-11-14 09:05 - 2014-06-07 22:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll

2014-11-14 09:05 - 2014-06-07 20:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll

2014-11-14 09:05 - 2014-06-06 00:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys

2014-11-14 09:05 - 2014-06-05 20:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll

2014-11-14 09:05 - 2014-06-05 19:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll

2014-11-14 09:05 - 2014-05-31 15:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll

2014-11-14 09:05 - 2014-05-31 14:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll

2014-11-14 09:05 - 2014-05-29 16:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll

2014-11-14 09:05 - 2014-05-29 15:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll

2014-11-14 09:05 - 2014-05-26 17:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll

2014-11-14 09:05 - 2014-05-10 20:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll

2014-11-14 09:05 - 2014-05-10 18:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll

2014-11-14 09:05 - 2014-05-06 14:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll

2014-11-14 09:05 - 2014-05-06 10:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll

2014-11-14 09:05 - 2014-03-25 12:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll

yesame · Dec 5, 2014

2014-11-14 09:05 - 2014-03-25 12:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll

2014-11-14 09:05 - 2014-03-25 11:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll

2014-11-14 09:05 - 2014-03-25 11:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll

2014-11-14 09:04 - 2014-07-24 21:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL

2014-11-14 09:04 - 2014-07-24 21:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL

2014-11-14 09:04 - 2014-07-24 20:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL

2014-11-14 09:04 - 2014-07-24 20:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL

2014-11-14 09:04 - 2014-07-24 19:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll

2014-11-14 09:04 - 2014-07-24 18:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll

2014-11-14 09:04 - 2014-07-24 18:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll

2014-11-14 09:04 - 2014-07-24 18:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll

2014-11-14 09:04 - 2014-07-24 18:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll

2014-11-13 17:51 - 2014-12-03 17:56 - 00000000 ____D () C:\Users\Peter\Downloads\uTorrent

2014-11-13 17:43 - 2014-11-13 17:43 - 00000000 ____D () C:\Program Files (x86)\uTorrent

2014-11-13 17:42 - 2014-12-05 14:48 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\uTorrent

2014-11-13 16:34 - 2014-11-13 16:34 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Titanium

2014-11-13 16:33 - 2014-11-13 16:35 - 00000000 ____D () C:\Program Files\pia_manager

2014-11-13 16:33 - 2014-11-13 16:33 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys

2014-11-13 16:33 - 2014-11-13 16:33 - 00003158 _____ () C:\Windows\System32\Tasks\Private Internet Access Startup

2014-11-13 16:33 - 2014-11-13 16:33 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access

2014-11-12 22:39 - 2014-11-12 22:39 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-11-12 22:39 - 2014-11-12 22:39 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-11-12 17:37 - 2014-10-10 11:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-11-12 17:37 - 2014-10-10 11:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys

2014-11-12 17:37 - 2014-10-10 11:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2014-11-12 17:37 - 2014-10-08 17:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2014-11-12 17:37 - 2014-10-08 17:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2014-11-12 17:37 - 2014-10-08 17:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll

2014-11-12 17:37 - 2014-10-08 17:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll

2014-11-12 17:37 - 2014-10-08 16:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2014-11-12 17:37 - 2014-10-08 16:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2014-11-12 17:37 - 2014-10-08 16:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2014-11-12 17:37 - 2014-10-08 16:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll

2014-11-12 17:37 - 2014-10-08 16:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-11-12 17:37 - 2014-10-08 15:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-11-12 17:37 - 2014-09-27 17:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll

2014-11-12 17:37 - 2014-09-27 15:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll

2014-11-12 17:37 - 2014-09-27 13:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-11-12 17:37 - 2014-09-27 13:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll

2014-11-12 17:37 - 2014-09-27 13:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-11-12 17:36 - 2014-10-18 19:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-11-12 17:36 - 2014-10-18 18:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2014-11-12 17:36 - 2014-10-18 18:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-11-12 17:36 - 2014-10-18 17:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2014-11-12 17:36 - 2014-10-18 16:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll

2014-11-12 17:36 - 2014-10-18 16:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-11-12 17:36 - 2014-10-18 16:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-11-12 17:36 - 2014-10-18 16:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-11-12 17:36 - 2014-10-18 16:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll

2014-11-12 17:36 - 2014-10-18 16:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2014-11-12 17:36 - 2014-10-18 16:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2014-11-12 17:36 - 2014-10-18 16:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-11-12 17:36 - 2014-10-18 16:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2014-11-12 17:36 - 2014-10-18 16:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2014-11-12 17:36 - 2014-10-18 16:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2014-11-12 17:36 - 2014-10-18 16:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2014-11-12 17:36 - 2014-10-17 17:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2014-11-12 17:36 - 2014-10-17 16:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2014-11-12 17:36 - 2014-10-13 12:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-11-12 17:36 - 2014-10-11 10:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-11-12 17:36 - 2014-10-11 10:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-11-12 17:36 - 2014-10-08 17:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2014-11-12 17:36 - 2014-10-08 17:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-11-12 17:36 - 2014-10-08 16:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2014-11-12 17:36 - 2014-10-08 15:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-11-12 17:36 - 2014-10-08 15:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-11-12 17:35 - 2014-09-22 14:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll

2014-11-12 17:35 - 2014-09-22 13:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys

2014-11-12 17:35 - 2014-09-22 13:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys

2014-11-12 17:35 - 2014-09-22 12:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys

2014-11-12 17:35 - 2014-09-19 10:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll

2014-11-12 17:35 - 2014-09-03 08:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll

2014-11-12 17:35 - 2014-09-03 08:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll

2014-11-12 17:34 - 2014-10-31 15:28 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-11-12 17:34 - 2014-10-31 13:42 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-11-12 17:33 - 2014-10-31 15:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-11-12 17:33 - 2014-10-31 15:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-11-12 17:33 - 2014-10-31 15:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-11-12 17:33 - 2014-10-31 15:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-11-12 17:33 - 2014-10-31 15:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-11-12 17:33 - 2014-10-31 15:06 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-11-12 17:33 - 2014-10-31 15:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-11-12 17:33 - 2014-10-31 15:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-11-12 17:33 - 2014-10-31 15:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-11-12 17:33 - 2014-10-31 15:05 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-11-12 17:33 - 2014-10-31 15:05 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-11-12 17:33 - 2014-10-31 15:04 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-11-12 17:33 - 2014-10-31 14:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-11-12 17:33 - 2014-10-31 14:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-11-12 17:33 - 2014-10-31 14:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2014-11-12 17:33 - 2014-10-31 14:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-11-12 17:33 - 2014-10-31 14:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll

2014-11-12 17:33 - 2014-10-31 14:51 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-11-12 17:33 - 2014-10-31 14:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-11-12 17:33 - 2014-10-31 14:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-11-12 17:33 - 2014-10-31 14:50 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-11-12 17:33 - 2014-10-31 14:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-11-12 17:33 - 2014-10-31 14:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-11-12 17:33 - 2014-10-31 14:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-11-12 17:33 - 2014-10-31 14:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-11-12 17:33 - 2014-10-31 14:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-11-12 17:33 - 2014-10-31 14:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-11-12 17:33 - 2014-10-31 14:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-11-12 17:33 - 2014-10-31 14:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-11-12 17:33 - 2014-10-31 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-11-12 17:33 - 2014-10-31 14:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-11-12 17:33 - 2014-10-31 14:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-11-12 17:33 - 2014-10-31 14:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-11-12 17:33 - 2014-10-31 14:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-11-12 17:33 - 2014-10-31 14:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2014-11-12 17:33 - 2014-10-31 14:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-11-12 17:33 - 2014-10-31 14:06 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-11-12 17:33 - 2014-10-31 14:05 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-11-12 17:33 - 2014-10-31 14:05 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-11-12 17:33 - 2014-10-31 14:03 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-11-12 17:33 - 2014-10-31 13:59 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-11-12 17:33 - 2014-10-31 13:45 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-11-12 17:33 - 2014-10-31 13:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll

2014-11-12 17:33 - 2014-10-31 13:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-11-12 17:33 - 2014-10-31 13:32 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-11-12 17:33 - 2014-10-31 13:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2014-11-12 17:33 - 2014-10-31 13:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-11-12 17:33 - 2014-10-31 13:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2014-11-12 17:33 - 2014-10-31 13:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2014-11-12 17:33 - 2014-10-31 13:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-11-12 17:33 - 2014-10-31 13:24 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-11-12 17:33 - 2014-10-31 13:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-11-12 17:33 - 2014-10-31 13:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-11-12 17:33 - 2014-10-31 13:23 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2014-11-12 17:33 - 2014-10-31 13:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-11-12 17:33 - 2014-10-31 13:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-11-12 17:33 - 2014-10-31 13:20 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-11-12 17:33 - 2014-10-31 13:18 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-11-12 17:33 - 2014-10-31 13:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-11-12 17:33 - 2014-10-31 13:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-11-12 17:33 - 2014-10-31 13:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2014-11-12 17:33 - 2014-10-31 13:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-11-12 17:33 - 2014-10-31 13:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll

2014-11-12 17:33 - 2014-10-31 13:12 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-11-12 17:33 - 2014-10-31 13:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-11-12 17:33 - 2014-10-31 13:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-11-12 17:33 - 2014-10-31 13:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2014-11-12 17:33 - 2014-10-31 13:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-11-12 17:33 - 2014-10-31 12:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-11-12 17:33 - 2014-10-31 12:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2014-11-12 17:33 - 2014-10-31 12:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-11-12 17:33 - 2014-10-31 12:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2014-11-12 17:33 - 2014-10-31 12:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-11-12 17:33 - 2014-10-31 12:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-11-12 17:33 - 2014-10-31 12:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-11-12 17:33 - 2014-10-31 12:51 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2014-11-12 17:33 - 2014-10-31 12:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-11-12 17:33 - 2014-10-31 12:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2014-11-12 17:33 - 2014-10-31 12:46 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-11-12 17:33 - 2014-10-31 12:46 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2014-11-12 17:33 - 2014-10-31 12:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2014-11-12 17:33 - 2014-10-31 12:40 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-11-12 17:33 - 2014-10-31 12:40 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-11-12 17:33 - 2014-10-31 12:39 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-11-12 17:33 - 2014-10-31 12:30 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-11-12 17:33 - 2014-10-31 12:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll

2014-11-12 17:33 - 2014-10-31 12:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2014-11-12 17:33 - 2014-10-31 12:17 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-11-12 17:33 - 2014-10-31 12:13 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-11-12 17:33 - 2014-10-31 12:11 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-11-12 17:32 - 2014-10-23 15:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll

2014-11-12 17:32 - 2014-10-23 15:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll

2014-11-12 17:32 - 2014-10-07 16:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll

2014-11-12 17:32 - 2014-10-07 16:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll

2014-11-12 17:32 - 2014-10-07 16:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll

2014-11-12 17:32 - 2014-10-07 16:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe

2014-11-12 17:32 - 2014-10-07 16:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll

2014-11-12 17:32 - 2014-10-07 13:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll

2014-11-12 17:32 - 2014-10-07 13:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll

2014-11-12 17:32 - 2014-10-07 13:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll

2014-11-12 17:32 - 2014-10-07 13:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-11-12 17:32 - 2014-10-07 11:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll

2014-11-12 17:32 - 2014-10-07 11:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

2014-11-12 17:32 - 2014-09-10 16:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-11-12 17:32 - 2014-09-08 13:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-11-12 17:32 - 2014-09-08 13:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-11-12 17:32 - 2014-09-08 08:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml

2014-11-12 17:32 - 2014-09-05 08:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2014-11-12 17:32 - 2014-09-05 08:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2014-11-12 17:32 - 2014-09-04 13:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll

2014-11-12 17:32 - 2014-09-04 12:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll

2014-11-12 17:32 - 2014-09-04 11:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll

2014-11-12 17:32 - 2014-09-04 10:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll

2014-11-12 17:32 - 2014-08-31 10:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS

2014-11-12 17:32 - 2014-08-31 10:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-11-12 17:32 - 2014-08-31 08:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-11-12 17:32 - 2014-08-31 08:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll

2014-11-12 17:32 - 2014-08-31 07:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll

2014-11-12 17:32 - 2014-08-31 07:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll

2014-11-12 17:32 - 2014-08-31 06:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll

2014-11-12 17:32 - 2014-08-31 06:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll

2014-11-12 17:32 - 2014-08-28 12:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-11-12 17:32 - 2014-08-28 10:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll

2014-11-12 17:32 - 2014-08-28 10:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll

2014-11-12 17:32 - 2014-08-23 15:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-11-12 17:32 - 2014-08-23 15:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll

2014-11-12 17:32 - 2014-08-23 15:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll

2014-11-12 17:32 - 2014-08-23 15:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-11-12 17:32 - 2014-08-23 14:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll

2014-11-12 17:32 - 2014-08-02 10:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll

2014-11-12 17:32 - 2014-08-02 10:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll

2014-11-12 17:32 - 2014-07-24 21:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll

2014-11-12 17:32 - 2014-07-24 19:58 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll

2014-11-12 17:32 - 2014-07-24 19:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll

2014-11-12 17:32 - 2014-07-24 19:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll

2014-11-12 17:32 - 2014-07-24 19:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll

2014-11-12 17:32 - 2014-07-24 18:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll

2014-11-12 17:32 - 2014-07-24 18:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll

2014-11-12 17:32 - 2014-07-24 17:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll

2014-11-12 17:32 - 2014-07-24 17:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll

2014-11-12 17:24 - 2014-11-12 17:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-11-11 22:25 - 2014-11-11 22:25 - 00000000 ____D () C:\Users\Peter\AppData\Local\ChiitransLite

2014-11-11 21:53 - 2014-12-01 10:34 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2014-11-11 21:52 - 2014-11-11 21:52 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-11-11 21:52 - 2014-11-11 21:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server

2014-11-11 21:51 - 2014-11-11 21:51 - 00000000 ____D () C:\Windows\PCHEALTH

2014-11-11 21:51 - 2014-11-11 21:51 - 00000000 ____D () C:\Program Files\Microsoft SQL Server

2014-11-11 21:49 - 2014-12-01 10:34 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-11-11 21:49 - 2014-11-11 21:51 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-11-11 21:49 - 2014-11-11 21:49 - 00000000 ____D () C:\Users\Peter\AppData\Local\Microsoft Help

2014-11-11 21:49 - 2014-11-11 21:49 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services

2014-11-11 21:49 - 2014-11-11 21:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-11-11 21:49 - 2014-11-11 21:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2014-11-11 21:47 - 2014-11-11 21:47 - 00000000 __RHD () C:\MSOCache

2014-11-11 20:20 - 2014-11-18 12:00 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\OBS

2014-11-11 18:38 - 2014-11-11 18:38 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\AMD

2014-11-11 18:33 - 2014-11-11 18:33 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\java

2014-11-11 18:32 - 2014-12-05 15:42 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\.minecraft

2014-11-11 16:19 - 2014-04-14 13:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll

2014-11-11 16:08 - 2014-08-15 10:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys

2014-11-11 16:08 - 2014-07-30 11:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll

2014-11-11 16:08 - 2014-07-29 15:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll

2014-11-11 16:08 - 2014-06-20 11:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-11-11 16:08 - 2014-06-20 09:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-11-11 16:08 - 2014-06-13 11:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2014-11-11 16:08 - 2014-06-13 11:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-11-11 16:08 - 2014-06-13 10:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2014-11-11 16:08 - 2014-06-06 21:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll

2014-11-11 16:08 - 2014-05-30 13:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-11-11 16:07 - 2014-09-04 10:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll

2014-11-11 16:07 - 2014-09-04 09:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll

2014-11-11 16:07 - 2014-09-04 09:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll

2014-11-11 16:07 - 2014-08-07 12:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-11-11 16:07 - 2014-08-02 13:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-11-11 16:07 - 2014-03-13 17:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe

2014-11-11 16:07 - 2014-03-13 16:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe

2014-11-11 16:05 - 2014-07-16 04:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe

2014-11-11 16:05 - 2014-07-15 18:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll

2014-11-11 16:05 - 2014-07-15 18:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll

2014-11-11 16:05 - 2014-07-15 18:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll

2014-11-11 16:05 - 2014-04-11 13:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll

2014-11-11 16:05 - 2014-04-11 12:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll

2014-11-11 16:04 - 2014-08-02 10:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll

2014-11-11 16:03 - 2014-09-04 10:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll

2014-11-11 16:03 - 2014-09-04 10:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll

2014-11-11 16:03 - 2014-08-23 17:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe

2014-11-11 16:03 - 2014-08-23 17:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

2014-11-11 16:03 - 2014-08-23 16:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll

2014-11-11 16:03 - 2014-08-23 15:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll

2014-11-11 16:03 - 2014-08-23 14:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll

2014-11-11 16:03 - 2014-08-16 14:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll

2014-11-11 16:03 - 2014-08-16 14:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2014-11-11 16:03 - 2014-08-16 13:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-11-11 16:03 - 2014-08-16 13:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll

2014-11-11 16:03 - 2014-08-16 13:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2014-11-11 16:03 - 2014-08-16 11:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-11-11 16:03 - 2014-08-16 11:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll

2014-11-11 16:03 - 2014-08-16 10:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll

2014-11-11 16:03 - 2014-08-16 10:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll

2014-11-11 16:03 - 2014-08-16 10:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll

2014-11-11 16:03 - 2014-08-16 10:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll

2014-11-11 16:03 - 2014-08-16 10:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll

2014-11-11 16:03 - 2014-08-16 10:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll

2014-11-11 16:03 - 2014-08-16 10:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll

2014-11-11 16:03 - 2014-08-16 10:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll

2014-11-11 16:03 - 2014-08-16 10:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-11-11 16:03 - 2014-08-16 10:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll

2014-11-11 16:03 - 2014-08-16 10:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll

2014-11-11 16:03 - 2014-08-16 10:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll

2014-11-11 16:03 - 2014-08-16 10:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-11-11 16:03 - 2014-08-16 10:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll

2014-11-11 16:03 - 2014-08-16 10:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll

2014-11-11 16:03 - 2014-08-16 10:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll

2014-11-11 16:03 - 2014-08-16 10:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-11-11 16:03 - 2014-08-16 10:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll

2014-11-11 16:03 - 2014-08-16 10:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll

2014-11-11 16:03 - 2014-08-16 10:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll

2014-11-11 16:03 - 2014-08-16 10:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe

2014-11-11 16:03 - 2014-08-16 10:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-11-11 16:03 - 2014-08-16 10:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll

2014-11-11 16:03 - 2014-07-25 01:28 - 00468288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS

2014-11-11 16:03 - 2014-07-24 21:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys

2014-11-11 16:03 - 2014-07-24 20:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2014-11-11 16:03 - 2014-07-24 19:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2014-11-11 16:03 - 2014-06-10 08:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-11-11 16:03 - 2014-06-10 08:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-11-11 16:03 - 2014-05-13 17:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe

2014-11-11 16:03 - 2014-05-03 15:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll

2014-11-11 16:03 - 2014-05-03 15:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll

2014-11-11 16:03 - 2014-05-03 15:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll

2014-11-11 16:03 - 2014-05-03 14:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll

2014-11-11 16:03 - 2014-05-03 14:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll

2014-11-11 16:03 - 2014-05-03 14:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll

2014-11-11 16:03 - 2014-04-30 16:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys

2014-11-11 16:03 - 2014-04-30 16:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2014-11-11 16:03 - 2014-04-30 16:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys

2014-11-11 16:03 - 2014-04-30 16:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys

2014-11-11 16:03 - 2014-04-30 15:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe

2014-11-11 16:03 - 2014-04-30 14:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe

2014-11-11 16:03 - 2014-04-30 14:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll

2014-11-11 16:03 - 2014-04-30 14:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll

2014-11-11 16:03 - 2014-04-30 14:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll

2014-11-11 16:03 - 2014-04-30 14:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll

2014-11-11 16:03 - 2014-04-30 14:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL

2014-11-11 16:03 - 2014-04-30 13:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2014-11-11 16:03 - 2014-04-30 13:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll

2014-11-11 16:03 - 2014-04-30 13:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll

2014-11-11 16:03 - 2014-04-30 13:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll

2014-11-11 16:03 - 2014-04-30 13:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll

2014-11-11 16:03 - 2014-04-29 08:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll

2014-11-11 16:03 - 2014-04-27 04:04 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll

2014-11-11 16:03 - 2014-04-27 02:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll

2014-11-11 16:03 - 2014-04-14 19:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll

2014-11-11 16:03 - 2014-04-14 18:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll

2014-11-11 16:02 - 2014-05-31 20:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-11-11 16:02 - 2014-05-31 16:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys

2014-11-11 16:02 - 2014-05-31 14:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe

2014-11-11 16:02 - 2014-05-31 14:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll

2014-11-11 16:02 - 2014-05-19 16:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe

2014-11-11 16:02 - 2014-05-19 16:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe

2014-11-11 16:02 - 2014-05-19 15:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe

2014-11-11 16:02 - 2014-05-03 15:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll

2014-11-11 16:02 - 2014-05-03 09:26 - 00050745 _____ () C:\Windows\system32\srms.dat

2014-11-11 16:02 - 2014-04-30 14:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2014-11-11 16:02 - 2014-04-30 14:30 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll

2014-11-11 16:02 - 2014-04-30 14:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2014-11-11 16:02 - 2014-04-30 13:52 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll

2014-11-11 16:02 - 2014-04-30 13:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2014-11-11 16:02 - 2014-04-30 13:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll

2014-11-11 16:02 - 2014-04-27 04:41 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe

2014-11-11 16:02 - 2014-04-27 04:22 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll

2014-11-11 16:02 - 2014-04-27 03:36 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll

2014-11-11 16:02 - 2014-04-19 00:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll

2014-11-11 16:02 - 2014-04-18 19:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll

2014-11-11 16:02 - 2014-04-14 19:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll

2014-11-11 16:02 - 2014-04-14 18:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll

2014-11-11 16:02 - 2014-04-14 15:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll

2014-11-11 16:02 - 2014-04-11 14:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll

2014-11-11 16:02 - 2014-04-11 14:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll

2014-11-11 16:02 - 2014-04-09 21:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys

2014-11-11 16:02 - 2014-04-09 16:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll

2014-11-11 16:02 - 2014-04-09 15:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll

2014-11-11 16:02 - 2014-04-09 13:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll

2014-11-11 16:02 - 2014-04-09 08:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll

2014-11-11 16:02 - 2014-04-09 08:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll

2014-11-11 16:02 - 2014-04-09 04:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll

2014-11-11 16:02 - 2014-04-09 04:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll

2014-11-11 16:02 - 2014-04-08 12:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys

2014-11-11 16:02 - 2014-04-07 02:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2014-11-11 16:02 - 2014-04-07 02:34 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys

2014-11-11 16:02 - 2014-04-07 02:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll

2014-11-11 16:02 - 2014-04-07 02:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys

2014-11-11 16:02 - 2014-04-07 02:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll

2014-11-11 16:02 - 2014-04-07 02:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll

2014-11-11 16:02 - 2014-04-07 02:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll

2014-11-11 16:02 - 2014-04-07 02:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2014-11-11 16:02 - 2014-04-07 02:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll

2014-11-11 16:02 - 2014-04-07 02:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe

2014-11-11 16:02 - 2014-04-07 01:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll

2014-11-11 16:02 - 2014-04-07 01:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll

2014-11-11 16:02 - 2014-04-07 01:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll

2014-11-11 16:02 - 2014-04-07 01:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

2014-11-11 16:02 - 2014-04-07 01:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll

2014-11-11 16:02 - 2014-04-06 22:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2014-11-11 16:02 - 2014-04-06 22:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2014-11-11 16:02 - 2014-04-06 22:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe

2014-11-11 16:02 - 2014-04-06 22:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2014-11-11 16:02 - 2014-04-06 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2014-11-11 16:02 - 2014-04-06 21:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll

2014-11-11 16:02 - 2014-04-06 20:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll

2014-11-11 16:02 - 2014-04-06 19:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll

2014-11-11 16:02 - 2014-04-03 18:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2014-11-11 16:02 - 2014-04-03 18:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll

2014-11-11 16:02 - 2014-04-03 14:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2014-11-11 16:02 - 2014-04-03 14:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll

2014-11-11 16:02 - 2014-04-03 12:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll

2014-11-11 16:02 - 2014-04-03 12:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll

2014-11-11 16:02 - 2014-03-29 01:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe

2014-11-11 16:02 - 2014-03-27 15:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll

2014-11-11 16:02 - 2014-03-27 14:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll

2014-11-11 16:02 - 2014-03-27 13:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll

2014-11-11 16:02 - 2014-03-27 13:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe

2014-11-11 16:02 - 2014-03-21 14:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll

2014-11-11 16:02 - 2014-03-19 18:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll

2014-11-11 16:02 - 2014-03-19 17:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2014-11-11 16:02 - 2014-03-19 17:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll

2014-11-11 16:02 - 2014-03-18 18:18 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xusb22.sys

2014-11-11 16:02 - 2014-03-18 15:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll

2014-11-11 16:02 - 2014-03-18 14:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll

2014-11-11 16:02 - 2014-03-17 15:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll

yesame · Dec 5, 2014

2014-11-11 16:02 - 2014-03-17 14:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2014-11-11 16:02 - 2014-03-14 16:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll

2014-11-11 16:02 - 2014-03-14 16:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll

2014-11-11 16:01 - 2014-07-24 13:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll

2014-11-11 16:01 - 2014-07-24 13:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll

2014-11-11 16:01 - 2014-07-12 14:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe

2014-11-11 16:01 - 2014-06-06 23:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-11-11 16:01 - 2014-06-06 22:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-11-11 16:01 - 2014-06-02 12:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll

2014-11-11 16:01 - 2014-05-31 20:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-11-11 16:01 - 2014-05-31 20:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-11-11 16:01 - 2014-05-31 16:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-11-11 16:01 - 2014-05-31 16:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys

2014-11-11 16:01 - 2014-05-31 14:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll

2014-11-11 16:01 - 2014-05-29 16:21 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll

2014-11-11 16:01 - 2014-05-27 19:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll

2014-11-11 16:01 - 2014-05-27 19:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll

2014-11-11 16:01 - 2014-05-01 23:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys

2014-11-11 16:01 - 2014-05-01 15:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll

2014-11-11 07:54 - 2014-05-31 20:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll

2014-11-11 07:54 - 2014-05-31 12:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll

2014-11-11 07:54 - 2014-05-31 12:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll

2014-11-11 07:54 - 2014-04-11 18:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll

2014-11-11 07:54 - 2014-04-11 15:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe

2014-11-09 22:56 - 2014-02-23 01:55 - 01435304 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll

2014-11-09 22:56 - 2014-02-23 01:55 - 00244848 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll

2014-11-09 22:56 - 2014-02-23 01:55 - 00162176 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe

2014-11-09 22:56 - 2014-02-23 01:55 - 00131168 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe

2014-11-09 22:56 - 2014-02-23 01:53 - 03394384 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll

2014-11-09 22:56 - 2014-02-23 01:46 - 01445616 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll

2014-11-09 22:56 - 2014-02-23 01:44 - 00924504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys

2014-11-09 22:56 - 2014-02-22 22:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys

2014-11-09 22:56 - 2014-02-22 22:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys

2014-11-09 22:56 - 2014-02-22 22:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll

2014-11-09 22:56 - 2014-02-22 21:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll

2014-11-09 22:56 - 2014-02-22 21:54 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll

2014-11-09 22:56 - 2014-02-22 21:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2014-11-09 22:56 - 2014-02-22 21:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll

2014-11-09 22:56 - 2014-02-22 21:34 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll

2014-11-09 22:56 - 2014-02-22 21:29 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe

2014-11-09 22:56 - 2014-02-22 21:22 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll

2014-11-09 22:56 - 2014-02-22 21:22 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2014-11-09 22:56 - 2014-02-22 21:16 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2014-11-09 22:56 - 2014-02-22 21:05 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\pnpclean.dll

2014-11-09 22:56 - 2014-02-22 21:04 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe

2014-11-09 22:56 - 2014-02-22 20:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll

2014-11-09 22:56 - 2014-02-22 20:36 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2014-11-09 22:56 - 2014-02-22 19:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\deviceassociation.dll

2014-11-09 22:56 - 2014-02-22 19:52 - 01132032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll

2014-11-09 22:56 - 2014-02-22 19:49 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll

2014-11-09 22:56 - 2014-02-22 19:48 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll

2014-11-09 22:56 - 2014-02-22 19:45 - 00562176 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-11-09 22:56 - 2014-02-22 19:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll

2014-11-09 22:56 - 2014-02-22 19:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dasHost.exe

2014-11-09 22:56 - 2014-02-22 19:26 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll

2014-11-09 22:56 - 2014-02-22 19:25 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\das.dll

2014-11-09 22:56 - 2014-02-22 19:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll

2014-11-09 22:56 - 2014-02-22 19:23 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll

2014-11-09 22:56 - 2014-02-22 19:14 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll

2014-11-09 22:56 - 2014-02-22 19:11 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll

2014-11-09 22:56 - 2014-02-22 19:10 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll

2014-11-09 22:56 - 2014-02-22 19:10 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll

2014-11-09 22:56 - 2014-02-22 19:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll

2014-11-09 22:56 - 2014-02-22 18:59 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll

2014-11-09 22:56 - 2014-02-22 18:55 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\energytask.dll

2014-11-09 22:56 - 2014-02-22 18:54 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll

2014-11-09 22:56 - 2014-02-22 18:54 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll

2014-11-09 22:56 - 2014-02-22 18:52 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll

2014-11-09 22:56 - 2014-02-22 18:45 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll

2014-11-09 22:56 - 2014-02-22 18:40 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll

2014-11-09 22:56 - 2014-02-22 18:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll

2014-11-09 22:56 - 2014-02-22 18:22 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-11-09 22:56 - 2014-02-22 18:20 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll

2014-11-09 22:56 - 2014-02-22 18:01 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe

2014-11-09 22:56 - 2014-01-31 19:19 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll

2014-11-09 22:56 - 2014-01-29 10:17 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll

2014-11-09 22:56 - 2014-01-22 16:21 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll

2014-11-09 22:56 - 2014-01-18 03:24 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll

2014-11-09 22:55 - 2014-02-22 21:16 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-11-09 22:55 - 2014-02-22 21:16 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2014-11-09 22:55 - 2014-02-22 19:54 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll

2014-11-09 22:55 - 2014-02-22 18:54 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\AepRoam.dll

2014-11-09 22:54 - 2014-02-23 00:52 - 00251504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powrprof.dll

2014-11-09 22:54 - 2014-02-23 00:38 - 01077944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll

2014-11-09 22:54 - 2014-02-23 00:18 - 00029912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe

2014-11-09 22:54 - 2014-02-23 00:04 - 00317584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll

2014-11-09 22:54 - 2014-02-22 21:11 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll

2014-11-09 22:54 - 2014-02-22 21:09 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe

2014-11-09 22:54 - 2014-02-22 20:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll

2014-11-09 22:54 - 2014-02-22 20:03 - 02544128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll

2014-11-09 22:54 - 2014-02-22 19:36 - 01392640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe

2014-11-09 22:54 - 2014-02-22 19:36 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll

2014-11-09 22:54 - 2014-02-22 19:32 - 01162752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll

2014-11-09 22:54 - 2014-02-22 19:16 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxshared.dll

2014-11-09 22:54 - 2014-02-22 19:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2014-11-09 22:54 - 2014-02-22 19:02 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll

2014-11-09 22:54 - 2014-02-22 18:47 - 00517120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe

2014-11-09 22:54 - 2014-02-22 18:43 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll

2014-11-09 22:54 - 2014-02-22 18:42 - 00943104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WlanMM.dll

2014-11-09 22:54 - 2014-02-22 18:39 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe

2014-11-09 22:54 - 2014-02-22 18:38 - 00470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl

2014-11-09 22:54 - 2014-02-22 18:20 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncPolicy.dll

2014-11-09 22:54 - 2013-11-27 19:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\finger.exe

2014-11-09 22:54 - 2013-11-27 18:56 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll

2014-11-09 22:53 - 2014-02-23 00:18 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe

2014-11-09 22:53 - 2014-02-22 21:13 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll

2014-11-09 22:53 - 2014-02-22 21:06 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll

2014-11-09 22:53 - 2014-02-22 21:05 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll

2014-11-09 22:53 - 2014-02-22 20:59 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll

2014-11-09 22:53 - 2014-02-22 20:14 - 02165760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll

2014-11-09 22:53 - 2014-02-22 20:13 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll

2014-11-09 22:53 - 2014-02-22 20:12 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll

2014-11-09 22:53 - 2014-02-22 20:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll

2014-11-09 22:53 - 2014-02-22 20:02 - 08946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll

2014-11-09 22:53 - 2014-02-22 19:36 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll

2014-11-09 22:53 - 2014-02-22 19:31 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll

2014-11-09 22:53 - 2014-02-22 19:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll

2014-11-09 22:53 - 2014-02-22 19:26 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.exe

2014-11-09 22:53 - 2014-02-22 19:19 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll

2014-11-09 22:53 - 2014-02-22 18:55 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slpts.dll

2014-11-09 22:53 - 2014-02-22 18:51 - 01258496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll

2014-11-09 22:53 - 2014-02-22 18:44 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll

2014-11-09 22:53 - 2014-02-22 18:33 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll

2014-11-09 22:53 - 2014-02-22 18:21 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll

2014-11-09 22:53 - 2014-02-08 11:08 - 00100197 _____ () C:\Windows\SysWOW64\RacRules.xml

2014-11-09 22:53 - 2014-02-01 16:00 - 00011109 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms

2014-11-09 22:53 - 2014-02-01 16:00 - 00007762 _____ () C:\Windows\SysWOW64\connectedsearch-suggestions.searchconnector-ms

2014-11-09 22:53 - 2014-02-01 16:00 - 00007130 _____ () C:\Windows\SysWOW64\connectedsearch-zeroinput.searchconnector-ms

2014-11-09 22:53 - 2014-01-31 19:04 - 00409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll

2014-11-09 22:52 - 2014-02-22 18:29 - 00191488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll

2014-11-09 22:52 - 2014-02-22 18:24 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll

2014-11-09 22:51 - 2014-02-23 00:18 - 00041320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe

2014-11-09 22:51 - 2014-02-22 21:24 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe

2014-11-09 22:51 - 2014-02-22 21:24 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe

2014-11-09 22:51 - 2014-02-22 21:24 - 00780288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe

2014-11-09 22:51 - 2014-02-22 21:01 - 00112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe

2014-11-09 22:51 - 2014-02-22 20:50 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe

2014-11-09 22:51 - 2014-02-22 20:47 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll

2014-11-09 22:51 - 2014-02-22 20:47 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe

2014-11-09 22:51 - 2014-02-22 20:33 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll

2014-11-09 22:51 - 2014-02-22 20:25 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll

2014-11-09 22:51 - 2014-02-22 20:16 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll

2014-11-09 22:51 - 2014-02-22 20:16 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll

2014-11-09 22:51 - 2014-02-22 20:04 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll

2014-11-09 22:51 - 2014-02-22 20:02 - 00258560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2014-11-09 22:51 - 2014-02-22 20:01 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll

2014-11-09 22:51 - 2014-02-22 20:00 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll

2014-11-09 22:51 - 2014-02-22 19:44 - 00675328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll

2014-11-09 22:51 - 2014-02-22 19:28 - 02643456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2014-11-09 22:51 - 2014-02-22 19:25 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbrand.dll

2014-11-09 22:51 - 2014-02-22 19:23 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll

2014-11-09 22:51 - 2014-02-22 19:22 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll

2014-11-09 22:51 - 2014-02-22 19:15 - 00211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe

2014-11-09 22:51 - 2014-02-22 19:12 - 00459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll

2014-11-09 22:51 - 2014-02-22 18:58 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll

2014-11-09 22:51 - 2014-02-22 18:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll

2014-11-09 22:51 - 2014-02-22 18:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll

2014-11-09 22:51 - 2014-02-22 18:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll

2014-11-09 22:51 - 2014-02-22 18:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll

2014-11-09 22:51 - 2014-02-22 18:47 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll

2014-11-09 22:51 - 2014-02-22 18:45 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe

2014-11-09 22:51 - 2014-02-22 18:37 - 01716736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2014-11-09 22:51 - 2014-02-22 18:37 - 00658432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2014-11-09 22:51 - 2014-02-22 18:21 - 00518144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll

2014-11-09 22:51 - 2014-02-22 18:17 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudStorageWizard.exe

2014-11-09 22:51 - 2014-02-22 18:03 - 01496576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll

2014-11-09 22:51 - 2014-02-22 17:54 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll

2014-11-09 22:51 - 2014-01-31 19:08 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll

2014-11-09 22:50 - 2014-02-23 00:52 - 01767440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll

2014-11-09 22:50 - 2014-02-23 00:51 - 01063976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe

2014-11-09 22:50 - 2014-02-23 00:51 - 00140456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll

2014-11-09 22:50 - 2014-02-23 00:38 - 01374384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll

2014-11-09 22:50 - 2014-02-23 00:38 - 00506120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll

2014-11-09 22:50 - 2014-02-23 00:08 - 00079496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll

2014-11-09 22:50 - 2014-02-23 00:04 - 01011280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll

2014-11-09 22:50 - 2014-02-23 00:04 - 00650736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll

2014-11-09 22:50 - 2014-02-22 21:28 - 02428928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll

2014-11-09 22:50 - 2014-02-22 21:17 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll

2014-11-09 22:50 - 2014-02-22 21:16 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll

2014-11-09 22:50 - 2014-02-22 20:57 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll

2014-11-09 22:50 - 2014-02-22 20:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2014-11-09 22:50 - 2014-02-22 20:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll

2014-11-09 22:50 - 2014-02-22 20:32 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2014-11-09 22:50 - 2014-02-22 20:30 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cleanmgr.exe

2014-11-09 22:50 - 2014-02-22 20:21 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe

2014-11-09 22:50 - 2014-02-22 20:14 - 02811392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll

2014-11-09 22:50 - 2014-02-22 19:48 - 01136128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl

2014-11-09 22:50 - 2014-02-22 19:40 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll

2014-11-09 22:50 - 2014-02-22 19:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll

2014-11-09 22:50 - 2014-02-22 19:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll

2014-11-09 22:50 - 2014-02-22 19:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceassociation.dll

2014-11-09 22:50 - 2014-02-22 19:27 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll

2014-11-09 22:50 - 2014-02-22 19:26 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll

2014-11-09 22:50 - 2014-02-22 19:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll

2014-11-09 22:50 - 2014-02-22 19:16 - 11776000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2014-11-09 22:50 - 2014-02-22 19:07 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll

2014-11-09 22:50 - 2014-02-22 19:07 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll

2014-11-09 22:50 - 2014-02-22 19:06 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll

2014-11-09 22:50 - 2014-02-22 18:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll

2014-11-09 22:50 - 2014-02-22 18:53 - 00876544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

2014-11-09 22:50 - 2014-02-22 18:43 - 00644608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll

2014-11-09 22:50 - 2014-02-22 18:39 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll

2014-11-09 22:50 - 2014-02-22 18:39 - 00321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll

2014-11-09 22:50 - 2014-02-22 18:39 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl

2014-11-09 22:50 - 2014-02-22 18:19 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll

2014-11-09 22:50 - 2014-02-22 18:00 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe

2014-11-09 22:50 - 2014-02-01 16:00 - 00002255 _____ () C:\Windows\SysWOW64\WimBootCompress.ini

2014-11-09 22:50 - 2014-01-22 15:50 - 00147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll

2014-11-09 22:31 - 2014-02-22 22:14 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys

2014-11-09 22:31 - 2014-02-22 22:07 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\WofUtil.dll

2014-11-09 22:31 - 2014-02-22 21:16 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll

2014-11-09 22:31 - 2014-02-22 20:55 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\SrTasks.exe

2014-11-09 22:31 - 2014-02-22 20:41 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2014-11-09 22:31 - 2014-02-22 20:36 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2014-11-09 22:31 - 2014-02-22 20:18 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2014-11-09 22:31 - 2014-02-22 20:05 - 01757184 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe

2014-11-09 22:31 - 2014-02-22 20:04 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll

2014-11-09 22:31 - 2014-02-22 19:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2014-11-09 22:31 - 2014-02-22 19:35 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WofTasks.dll

2014-11-09 22:31 - 2014-02-22 19:26 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll

2014-11-09 22:31 - 2014-02-22 19:23 - 03494912 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2014-11-09 22:31 - 2014-02-22 18:55 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll

2014-11-09 22:31 - 2014-02-22 18:55 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll

2014-11-09 22:31 - 2014-02-22 18:54 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe

2014-11-09 22:31 - 2014-02-22 18:47 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll

2014-11-09 22:31 - 2014-02-22 18:45 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2014-11-09 22:31 - 2014-02-22 18:40 - 02368512 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2014-11-09 22:31 - 2014-02-22 18:06 - 01640960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll

2014-11-09 22:31 - 2014-01-29 18:53 - 01653352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-11-09 22:31 - 2014-01-28 05:53 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2014-11-09 22:30 - 2014-02-23 02:59 - 01290688 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll

2014-11-09 22:30 - 2014-02-23 02:59 - 00289752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll

2014-11-09 22:30 - 2014-02-23 01:50 - 00032544 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe

2014-11-09 22:30 - 2014-02-23 01:41 - 00372360 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll

2014-11-09 22:30 - 2014-02-22 22:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll

2014-11-09 22:30 - 2014-02-22 22:08 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll

2014-11-09 22:30 - 2014-02-22 20:58 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll

2014-11-09 22:30 - 2014-02-22 20:56 - 02862592 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll

2014-11-09 22:30 - 2014-02-22 20:41 - 02566656 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll

2014-11-09 22:30 - 2014-02-22 20:14 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe

2014-11-09 22:30 - 2014-02-22 20:01 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll

2014-11-09 22:30 - 2014-02-22 19:57 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll

2014-11-09 22:30 - 2014-02-22 19:23 - 00628224 _____ (Microsoft Corporation) C:\Windows\system32\msTextPrediction.dll

2014-11-09 22:30 - 2014-02-22 19:18 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll

2014-11-09 22:30 - 2014-02-22 18:51 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll

2014-11-09 22:30 - 2014-02-22 18:49 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll

2014-11-09 22:30 - 2014-02-22 18:44 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl

2014-11-09 22:30 - 2014-01-31 19:55 - 03596800 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll

2014-11-09 22:30 - 2013-11-27 19:47 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe

2014-11-09 22:30 - 2013-11-27 19:10 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll

2014-11-09 22:29 - 2014-02-23 02:15 - 00071888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys

2014-11-09 22:29 - 2014-02-23 01:50 - 00101216 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe

2014-11-09 22:29 - 2014-02-22 21:08 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll

2014-11-09 22:29 - 2014-02-22 21:05 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll

2014-11-09 22:29 - 2014-02-22 20:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll

2014-11-09 22:29 - 2014-02-22 20:34 - 11742720 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll

2014-11-09 22:29 - 2014-02-22 20:27 - 00397824 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll

2014-11-09 22:29 - 2014-02-22 20:04 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll

2014-11-09 22:29 - 2014-02-22 19:51 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll

2014-11-09 22:29 - 2014-02-22 18:54 - 00647168 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe

2014-11-09 22:29 - 2014-02-22 18:49 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll

2014-11-09 22:29 - 2014-02-22 18:43 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Renewal.dll

2014-11-09 22:29 - 2014-02-22 18:35 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll

2014-11-09 22:29 - 2014-02-22 18:22 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll

2014-11-09 22:29 - 2014-02-22 18:22 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncPolicy.dll

2014-11-09 22:29 - 2014-02-08 11:08 - 00100197 _____ () C:\Windows\system32\RacRules.xml

2014-11-09 22:29 - 2014-02-01 16:00 - 00011109 _____ () C:\Windows\system32\connectedsearch-results.searchconnector-ms

2014-11-09 22:29 - 2014-02-01 16:00 - 00007762 _____ () C:\Windows\system32\connectedsearch-suggestions.searchconnector-ms

2014-11-09 22:29 - 2014-02-01 16:00 - 00007130 _____ () C:\Windows\system32\connectedsearch-zeroinput.searchconnector-ms

2014-11-09 22:29 - 2014-01-29 10:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll

2014-11-09 22:29 - 2014-01-29 10:18 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll

2014-11-09 22:28 - 2014-02-23 01:41 - 01215832 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll

2014-11-09 22:28 - 2014-02-23 01:41 - 00800552 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll

2014-11-09 22:28 - 2014-02-22 22:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx

2014-11-09 22:28 - 2014-02-22 22:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll

2014-11-09 22:28 - 2014-02-22 22:00 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll

2014-11-09 22:28 - 2014-02-22 20:52 - 02288640 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll

2014-11-09 22:28 - 2014-02-22 20:37 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll

2014-11-09 22:28 - 2014-02-22 19:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll

2014-11-09 22:28 - 2014-02-22 19:43 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Sockets.PushEnabledApplication.dll

2014-11-09 22:28 - 2014-02-22 19:22 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll

2014-11-09 22:28 - 2014-02-22 19:01 - 13933568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2014-11-09 22:28 - 2014-02-22 18:51 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll

2014-11-09 22:28 - 2014-02-22 18:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll

2014-11-09 22:28 - 2014-02-22 18:33 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll

2014-11-09 22:28 - 2014-01-31 19:10 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll

2014-11-09 22:27 - 2014-02-23 02:59 - 00209160 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll

2014-11-09 22:27 - 2014-02-23 01:50 - 00761792 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll

2014-11-09 22:27 - 2014-02-22 20:12 - 00797696 _____ (Microsoft Corporation) C:\Windows\system32\PurchaseWindowsLicense.dll

2014-11-09 22:27 - 2014-02-22 18:36 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll

2014-11-09 22:27 - 2014-02-22 18:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll

2014-11-09 22:26 - 2014-02-22 22:17 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll

2014-11-09 22:26 - 2014-02-22 22:08 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll

2014-11-09 22:26 - 2014-02-22 20:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll

2014-11-09 22:26 - 2014-02-22 19:43 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll

2014-11-09 22:26 - 2014-02-22 18:44 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll

2014-11-09 22:26 - 2014-02-22 18:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll

2014-11-09 22:26 - 2014-02-22 14:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk

2014-11-09 22:25 - 2014-02-23 02:59 - 00526304 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-11-09 22:25 - 2014-02-23 02:59 - 00461176 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe

2014-11-09 22:25 - 2014-02-23 02:59 - 00407536 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll

2014-11-09 22:25 - 2014-02-23 02:59 - 00139464 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe

2014-11-09 22:25 - 2014-02-23 02:58 - 00036200 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe

2014-11-09 22:25 - 2014-02-23 01:50 - 00043408 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe

2014-11-09 22:25 - 2014-02-22 22:24 - 02825216 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll

2014-11-09 22:25 - 2014-02-22 21:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll

2014-11-09 22:25 - 2014-02-22 21:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE

2014-11-09 22:25 - 2014-02-22 21:17 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll

2014-11-09 22:25 - 2014-02-22 21:14 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\cleanmgr.exe

2014-11-09 22:25 - 2014-02-22 21:08 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll

2014-11-09 22:25 - 2014-02-22 21:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll

2014-11-09 22:25 - 2014-02-22 20:59 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll

2014-11-09 22:25 - 2014-02-22 20:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\DAConn.dll

2014-11-09 22:25 - 2014-02-22 20:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\dfp.exe

2014-11-09 22:25 - 2014-02-22 20:38 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\DfpCommon.dll

2014-11-09 22:25 - 2014-02-22 20:35 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll

2014-11-09 22:25 - 2014-02-22 20:09 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll

2014-11-09 22:25 - 2014-02-22 19:34 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\energy.dll

2014-11-09 22:25 - 2014-02-22 19:34 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll

2014-11-09 22:25 - 2014-02-22 19:13 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll

2014-11-09 22:25 - 2014-02-22 19:09 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe

2014-11-09 22:25 - 2014-02-22 18:55 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\ConfigureExpandedStorage.dll

2014-11-09 22:25 - 2014-02-22 18:55 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll

2014-11-09 22:25 - 2014-02-22 18:17 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\CloudStorageWizard.exe

2014-11-09 22:25 - 2014-02-22 14:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk

2014-11-09 22:25 - 2014-02-22 14:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk

2014-11-09 22:25 - 2014-02-22 14:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk

2014-11-09 22:25 - 2014-02-22 14:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk

2014-11-09 22:25 - 2014-02-22 14:33 - 00262335 _____ () C:\Windows\system32\dfpinc.dat

2014-11-09 22:24 - 2014-02-23 01:46 - 00669896 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2014-11-09 22:24 - 2014-02-22 22:01 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\spcompat.dll

2014-11-09 22:24 - 2014-02-22 21:42 - 00038680 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe

2014-11-09 22:24 - 2014-02-22 21:05 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentHost.dll

2014-11-09 22:24 - 2014-02-22 21:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContent.dll

2014-11-09 22:24 - 2014-02-22 21:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll

2014-11-09 22:24 - 2014-02-22 18:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\AltTab.dll

2014-11-09 22:24 - 2014-02-22 18:46 - 03312128 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll

2014-11-09 22:24 - 2013-12-10 17:35 - 00530944 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll

2014-11-09 22:22 - 2014-02-22 22:08 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll

2014-11-09 22:22 - 2014-02-22 20:56 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll

2014-11-09 17:38 - 2014-11-09 17:38 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Publish Providers

2014-11-09 17:37 - 2014-11-09 17:38 - 00006068 _____ () C:\Windows\system32\--traceoff

2014-11-09 17:37 - 2014-11-09 17:38 - 00000000 ____D () C:\Users\Peter\AppData\Local\Sony

2014-11-09 17:37 - 2014-11-09 17:37 - 00000000 ____D () C:\ProgramData\Sony

2014-11-09 17:37 - 2014-11-09 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

2014-11-09 17:37 - 2014-11-09 17:37 - 00000000 ____D () C:\Program Files\Sony

2014-11-09 17:37 - 2014-11-09 17:37 - 00000000 ____D () C:\Program Files (x86)\Sony

2014-11-09 17:37 - 2014-11-09 17:37 - 00000000 _____ () C:\Windows\system32\--debugoff

2014-11-09 17:03 - 2014-11-26 23:14 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Sony

2014-11-09 16:46 - 2014-11-25 13:44 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Audacity

2014-11-09 12:24 - 2014-12-05 22:09 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr

2014-11-09 12:24 - 2014-12-05 22:04 - 00000000 ____D () C:\Users\Peter\AppData\Local\PunkBuster

2014-11-09 11:16 - 2014-03-20 14:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-11-09 11:16 - 2014-03-20 13:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys

2014-11-09 11:16 - 2014-03-20 10:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll

2014-11-09 11:16 - 2014-03-20 10:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll

2014-11-09 11:16 - 2014-03-20 09:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2014-11-09 11:16 - 2014-03-20 09:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll

2014-11-09 11:16 - 2014-03-20 09:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll

2014-11-09 11:16 - 2014-03-19 15:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe

2014-11-09 11:16 - 2014-03-19 15:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe

2014-11-09 11:16 - 2014-03-13 22:35 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys

2014-11-09 11:16 - 2014-03-12 00:25 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe

2014-11-09 11:16 - 2014-03-12 00:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll

2014-11-09 11:16 - 2014-03-09 06:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys

2014-11-09 11:16 - 2014-03-09 06:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2014-11-09 11:16 - 2014-03-09 01:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll

2014-11-09 11:16 - 2014-03-08 21:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2014-11-09 11:16 - 2014-03-08 19:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll

2014-11-09 11:16 - 2014-03-08 18:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll

2014-11-09 11:16 - 2014-03-08 18:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll

2014-11-09 11:16 - 2014-03-08 18:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll

2014-11-09 11:16 - 2014-03-08 17:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll

2014-11-09 11:16 - 2014-03-08 17:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll

2014-11-09 11:16 - 2014-03-08 16:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll

2014-11-09 11:16 - 2014-03-08 16:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2014-11-09 11:16 - 2014-03-08 16:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll

2014-11-09 11:16 - 2014-03-08 16:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll

2014-11-09 11:16 - 2014-03-08 16:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll

2014-11-09 11:16 - 2014-03-08 16:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2014-11-09 11:16 - 2014-03-08 16:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2014-11-09 11:16 - 2014-03-08 15:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2014-11-09 11:16 - 2014-03-08 15:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll

2014-11-09 11:16 - 2014-03-08 15:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll

2014-11-09 11:16 - 2014-03-07 00:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-11-09 11:16 - 2014-03-07 00:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll

2014-11-09 11:16 - 2014-03-06 22:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

2014-11-09 11:16 - 2014-03-06 22:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2014-11-09 11:16 - 2014-03-06 22:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2014-11-09 11:16 - 2014-03-06 21:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll

2014-11-09 11:16 - 2014-03-06 21:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2014-11-09 11:16 - 2014-03-06 20:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-11-09 11:16 - 2014-03-06 19:24 - 00111616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2014-11-09 11:16 - 2014-03-06 19:24 - 00033280 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys

2014-11-09 11:16 - 2014-03-06 19:22 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2014-11-09 11:16 - 2014-03-06 19:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys

2014-11-09 11:16 - 2014-03-06 19:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2014-11-09 11:16 - 2014-03-06 19:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll

2014-11-09 11:16 - 2014-03-06 19:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2014-11-09 11:16 - 2014-03-06 19:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll

2014-11-09 11:16 - 2014-03-06 19:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll

2014-11-09 11:16 - 2014-03-06 18:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll

2014-11-09 11:16 - 2014-03-06 18:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2014-11-09 11:16 - 2014-03-06 18:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll

2014-11-09 11:16 - 2014-03-06 18:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll

yesame · Dec 5, 2014

2014-11-09 11:16 - 2014-03-06 18:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll

2014-11-09 11:16 - 2014-03-06 17:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2014-11-09 11:16 - 2014-03-06 17:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll

2014-11-09 11:16 - 2014-03-06 17:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll

2014-11-09 11:16 - 2014-03-06 16:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll

2014-11-09 11:16 - 2014-03-06 16:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll

2014-11-09 11:16 - 2014-03-06 16:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll

2014-11-09 11:16 - 2014-03-06 16:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll

2014-11-09 11:16 - 2014-03-06 16:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll

2014-11-09 11:16 - 2014-03-06 16:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll

2014-11-09 11:16 - 2014-03-06 16:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll

2014-11-09 11:16 - 2014-03-06 16:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll

2014-11-09 11:16 - 2014-03-06 16:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll

2014-11-09 11:16 - 2014-03-06 16:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll

2014-11-09 11:16 - 2014-03-06 16:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll

2014-11-09 11:16 - 2014-03-06 15:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll

2014-11-09 11:16 - 2014-03-06 15:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll

2014-11-09 11:16 - 2014-03-06 15:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll

2014-11-09 11:16 - 2014-03-04 18:11 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll

2014-11-09 11:16 - 2014-03-04 17:26 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll

2014-11-09 11:16 - 2014-03-04 17:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll

2014-11-09 11:16 - 2014-03-04 17:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll

2014-11-09 11:16 - 2014-03-04 17:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll

2014-11-09 11:16 - 2014-03-04 17:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll

2014-11-09 11:16 - 2014-03-04 16:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll

2014-11-09 11:16 - 2014-03-04 16:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll

2014-11-09 11:16 - 2014-03-04 16:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll

2014-11-09 11:16 - 2014-03-04 16:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll

2014-11-09 11:16 - 2014-03-04 16:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll

2014-11-09 11:16 - 2014-03-04 16:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll

2014-11-09 11:16 - 2014-03-04 16:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll

2014-11-09 11:16 - 2014-03-04 16:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll

2014-11-09 11:16 - 2014-03-04 15:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll

2014-11-09 11:16 - 2014-03-04 15:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll

2014-11-09 11:16 - 2013-12-24 09:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll

2014-11-09 11:16 - 2013-12-24 09:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll

2014-11-09 11:10 - 2014-02-22 19:47 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll

2014-11-09 11:10 - 2014-02-08 11:08 - 00139600 _____ () C:\Windows\system32\systemsf.ebd

2014-11-09 11:09 - 2014-02-23 02:15 - 01929608 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll

2014-11-09 11:09 - 2014-02-23 02:15 - 01206000 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe

2014-11-09 11:09 - 2014-02-23 02:00 - 00249688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys

2014-11-09 11:09 - 2014-02-23 01:46 - 01927600 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll

2014-11-09 11:09 - 2014-02-23 01:46 - 01000424 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll

2014-11-09 11:09 - 2014-02-23 01:44 - 00539992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys

2014-11-09 11:09 - 2014-02-23 01:41 - 00391008 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll

2014-11-09 11:09 - 2014-02-23 00:42 - 01017936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll

2014-11-09 11:09 - 2014-02-23 00:42 - 00422968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-11-09 11:09 - 2014-02-23 00:04 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll

2014-11-09 11:09 - 2014-02-22 22:07 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll

2014-11-09 11:09 - 2014-02-22 20:25 - 01428480 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe

2014-11-09 11:09 - 2014-02-22 19:53 - 00825344 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll

2014-11-09 11:09 - 2014-02-22 19:38 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll

2014-11-09 11:09 - 2014-02-22 19:35 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2014-11-09 11:09 - 2014-02-22 19:33 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll

2014-11-09 11:09 - 2014-02-22 19:04 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll

2014-11-09 11:09 - 2014-02-22 19:00 - 01341440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll

2014-11-09 11:09 - 2014-02-22 19:00 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll

2014-11-09 11:09 - 2014-01-29 17:44 - 01369736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-11-09 11:08 - 2014-02-23 02:15 - 00531128 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll

2014-11-09 11:08 - 2014-02-23 02:15 - 00275312 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll

2014-11-09 11:08 - 2014-02-23 02:15 - 00188464 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe

2014-11-09 11:08 - 2014-02-23 02:02 - 00170952 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll

2014-11-09 11:08 - 2014-02-23 02:02 - 00083120 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe

2014-11-09 11:08 - 2014-02-23 02:02 - 00080048 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe

2014-11-09 11:08 - 2014-02-23 02:00 - 00236888 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys

2014-11-09 11:08 - 2014-02-23 02:00 - 00151384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys

2014-11-09 11:08 - 2014-02-23 02:00 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys

2014-11-09 11:08 - 2014-02-23 01:55 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll

2014-11-09 11:08 - 2014-02-23 01:49 - 00079192 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys

2014-11-09 11:08 - 2014-02-23 01:48 - 01791752 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll

2014-11-09 11:08 - 2014-02-23 01:43 - 00142576 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2014-11-09 11:08 - 2014-02-23 00:42 - 00410568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe

2014-11-09 11:08 - 2014-02-23 00:42 - 00369288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll

2014-11-09 11:08 - 2014-02-23 00:42 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll

2014-11-09 11:08 - 2014-02-23 00:42 - 00137344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe

2014-11-09 11:08 - 2014-02-23 00:11 - 00490136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2014-11-09 11:08 - 2014-02-22 22:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll

2014-11-09 11:08 - 2014-02-22 22:20 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-power-events.dll

2014-11-09 11:08 - 2014-02-22 22:14 - 00033280 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys

2014-11-09 11:08 - 2014-02-22 22:11 - 00272896 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2014-11-09 11:08 - 2014-02-22 22:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll

2014-11-09 11:08 - 2014-02-22 21:50 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe

2014-11-09 11:08 - 2014-02-22 21:47 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll

2014-11-09 11:08 - 2014-02-22 21:41 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe

2014-11-09 11:08 - 2014-02-22 21:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe

2014-11-09 11:08 - 2014-02-22 21:15 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll

2014-11-09 11:08 - 2014-02-22 20:59 - 01283584 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe

2014-11-09 11:08 - 2014-02-22 20:52 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll

2014-11-09 11:08 - 2014-02-22 20:51 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll

2014-11-09 11:08 - 2014-02-22 20:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll

2014-11-09 11:08 - 2014-02-22 20:18 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe

2014-11-09 11:08 - 2014-02-22 20:17 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll

2014-11-09 11:08 - 2014-02-22 20:15 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe

2014-11-09 11:08 - 2014-02-22 20:13 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe

2014-11-09 11:08 - 2014-02-22 19:59 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll

2014-11-09 11:08 - 2014-02-22 19:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll

2014-11-09 11:08 - 2014-02-22 19:45 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe

2014-11-09 11:08 - 2014-02-22 19:36 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe

2014-11-09 11:08 - 2014-02-22 19:25 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll

2014-11-09 11:08 - 2014-02-22 19:24 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll

2014-11-09 11:08 - 2014-02-22 18:54 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll

2014-11-09 11:08 - 2014-02-22 18:48 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll

2014-11-09 11:08 - 2014-02-22 18:45 - 00169472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll

2014-11-09 11:08 - 2014-02-22 18:43 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe

2014-11-09 11:08 - 2014-02-22 18:42 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll

2014-11-09 11:08 - 2014-01-31 19:35 - 03085824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll

2014-11-09 11:08 - 2014-01-31 19:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll

2014-11-09 11:08 - 2014-01-29 18:52 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys

2014-11-09 11:08 - 2014-01-18 03:04 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll

2014-11-09 11:08 - 2013-11-11 09:41 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll

2014-11-09 11:07 - 2014-02-23 01:59 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe

2014-11-09 11:07 - 2014-02-23 01:49 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS

2014-11-09 11:07 - 2014-02-23 01:49 - 00189784 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS

2014-11-09 11:07 - 2014-02-23 01:43 - 00094560 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll

2014-11-09 11:07 - 2014-02-23 00:41 - 00033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe

2014-11-09 11:07 - 2014-02-22 22:17 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe

2014-11-09 11:07 - 2014-02-22 22:17 - 00890880 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe

2014-11-09 11:07 - 2014-02-22 22:17 - 00874496 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe

2014-11-09 11:07 - 2014-02-22 22:07 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll

2014-11-09 11:07 - 2014-02-22 22:07 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\clrhost.dll

2014-11-09 11:07 - 2014-02-22 22:03 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe

2014-11-09 11:07 - 2014-02-22 22:03 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll

2014-11-09 11:07 - 2014-02-22 22:00 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe

2014-11-09 11:07 - 2014-02-22 21:59 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe

2014-11-09 11:07 - 2014-02-22 21:50 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll

2014-11-09 11:07 - 2014-02-22 21:47 - 00589312 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll

2014-11-09 11:07 - 2014-02-22 21:47 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe

2014-11-09 11:07 - 2014-02-22 21:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\fhevents.dll

2014-11-09 11:07 - 2014-02-22 21:37 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe

2014-11-09 11:07 - 2014-02-22 21:32 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll

2014-11-09 11:07 - 2014-02-22 21:25 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll

2014-11-09 11:07 - 2014-02-22 21:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SSShim.dll

2014-11-09 11:07 - 2014-02-22 21:16 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clrhost.dll

2014-11-09 11:07 - 2014-02-22 21:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2014-11-09 11:07 - 2014-02-22 20:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe

2014-11-09 11:07 - 2014-02-22 20:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll

2014-11-09 11:07 - 2014-02-22 20:46 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe

2014-11-09 11:07 - 2014-02-22 20:40 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE

2014-11-09 11:07 - 2014-02-22 20:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe

2014-11-09 11:07 - 2014-02-22 20:21 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll

2014-11-09 11:07 - 2014-02-22 20:20 - 01152512 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl

2014-11-09 11:07 - 2014-02-22 20:17 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll

2014-11-09 11:07 - 2014-02-22 19:56 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll

2014-11-09 11:07 - 2014-02-22 19:52 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.exe

2014-11-09 11:07 - 2014-02-22 19:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\winbrand.dll

2014-11-09 11:07 - 2014-02-22 19:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll

2014-11-09 11:07 - 2014-02-22 19:45 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll

2014-11-09 11:07 - 2014-02-22 19:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll

2014-11-09 11:07 - 2014-02-22 19:08 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll

2014-11-09 11:07 - 2014-02-22 19:04 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\slpts.dll

2014-11-09 11:07 - 2014-02-22 18:43 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll

2014-11-09 11:07 - 2014-02-22 18:30 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll

2014-11-09 11:07 - 2014-02-01 16:00 - 00002255 _____ () C:\Windows\system32\WimBootCompress.ini

2014-11-09 11:07 - 2014-01-29 18:40 - 00994136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys

2014-11-09 11:06 - 2014-02-22 22:17 - 00008192 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-1.dll

2014-11-09 11:06 - 2014-02-22 22:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-session-winsta-l1-1-0.dll

2014-11-09 11:06 - 2014-02-22 22:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-0.dll

2014-11-09 11:06 - 2014-02-22 22:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-kernel32-package-l1-1-1.dll

2014-11-09 11:06 - 2014-02-22 22:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll

2014-11-09 11:06 - 2014-02-22 21:48 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll

2014-11-09 11:06 - 2014-02-22 21:39 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\fhsvcctl.dll

2014-11-09 11:06 - 2014-02-22 21:25 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\f3ahvoas.dll

2014-11-09 11:06 - 2014-02-22 21:25 - 00008192 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll

2014-11-09 11:06 - 2014-02-22 21:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll

2014-11-09 11:06 - 2014-02-22 21:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll

2014-11-09 11:06 - 2014-02-22 21:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll

2014-11-09 11:06 - 2014-02-22 21:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll

2014-11-09 11:06 - 2014-02-22 20:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe

2014-11-09 11:06 - 2014-02-22 19:48 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll

2014-11-09 11:06 - 2014-02-22 19:19 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\korwbrkr.dll

2014-11-08 23:36 - 2014-11-08 23:36 - 00000000 ____D () C:\Users\Peter\AppData\Local\TERA

2014-11-08 23:34 - 2014-11-08 23:34 - 00000000 ____D () C:\ProgramData\Riot Games

2014-11-08 23:33 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll

2014-11-08 23:33 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll

2014-11-08 23:33 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll

2014-11-08 23:31 - 2014-11-08 23:33 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Riot Games

2014-11-08 21:32 - 2014-11-08 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics

2014-11-08 21:32 - 2014-11-08 21:32 - 00000000 ____D () C:\ProgramData\Auslogics

2014-11-08 21:32 - 2014-11-08 21:32 - 00000000 ____D () C:\Program Files (x86)\Auslogics

2014-11-08 21:06 - 2014-11-08 21:06 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\MPC-HC

2014-11-08 16:15 - 2014-11-08 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2014-11-08 16:12 - 2014-11-10 23:03 - 00000000 ____D () C:\Windows\Panther

2014-11-08 14:49 - 2014-11-12 17:19 - 00000000 ____D () C:\Windows\system32\MRT

2014-11-08 14:49 - 2014-11-12 17:16 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-11-08 09:47 - 2014-11-08 09:47 - 00000000 ____D () C:\Program Files\Unity

2014-11-08 09:12 - 2014-12-05 22:09 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe

2014-11-08 09:12 - 2014-12-05 22:09 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2014-11-08 09:12 - 2014-12-05 22:04 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0

2014-11-08 09:12 - 2014-11-08 09:12 - 02434856 _____ () C:\Windows\SysWOW64\pbsvc.exe

2014-11-08 09:12 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll

2014-11-08 09:12 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll

2014-11-08 09:12 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll

2014-11-08 09:12 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll

2014-11-08 09:12 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll

2014-11-08 09:12 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll

2014-11-08 08:55 - 2014-11-08 08:55 - 00000000 ____D () C:\ProgramData\ATI

2014-11-08 02:33 - 2014-01-05 01:54 - 00138240 _____ () C:\Windows\system32\OEMLicense.dll

2014-11-08 02:33 - 2014-01-05 01:08 - 00103936 _____ () C:\Windows\SysWOW64\OEMLicense.dll

2014-11-08 02:33 - 2013-12-31 09:34 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll

2014-11-08 02:33 - 2013-12-31 09:32 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll

2014-11-08 02:33 - 2013-12-27 18:57 - 00842752 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll

2014-11-08 02:33 - 2013-12-27 17:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll

2014-11-08 02:33 - 2013-12-21 17:21 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll

2014-11-08 02:33 - 2013-12-17 17:21 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys

2014-11-08 02:27 - 2013-11-28 01:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-11-08 02:27 - 2013-11-27 23:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2014-11-08 02:24 - 2013-11-27 22:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys

2014-11-08 02:24 - 2013-11-27 20:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2014-11-08 02:24 - 2013-11-27 19:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2014-11-08 02:24 - 2013-11-27 19:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll

2014-11-08 02:24 - 2013-11-27 18:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll

2014-11-08 02:24 - 2013-11-23 17:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\bi.dll

2014-11-08 02:24 - 2013-11-23 17:13 - 00019456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys

2014-11-08 02:24 - 2013-11-21 16:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll

2014-11-08 02:24 - 2013-11-16 00:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll

2014-11-08 02:24 - 2013-11-16 00:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll

2014-11-08 02:07 - 2013-11-11 12:48 - 00039768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys

2014-11-08 02:07 - 2013-11-08 15:23 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll

2014-11-08 02:07 - 2013-11-08 14:42 - 00366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll

2014-11-08 02:07 - 2013-11-01 21:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys

2014-11-08 02:07 - 2013-10-26 11:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys

2014-11-08 02:00 - 2013-11-21 16:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2014-11-08 02:00 - 2013-11-21 15:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-11-08 01:59 - 2013-10-19 18:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2014-11-08 01:59 - 2013-10-19 17:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2014-11-08 01:58 - 2013-12-22 00:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe

2014-11-08 01:57 - 2014-01-28 05:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll

2014-11-08 01:57 - 2014-01-28 04:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll

2014-11-08 01:57 - 2014-01-28 03:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll

2014-11-08 01:56 - 2014-01-28 04:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2014-11-08 01:56 - 2014-01-28 03:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll

2014-11-08 01:55 - 2013-12-21 18:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll

2014-11-08 01:45 - 2013-12-09 10:19 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-11-08 01:45 - 2013-12-09 09:55 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2014-11-08 01:40 - 2014-02-06 21:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-11-08 01:40 - 2013-11-23 14:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2014-11-08 01:40 - 2013-11-23 14:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2014-11-08 01:39 - 2014-02-06 21:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-11-08 01:39 - 2014-02-06 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-11-08 01:29 - 2013-11-27 21:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe

2014-11-08 01:20 - 2014-01-07 17:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe

2014-11-08 01:20 - 2014-01-07 15:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe

2014-11-08 01:18 - 2014-02-22 22:16 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

2014-11-08 01:18 - 2014-02-22 21:24 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe

2014-11-08 01:12 - 2014-10-30 21:25 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2014-11-08 01:03 - 2014-11-08 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGamer

2014-11-08 01:03 - 2014-11-08 01:03 - 00000000 ____D () C:\Program Files (x86)\CyberGamer

2014-11-08 01:02 - 2014-11-08 01:03 - 00000000 ____D () C:\Program Files (x86)\FFmpeg for Audacity

2014-11-08 01:01 - 2014-11-08 01:01 - 00001031 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk

2014-11-08 01:01 - 2014-11-08 01:01 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity

2014-11-08 01:01 - 2014-11-08 01:01 - 00000000 ____D () C:\Program Files (x86)\Audacity

2014-11-08 00:56 - 2014-11-08 00:56 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC

2014-11-08 00:56 - 2014-11-08 00:56 - 00000000 ____D () C:\Program Files\CCleaner

2014-11-08 00:53 - 2014-12-02 14:06 - 00000000 ____D () C:\Fraps

2014-11-08 00:53 - 2014-11-08 00:53 - 00001040 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPSSPP.lnk

2014-11-08 00:53 - 2014-11-08 00:53 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6

2014-11-08 00:53 - 2014-11-08 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps

2014-11-08 00:53 - 2014-11-08 00:53 - 00000000 ____D () C:\Program Files (x86)\Project64 1.6

2014-11-08 00:53 - 2014-11-08 00:53 - 00000000 ____D () C:\Program Files (x86)\PPSSPP

2014-11-08 00:52 - 2014-11-11 20:20 - 00000000 ____D () C:\Program Files\OBS

2014-11-08 00:52 - 2014-11-11 20:20 - 00000000 ____D () C:\Program Files (x86)\OBS

2014-11-08 00:52 - 2014-11-08 00:52 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software

2014-11-08 00:49 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll

2014-11-08 00:49 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll

2014-11-08 00:49 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll

2014-11-08 00:49 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll

2014-11-08 00:49 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll

2014-11-08 00:49 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll

2014-11-08 00:49 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll

2014-11-08 00:49 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll

2014-11-08 00:49 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll

2014-11-08 00:49 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll

2014-11-08 00:49 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll

2014-11-08 00:49 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll

2014-11-08 00:49 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll

2014-11-08 00:49 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll

2014-11-08 00:49 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll

2014-11-08 00:49 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll

2014-11-08 00:49 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll

2014-11-08 00:49 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll

2014-11-08 00:49 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll

2014-11-08 00:49 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll

2014-11-08 00:49 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll

2014-11-08 00:49 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll

2014-11-08 00:49 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll

2014-11-08 00:49 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll

2014-11-08 00:49 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll

2014-11-08 00:49 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll

2014-11-08 00:49 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll

2014-11-08 00:49 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll

2014-11-08 00:49 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll

2014-11-08 00:49 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll

2014-11-08 00:49 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll

2014-11-08 00:49 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll

2014-11-08 00:49 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll

2014-11-08 00:49 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll

2014-11-08 00:49 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll

2014-11-08 00:49 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll

2014-11-08 00:49 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll

2014-11-08 00:49 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll

2014-11-08 00:49 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll

2014-11-08 00:49 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll

2014-11-08 00:49 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll

2014-11-08 00:49 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll

2014-11-08 00:49 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll

2014-11-08 00:49 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll

2014-11-08 00:49 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll

2014-11-08 00:49 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll

2014-11-08 00:49 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll

2014-11-08 00:49 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll

2014-11-08 00:49 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll

2014-11-08 00:49 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll

2014-11-08 00:49 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll

2014-11-08 00:49 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll

2014-11-08 00:49 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll

2014-11-08 00:49 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll

2014-11-08 00:49 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll

2014-11-08 00:49 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll

2014-11-08 00:49 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll

2014-11-08 00:49 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll

2014-11-08 00:49 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll

2014-11-08 00:49 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll

2014-11-08 00:49 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll

2014-11-08 00:49 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll

2014-11-08 00:49 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll

2014-11-08 00:49 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll

2014-11-08 00:49 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll

2014-11-08 00:49 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll

2014-11-08 00:49 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll

2014-11-08 00:49 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll

2014-11-08 00:49 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll

2014-11-08 00:49 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll

2014-11-08 00:49 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll

2014-11-08 00:49 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll

2014-11-08 00:49 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll

2014-11-08 00:49 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll

2014-11-08 00:49 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll

2014-11-08 00:49 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll

2014-11-08 00:49 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll

2014-11-08 00:49 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll

2014-11-08 00:49 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll

2014-11-08 00:49 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll

2014-11-08 00:49 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll

2014-11-08 00:49 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll

2014-11-08 00:49 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll

2014-11-08 00:49 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll

2014-11-08 00:49 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll

2014-11-08 00:49 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll

2014-11-08 00:49 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll

2014-11-08 00:49 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll

2014-11-08 00:49 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll

2014-11-08 00:49 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll

2014-11-08 00:49 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll

2014-11-08 00:49 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll

2014-11-08 00:49 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll

2014-11-08 00:49 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll

2014-11-08 00:49 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll

2014-11-08 00:49 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll

2014-11-08 00:49 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll

2014-11-08 00:49 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll

2014-11-08 00:49 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll

2014-11-08 00:49 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll

2014-11-08 00:49 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll

2014-11-08 00:49 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll

2014-11-08 00:49 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll

2014-11-08 00:49 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll

2014-11-08 00:49 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll

2014-11-08 00:49 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll

2014-11-08 00:49 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll

2014-11-08 00:49 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll

2014-11-08 00:49 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll

2014-11-08 00:49 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll

2014-11-08 00:49 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll

2014-11-08 00:49 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll

2014-11-08 00:49 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll

2014-11-08 00:49 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll

2014-11-08 00:49 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll

2014-11-08 00:49 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll

2014-11-08 00:49 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll

2014-11-08 00:49 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll

2014-11-08 00:49 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll

2014-11-08 00:49 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll

2014-11-08 00:49 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll

2014-11-08 00:49 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll

2014-11-08 00:49 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll

2014-11-08 00:49 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll

2014-11-08 00:49 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll

2014-11-08 00:49 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll

2014-11-08 00:49 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll

2014-11-08 00:49 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll

2014-11-08 00:49 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll

2014-11-08 00:49 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll

2014-11-08 00:49 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll

2014-11-08 00:49 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll

2014-11-08 00:49 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll

2014-11-08 00:49 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll

2014-11-08 00:49 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll

2014-11-08 00:49 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll

2014-11-08 00:49 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll

2014-11-08 00:49 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll

2014-11-08 00:49 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll

2014-11-08 00:49 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll

2014-11-08 00:49 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll

2014-11-08 00:49 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll

2014-11-08 00:49 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll

yesame · Dec 5, 2014

2014-11-08 00:49 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll

2014-11-08 00:49 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll

2014-11-08 00:49 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll

2014-11-08 00:49 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll

2014-11-08 00:49 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll

2014-11-08 00:49 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll

2014-11-08 00:49 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll

2014-11-08 00:49 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll

2014-11-08 00:49 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll

2014-11-08 00:49 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll

2014-11-08 00:49 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll

2014-11-08 00:49 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll

2014-11-08 00:49 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll

2014-11-08 00:49 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll

2014-11-08 00:49 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll

2014-11-08 00:49 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll

2014-11-08 00:49 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll

2014-11-08 00:49 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll

2014-11-08 00:49 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll

2014-11-08 00:49 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll

2014-11-08 00:49 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll

2014-11-08 00:49 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll

2014-11-08 00:49 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll

2014-11-08 00:49 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll

2014-11-08 00:49 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll

2014-11-08 00:49 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll

2014-11-08 00:49 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll

2014-11-08 00:45 - 2014-11-16 08:52 - 00000000 ____D () C:\Windows\SysWOW64\directx

2014-11-08 00:43 - 2014-11-08 00:43 - 00000954 _____ () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk

2014-11-08 00:42 - 2014-11-30 17:57 - 00000000 ____D () C:\Users\Peter\AppData\Local\osu!

2014-11-08 00:40 - 2014-11-08 00:40 - 00000000 ____D () C:\Program Files\Reference Assemblies

2014-11-08 00:40 - 2014-11-08 00:40 - 00000000 ____D () C:\Program Files\MSBuild

2014-11-08 00:40 - 2014-11-08 00:40 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies

2014-11-08 00:40 - 2014-11-08 00:40 - 00000000 ____D () C:\Program Files (x86)\MSBuild

2014-11-08 00:38 - 2013-08-03 14:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll

2014-11-08 00:38 - 2013-08-03 14:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-11-08 00:38 - 2013-08-03 14:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll

2014-11-08 00:38 - 2013-08-03 14:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2014-11-08 00:30 - 2014-11-09 23:17 - 00000000 ___RD () C:\Users\Peter\Google Drive

2014-11-08 00:29 - 2014-11-08 00:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2014-11-08 00:28 - 2014-11-08 00:28 - 00000000 ____D () C:\Windows\SysWOW64\xlive

2014-11-08 00:28 - 2014-11-08 00:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace

2014-11-08 00:28 - 2014-11-08 00:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2014-11-08 00:28 - 2009-09-05 11:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll

2014-11-08 00:28 - 2009-09-05 11:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll

2014-11-08 00:28 - 2007-04-05 12:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll

2014-11-08 00:27 - 2014-11-08 00:27 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale

2014-11-08 00:25 - 2014-11-08 00:25 - 00067608 _____ () C:\Windows\SysWOW64\CCCInstall_201411070625284176.log

2014-11-08 00:25 - 2014-11-08 00:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2014-11-08 00:25 - 2014-11-08 00:25 - 00000000 ____D () C:\Program Files (x86)\AMD AVT

2014-11-08 00:24 - 2014-11-08 00:25 - 00000000 ____D () C:\Program Files\ATI Technologies

2014-11-08 00:24 - 2014-11-08 00:24 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies

2014-11-08 00:23 - 2014-11-08 00:23 - 00059756 _____ () C:\Windows\SysWOW64\CCCInstall_201411070623001840.log

2014-11-08 00:22 - 2014-11-08 00:22 - 00000000 ____D () C:\Program Files\ATI

2014-11-08 00:16 - 2014-11-30 17:54 - 00000000 ____D () C:\Users\Peter\AppData\Local\Battle.net

2014-11-08 00:16 - 2014-11-30 17:54 - 00000000 ____D () C:\Program Files (x86)\Battle.net

2014-11-08 00:16 - 2014-11-08 00:16 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Battle.net

2014-11-08 00:16 - 2014-11-08 00:16 - 00000000 ____D () C:\Users\Peter\AppData\Local\Blizzard Entertainment

2014-11-08 00:16 - 2014-11-08 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net

2014-11-08 00:16 - 2014-11-08 00:16 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment

2014-11-08 00:15 - 2014-11-08 00:15 - 00000000 ____D () C:\ProgramData\Battle.net

2014-11-08 00:14 - 2014-11-08 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2014-11-08 00:14 - 2014-11-08 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alexbft

2014-11-08 00:14 - 2014-11-08 00:14 - 00000000 ____D () C:\Program Files (x86)\QuickTime

2014-11-08 00:14 - 2014-11-08 00:14 - 00000000 ____D () C:\Program Files (x86)\Chiitrans Lite

2014-11-08 00:13 - 2014-11-18 11:29 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Apple Computer

2014-11-08 00:13 - 2014-11-13 16:34 - 00000000 ____D () C:\Users\Peter\AppData\Local\Apple Computer

2014-11-08 00:13 - 2014-11-08 00:13 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2014-11-08 00:13 - 2014-11-08 00:13 - 00000000 ____D () C:\Windows\System32\Tasks\Apple

2014-11-08 00:13 - 2014-11-08 00:13 - 00000000 ____D () C:\Users\Peter\AppData\Local\Apple

2014-11-08 00:13 - 2014-11-08 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-11-08 00:13 - 2014-11-08 00:13 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7

2014-11-08 00:13 - 2014-11-08 00:13 - 00000000 ____D () C:\ProgramData\Apple Computer

2014-11-08 00:13 - 2014-11-08 00:13 - 00000000 ____D () C:\Program Files\iTunes

2014-11-08 00:13 - 2014-11-08 00:13 - 00000000 ____D () C:\Program Files\iPod

2014-11-08 00:13 - 2014-11-08 00:13 - 00000000 ____D () C:\Program Files\Common Files\Apple

2014-11-08 00:13 - 2014-11-08 00:13 - 00000000 ____D () C:\Program Files\Bonjour

2014-11-08 00:13 - 2014-11-08 00:13 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-11-08 00:13 - 2014-11-08 00:13 - 00000000 ____D () C:\Program Files (x86)\Bonjour

2014-11-08 00:13 - 2014-11-08 00:13 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update

2014-11-08 00:13 - 2012-10-04 10:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys

2014-11-08 00:12 - 2014-11-08 00:13 - 00000000 ____D () C:\ProgramData\Apple

2014-11-08 00:10 - 2014-12-06 12:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-11-08 00:10 - 2014-11-26 09:52 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-11-08 00:10 - 2014-11-08 00:10 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\SIX Networks

2014-11-08 00:10 - 2014-11-08 00:10 - 00000000 ____D () C:\Users\Peter\AppData\Local\SIX Networks

2014-11-08 00:10 - 2014-11-08 00:10 - 00000000 ____D () C:\Users\Peter\AppData\Local\IsolatedStorage

2014-11-08 00:10 - 2014-11-08 00:10 - 00000000 ____D () C:\ProgramData\SIX Networks

2014-11-08 00:09 - 2014-11-08 00:09 - 00000000 ____D () C:\Users\Peter\AppData\Local\Downloaded Installations

2014-11-07 23:49 - 2014-12-05 15:20 - 00000000 ____D () C:\Windows\Minidump

2014-11-07 23:20 - 2014-12-06 13:29 - 00000000 ___RD () C:\Users\Peter\Dropbox

2014-11-07 23:18 - 2014-11-16 08:49 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-11-07 23:15 - 2014-11-19 08:23 - 00000000 ____D () C:\Games

2014-11-07 23:10 - 2014-12-06 13:29 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Dropbox

2014-11-07 23:10 - 2014-11-20 11:17 - 00001144 _____ () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk

2014-11-07 23:10 - 2014-11-07 23:10 - 00000000 ____D () C:\Users\Peter\AppData\Local\LOOT

2014-11-07 23:10 - 2014-11-07 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOOT

2014-11-07 23:10 - 2014-11-07 23:10 - 00000000 ____D () C:\Program Files\MPC-HC

2014-11-07 23:10 - 2014-11-07 23:10 - 00000000 ____D () C:\Program Files\MediaInfo

2014-11-07 23:10 - 2014-11-07 23:10 - 00000000 ____D () C:\Program Files (x86)\LOOT

2014-11-07 23:09 - 2014-11-07 23:57 - 00000000 ____D () C:\Program Files (x86)\Origin Games

2014-11-07 23:07 - 2014-11-07 23:09 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Origin

2014-11-07 23:06 - 2014-12-05 21:57 - 00000000 ____D () C:\Users\Peter\AppData\Local\Origin

2014-11-07 23:05 - 2014-12-06 00:07 - 00000000 ____D () C:\ProgramData\Origin

2014-11-07 23:05 - 2014-12-05 21:57 - 00000000 ____D () C:\ProgramData\Electronic Arts

2014-11-07 23:04 - 2014-12-05 21:56 - 00000000 ____D () C:\Program Files (x86)\Origin

2014-11-07 23:02 - 2014-12-06 13:32 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Skype

2014-11-07 23:02 - 2014-11-07 23:02 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-11-07 23:02 - 2014-11-07 23:02 - 00000000 ____D () C:\Users\Peter\AppData\Local\Skype

2014-11-07 23:02 - 2014-11-07 23:02 - 00000000 ____D () C:\ProgramData\Skype

2014-11-07 23:02 - 2014-11-07 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2014-11-07 23:00 - 2014-12-06 13:28 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-11-07 23:00 - 2014-11-07 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2014-11-07 22:59 - 2014-11-07 22:59 - 00000000 ____D () C:\Users\Peter\AppData\Local\TeamSpeak 3 Client

2014-11-07 22:56 - 2014-12-01 10:42 - 00003364 _____ () C:\Windows\System32\Tasks\AutoPico Daily Restart

2014-11-07 22:56 - 2014-12-01 10:42 - 00000000 ____D () C:\Program Files\KMSpico

2014-11-07 22:56 - 2014-11-07 22:56 - 00004608 _____ () C:\Windows\SECOH-QAD.exe

2014-11-07 22:56 - 2014-11-07 22:56 - 00003584 _____ () C:\Windows\SECOH-QAD.dll

2014-11-07 22:56 - 2010-12-06 12:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll

2014-11-07 22:53 - 2014-11-07 22:53 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2014-11-07 22:53 - 2014-11-07 22:53 - 00000000 ____D () C:\ProgramData\Sun

2014-11-07 22:53 - 2014-11-07 22:53 - 00000000 ____D () C:\ProgramData\Oracle

2014-11-07 22:53 - 2014-11-07 22:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-11-07 22:53 - 2014-11-07 22:53 - 00000000 ____D () C:\Program Files\Java

2014-11-07 22:44 - 2014-11-07 22:44 - 00000000 ____D () C:\Users\Peter\AppData\Local\AMD

2014-11-07 22:43 - 2014-11-08 00:25 - 00000000 ____D () C:\ProgramData\AMD

2014-11-07 22:43 - 2014-11-07 22:43 - 00060601 _____ () C:\Windows\SysWOW64\CCCInstall_201411070443313995.log

2014-11-07 22:43 - 2014-11-07 22:43 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\ATI

2014-11-07 22:43 - 2014-11-07 22:43 - 00000000 ____D () C:\Users\Peter\AppData\Local\ATI

2014-11-07 22:42 - 2014-11-18 13:15 - 00000000 ____D () C:\ProgramData\Package Cache

2014-11-07 22:42 - 2014-11-08 00:23 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies

2014-11-07 22:42 - 2014-11-07 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2014-11-07 22:42 - 2014-11-07 22:42 - 00000000 ____D () C:\Program Files\7-Zip

2014-11-07 22:41 - 2014-11-08 00:19 - 00000000 ____D () C:\AMD

2014-11-07 22:41 - 2014-11-07 22:41 - 00000000 ____D () C:\Program Files\AMD

2014-11-07 22:41 - 2014-11-07 22:41 - 00000000 _____ () C:\Windows\ativpsrm.bin

2014-11-07 22:28 - 2014-12-06 13:30 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\ClassicShell

2014-11-07 22:28 - 2014-12-03 23:38 - 00000000 ____D () C:\Users\Peter\Desktop\Things

2014-11-07 22:28 - 2014-11-07 22:28 - 00000000 ____D () C:\ProgramData\ClassicShell

2014-11-07 22:27 - 2014-11-07 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell

2014-11-07 22:27 - 2014-11-07 22:27 - 00000000 ____D () C:\Program Files\Classic Shell

2014-11-07 22:24 - 2014-12-05 17:32 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-193590417-541393071-4071897925-1001

2014-11-07 22:23 - 2014-11-07 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-11-07 22:22 - 2014-12-06 13:34 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-11-07 22:22 - 2014-12-06 13:29 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-11-07 22:22 - 2014-12-03 15:37 - 01496524 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-11-07 22:22 - 2014-11-14 19:29 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-11-07 22:22 - 2014-11-14 19:29 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-11-07 22:22 - 2014-11-08 00:29 - 00000000 ____D () C:\Users\Peter\AppData\Local\Google

2014-11-07 22:22 - 2014-11-08 00:29 - 00000000 ____D () C:\Program Files (x86)\Google

2014-11-07 22:21 - 2014-11-07 22:21 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Macromedia

2014-11-07 22:19 - 2014-12-06 00:07 - 00000000 ____D () C:\Users\Peter

2014-11-07 22:19 - 2014-11-27 15:53 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Adobe

2014-11-07 22:19 - 2014-11-07 22:20 - 00000000 ____D () C:\Users\Peter\AppData\Local\Packages

2014-11-07 22:19 - 2014-11-07 22:19 - 00001442 _____ () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-11-07 22:19 - 2014-11-07 22:19 - 00000020 ___SH () C:\Users\Peter\ntuser.ini

2014-11-07 22:19 - 2014-11-07 22:19 - 00000000 ____D () C:\Users\Peter\AppData\Local\VirtualStore

2014-11-07 22:19 - 2013-08-23 01:36 - 00000000 ___RD () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-07 22:19 - 2013-08-23 01:36 - 00000000 ___RD () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-11-07 22:19 - 2013-08-23 01:36 - 00000000 ___RD () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-11-07 22:19 - 2013-08-23 01:36 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-11-07 22:18 - 2014-11-07 22:18 - 00000000 ____D () C:\Windows\CSC

2014-11-07 22:18 - 2014-08-16 12:55 - 02407936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll

2014-11-07 21:06 - 2014-11-07 23:15 - 00000000 ____D () C:\Users\Peter\Documents\Rockstar Games

2014-11-07 21:06 - 2014-08-30 19:37 - 00002653 _____ () C:\Users\Peter\Documents\Unigine_Valley_Benchmark_1.0_20140830_1937.html

2014-11-07 21:06 - 2014-08-30 19:32 - 00002800 _____ () C:\Users\Peter\Documents\Unigine_Heaven_Benchmark_4.0_20140830_1932.html

2014-11-07 21:06 - 2014-08-30 19:26 - 00003357 _____ () C:\Users\Peter\Documents\unigine_20140830_1926.html

2014-11-07 21:06 - 2014-08-30 19:22 - 00003458 _____ () C:\Users\Peter\Documents\unigine_20140830_1922.html

2014-11-07 21:05 - 2014-11-19 08:57 - 00000000 ____D () C:\Users\Peter\Documents\my games

2014-11-07 21:05 - 2014-11-07 23:15 - 00000000 ____D () C:\Users\Peter\Documents\Remedy

2014-11-07 21:05 - 2014-11-07 23:15 - 00000000 ____D () C:\Users\Peter\Documents\nbgi

2014-11-07 21:02 - 2014-11-18 15:01 - 00000000 ____D () C:\Users\Peter\Documents\ArmA 2

2014-11-07 21:02 - 2014-11-07 23:15 - 00000000 ____D () C:\Users\Peter\Documents\BFBC2

2014-11-07 21:02 - 2014-11-07 23:15 - 00000000 ____D () C:\Users\Peter\Documents\Arma 3

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 13:27 - 2013-08-23 00:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-12-06 13:00 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\sru

2014-12-02 12:24 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\rescache

2014-12-02 12:08 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\AppReadiness

2014-12-01 15:47 - 2013-08-23 01:20 - 00000000 ____D () C:\Windows\CbsTemp

2014-11-30 16:13 - 2013-08-23 05:11 - 00000000 ____D () C:\Program Files\Windows Journal

2014-11-30 16:13 - 2013-08-23 05:09 - 00000000 ____D () C:\Windows\SysWOW64\winrm

2014-11-30 16:13 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\WinStore

2014-11-30 16:13 - 2013-08-23 01:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer

2014-11-30 16:13 - 2013-08-23 01:36 - 00000000 ____D () C:\Program Files\Windows Defender

2014-11-30 16:13 - 2013-08-23 01:36 - 00000000 ____D () C:\Program Files\Common Files\System

2014-11-30 16:13 - 2013-08-23 01:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer

2014-11-30 16:13 - 2013-08-23 01:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-11-30 16:13 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe

2014-11-30 16:13 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\servicing

2014-11-30 16:12 - 2013-08-23 05:09 - 00000000 ____D () C:\Windows\SysWOW64\WCN

2014-11-30 16:12 - 2013-08-23 05:09 - 00000000 ____D () C:\Windows\SysWOW64\slmgr

2014-11-30 16:12 - 2013-08-23 05:09 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts

2014-11-30 16:12 - 2013-08-23 05:09 - 00000000 ____D () C:\Windows\system32\winrm

2014-11-30 16:12 - 2013-08-23 05:09 - 00000000 ____D () C:\Windows\system32\slmgr

2014-11-30 16:12 - 2013-08-23 01:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel

2014-11-30 16:12 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI

2014-11-30 16:12 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\SysWOW64\Com

2014-11-30 16:12 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\migwiz

2014-11-30 16:12 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-11-30 16:12 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\IME

2014-11-30 16:12 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-11-30 16:12 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\Sysprep

2014-11-30 16:12 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\oobe

2014-11-30 16:11 - 2013-08-23 05:09 - 00000000 ____D () C:\Windows\system32\WCN

2014-11-30 16:11 - 2013-08-23 05:09 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts

2014-11-30 16:11 - 2013-08-23 01:36 - 00000000 ___SD () C:\Windows\system32\dsc

2014-11-30 16:11 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform

2014-11-30 16:11 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\MUI

2014-11-30 16:11 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\Com

2014-11-30 16:11 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\Help

2014-11-30 16:11 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\FileManager

2014-11-30 16:11 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\Dism

2014-11-27 17:18 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\NDF

2014-11-27 13:21 - 2013-08-23 00:44 - 05102176 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-11-21 06:51 - 2013-08-23 01:38 - 00714208 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-11-21 06:51 - 2013-08-23 01:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-11-16 02:26 - 2013-08-22 23:25 - 00262144 ___SH () C:\Windows\system32\config\BBI

2014-11-16 02:24 - 2013-08-23 01:36 - 00000000 ___RD () C:\Windows\ToastData

2014-11-16 02:24 - 2013-08-23 01:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-11-16 02:24 - 2013-08-23 01:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-11-16 02:24 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\SysWOW64\setup

2014-11-16 02:24 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod

2014-11-16 02:24 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\setup

2014-11-15 10:15 - 2013-08-22 23:25 - 00000167 _____ () C:\Windows\win.ini

2014-11-15 10:12 - 2013-08-23 01:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-11-13 07:38 - 2013-08-23 01:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-13 07:38 - 2013-08-23 01:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-11 21:49 - 2013-08-23 05:11 - 00000000 ____D () C:\Windows\ShellNew

2014-11-11 21:33 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\MediaViewer

2014-11-11 21:33 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\Camera

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\zh-HK

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\uk-UA

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\tr-TR

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\th-TH

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\sl-SI

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\sk-SK

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\ro-RO

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\lv-LV

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\lt-LT

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\hr-HR

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\he-IL

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\et-EE

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\en-GB

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\bg-BG

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\ar-SA

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices

2014-11-10 00:42 - 2013-08-23 01:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform

2014-11-09 10:14 - 2013-08-22 23:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM

2014-11-08 16:15 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\Recovery

2014-11-08 16:12 - 2013-08-23 01:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template

2014-11-08 15:05 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates

2014-11-08 03:26 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\LiveKernelReports

2014-11-07 22:26 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\restore

Some content of TEMP:

====================

C:\Users\Peter\AppData\Local\Temp\dllnt_dump.dll

C:\Users\Peter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpks2gvi.dll

C:\Users\Peter\AppData\Local\Temp\Quarantine.exe

C:\Users\Peter\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-06 12:10

==================== End Of Log ============================

yesame · Dec 5, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014

Ran by Peter at 2014-12-06 13:36:44

Running from C:\Users\Peter\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)

Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)

AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)

Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)

Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)

Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)

Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)

Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)

Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)

BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )

Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)

CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)

Chiitrans Lite (HKLM-x32\...\{B42E1E97-D421-4D2C-8DB0-FD06B9A9E088}) (Version: 1.00.0000 - alexbft)

Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)

Crusader No Remorse (HKLM-x32\...\{2AEA735F-B393-4D89-93EF-5849CB72B4A3}) (Version: 1.0.0.2 - Electronic Arts)

CyberGamer Anti-Cheat (HKLM-x32\...\{7504BB46-325E-4417-8FAF-B2B40CD7A377}) (Version: 1.50.5000 - CyberGamer)

Dropbox (HKU\S-1-5-21-193590417-541393071-4071897925-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)

Far Cry 4 (HKLM-x32\...\Far Cry 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)

FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )

Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)

Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Halo Combat Evolved (HKLM-x32\...\Halo Combat Evolved) (Version: - )

HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)

JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)

KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )

LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )

League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)

League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden

LOOT (HKLM-x32\...\LOOT) (Version: 0.6.0 - LOOT Development Team)

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47CD-87CD-13E68B676E4F}) (Version: 1.2.20608.0 - Electronic Arts)

Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)

MediaInfo 0.7.71 (HKLM\...\MediaInfo) (Version: 0.7.71 - MediaArea.net)

Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)

Microsoft Halo Custom Edition (HKLM-x32\...\Halo CE) (Version: - )

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )

Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)

MKVToolNix 7.3.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.3.0 - Moritz Bunkus)

Mp3tag v2.65a (HKLM-x32\...\Mp3tag) (Version: v2.65a - Florian Heidenreich)

MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )

Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)

osu! (HKLM-x32\...\{edf541d5-bba3-45c4-bff9-f3b3322aaf22}) (Version: latest - ppy Pty Ltd)

Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)

PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)

PlanetSide 2 (HKU\S-1-5-21-193590417-541393071-4071897925-1001\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)

Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)

PPSSPP version 0.9.8 (HKLM-x32\...\PPSSPP_is1) (Version: 0.9.8 - )

Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)

Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)

QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)

QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden

Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.104 - Skype Technologies S.A.)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

TeamSpeak 3 Client (HKU\S-1-5-21-193590417-541393071-4071897925-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)

The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)

This War of Mine (HKLM-x32\...\{5FD7B6B3-08C7-4FEE-9C37-A2134C699885}}_is1) (Version: 1 - 11 bit studios)

Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)

Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)

Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-193590417-541393071-4071897925-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-193590417-541393071-4071897925-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-193590417-541393071-4071897925-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-193590417-541393071-4071897925-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-193590417-541393071-4071897925-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-193590417-541393071-4071897925-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-193590417-541393071-4071897925-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-193590417-541393071-4071897925-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-193590417-541393071-4071897925-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

25-11-2014 08:36:06 Scheduled Checkpoint

30-11-2014 06:00:53 Windows Update

06-12-2014 00:33:16 MBAM rootkit removal

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 23:25 - 2013-08-22 23:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {13B9C424-A721-47E1-B417-AB640B7D91E6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {1A3590FF-97FD-4848-945D-13BEDFDFAAA8} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {3ADC2E48-9975-4AA4-8CE9-D60522A6E644} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {403150F4-04E4-419E-AFEB-F1D9168D71C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {4FCF1B96-808D-4D89-834B-27DBCEF77599} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)

Task: {685CE2E8-9D61-4360-BC0E-660DC3A6A705} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: {6EA29D92-0A37-4B49-B526-157ADEA72864} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-11-12] (Microsoft Corporation)

Task: {71AD87E0-11B6-4ACD-A4A0-0B724EE5704C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)

Task: {7ABFBCAC-6A74-460F-BA6A-FE9938EE7865} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {7E70ABB6-44C3-4805-B83A-3E60257B9A52} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {91991597-B75D-4F0E-8C2D-2D22768C3EB5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)

Task: {B7582A68-82D8-432C-A8D1-E80CEEC84B5D} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-10-26] (@ByELDI)

Task: {CFFDE5DB-873A-4A61-A3A4-0BD3EE7036B5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

Task: {EDC031EF-64B5-4EFC-8871-F9368CB02F54} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2014-11-13] ()

Task: {F7E49863-EE44-4A8E-9B23-E789FDFB2B02} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)

Task: {FE7AF4BB-BB5A-4D99-B08D-2770EEECF706} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-16 12:13 - 2014-09-16 12:13 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll

2014-02-12 01:08 - 2014-02-12 01:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll

2014-02-12 01:08 - 2014-02-12 01:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll

2014-11-08 09:12 - 2014-12-05 22:09 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2014-11-13 16:33 - 2014-11-13 16:33 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe

2014-09-16 12:13 - 2014-09-16 12:13 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe

2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2014-11-27 01:37 - 2014-11-25 15:48 - 01408328 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll

2014-11-27 01:37 - 2014-11-25 15:48 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll

2014-11-27 01:37 - 2014-11-25 15:48 - 10689352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll

2014-11-27 01:37 - 2014-11-25 15:48 - 01856840 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll

2014-11-27 01:37 - 2014-11-25 15:48 - 26722120 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll

2014-10-12 07:06 - 2014-10-12 07:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-12 07:05 - 2014-10-12 07:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-11-07 23:34 - 2014-11-12 04:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll

2014-11-07 23:34 - 2014-11-12 04:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll

2014-11-07 23:34 - 2014-11-12 04:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll

2014-11-07 23:34 - 2014-11-12 04:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2014-11-07 23:34 - 2014-11-19 06:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll

2014-11-07 23:34 - 2014-11-12 04:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll

2014-11-07 23:34 - 2014-11-12 04:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll

2014-11-07 23:34 - 2014-11-19 06:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2014-12-06 13:29 - 2014-12-06 13:29 - 00043008 _____ () c:\users\peter\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpks2gvi.dll

2013-08-24 05:01 - 2013-08-24 05:01 - 25100288 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\libcef.dll

2014-11-07 23:34 - 2014-11-12 04:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2014-12-06 13:30 - 2014-12-06 13:30 - 00012800 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so

2014-12-06 13:30 - 2014-12-06 13:30 - 00009728 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so

2014-12-06 13:30 - 2014-12-06 13:30 - 00014848 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so

2014-12-06 13:28 - 2014-12-06 13:28 - 00094208 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\src\rgloader\rgloader193.mswin.so

2014-12-06 13:30 - 2014-12-06 13:30 - 00009216 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so

2014-12-06 13:30 - 2014-12-06 13:30 - 00094208 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so

2014-12-06 13:30 - 2014-12-06 13:30 - 00126976 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so

2014-12-06 13:30 - 2014-12-06 13:30 - 00087552 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so

2014-12-06 13:30 - 2014-12-06 13:30 - 00016384 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so

2014-12-06 13:30 - 2014-12-06 13:30 - 00127316 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\bin\libffi-6.dll

2014-12-06 13:30 - 2014-12-06 13:30 - 00008704 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so

2014-12-06 13:30 - 2014-12-06 13:30 - 00013312 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so

2014-12-06 13:30 - 2014-12-06 13:30 - 00095744 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so

2014-12-06 13:30 - 2014-12-06 13:31 - 00026624 _____ () C:\Users\Peter\AppData\Local\Temp\ocr467A.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00012800 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00009728 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00014848 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00094208 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\src\rgloader\rgloader193.mswin.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00094208 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00118784 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00069120 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00083968 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\bin\zlib1.dll

2014-12-06 13:31 - 2014-12-06 13:31 - 00026624 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00275968 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00015360 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00008192 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00009216 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00023552 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00008704 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00008704 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00008704 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00008704 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00036352 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00126976 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00087552 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00016384 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00127316 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\bin\libffi-6.dll

2014-12-06 13:31 - 2014-12-06 13:31 - 00013312 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00095744 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so

2014-12-06 13:31 - 2014-12-06 13:31 - 00026624 _____ () C:\Users\Peter\AppData\Local\Temp\ocrF1C4.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so

2014-11-13 16:33 - 2014-11-13 16:33 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll

2014-11-13 16:33 - 2014-11-13 16:33 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-193590417-541393071-4071897925-500 - Administrator - Disabled)

Guest (S-1-5-21-193590417-541393071-4071897925-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-193590417-541393071-4071897925-1005 - Limited - Enabled)

Peter (S-1-5-21-193590417-541393071-4071897925-1001 - Administrator - Enabled) => C:\Users\Peter

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

System errors:

=============

Microsoft Office Sessions:

=========================

CodeIntegrity Errors:

===================================

Date: 2014-12-06 11:37:24.013

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-05 02:57:46.467

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-04 13:35:24.391

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-04 12:10:49.121

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-03 02:04:20.621

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-02 12:13:48.319

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-30 17:00:45.128

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-30 15:24:08.425

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-28 11:31:49.507

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-26 14:07:17.267

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 955 Processor

Percentage of memory in use: 47%

Total physical RAM: 4095.23 MB

Available physical RAM: 2130.98 MB

Total Pagefile: 8191.23 MB

Available Pagefile: 5781.2 MB

Total Virtual: 131072 MB

Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:185.95 GB) NTFS

Drive d: (Stevo) (Fixed) (Total:2794.39 GB) (Free:916.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A95564C6)

Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Broni · Dec 5, 2014

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

yesame · Dec 5, 2014

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2014
Ran by Peter at 2014-12-06 14:08:42 Run:1
Running from C:\Users\Peter\Desktop
Loaded Profile: Peter (Available profiles: Peter)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-193590417-541393071-4071897925-1001\...\Run: [AdobeBridge] => [X]
CHR StartupUrls: Default -> "hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AU&userid=05a4263e-dec7-4658-98a6-86923de245fb&searchtype=hp"
CHR HKU\S-1-5-21-193590417-541393071-4071897925-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
S3 WinRing0_1_2_0; \??\C:\Users\Peter\Desktop\Things\Programs\OpenHardwareMonitor\OpenHardwareMonitor.sys [X]
C:\Users\Peter\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Peter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpks2gvi.dll
C:\Users\Peter\AppData\Local\Temp\Quarantine.exe
C:\Users\Peter\AppData\Local\Temp\sqlite3.dll

*****************

HKU\S-1-5-21-193590417-541393071-4071897925-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
Chrome StartupUrls deleted successfully.
"HKU\S-1-5-21-193590417-541393071-4071897925-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => Key deleted successfully.
WinRing0_1_2_0 => Service deleted successfully.
C:\Users\Peter\AppData\Local\Temp\dllnt_dump.dll => Moved successfully.
C:\Users\Peter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpks2gvi.dll => Moved successfully.
C:\Users\Peter\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Peter\AppData\Local\Temp\sqlite3.dll => Moved successfully.

==== End of Fixlog ====

Broni · Dec 5, 2014

Last scans...

Download Security Check from here or here and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center
- Windows Update
- Windows Defender
- Other Services
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

Double click the icon and select Run
Click Next
Select I accept the terms in this license agreement, then click Next twice
Click Install
Click Finish to launch the program
Once the virus database has been updated click Start Scanning
If any threats are found click Details, then View log file... (bottom left hand corner)
Copy and paste the results in your reply
Close the Notepad document, close the Threat Details screen, then click Start cleanup
Click Exit to close the program

yesame · Dec 6, 2014

Results of screen317's Security Check version 0.99.91
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
`````````Anti-malware/Other Utilities Check:`````````
Java version 32-bit out of Date!
Adobe Flash Player 15.0.0.239
Google Chrome 38.0.2125.111 Google Chrome out of date!
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

yesame · Dec 6, 2014

Farbar Service Scanner Version: 21-07-2014
Ran by Peter (administrator) on 06-12-2014 at 15:07:37
Running from "C:\Users\Peter\Desktop"
Microsoft Windows 8.1 Pro (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

yesame · Dec 6, 2014

Google chrome says it's up to date
http://I.imgur.com/4qAn4g3.png
and I don't have a 32 bit java installed.
Sophos is going to take a while to complete :^)

yesame · Dec 6, 2014

2014-12-06 05:11:03.077 Sophos Virus Removal Tool version 2.5.4
2014-12-06 05:11:03.078 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2014-12-06 05:11:03.078 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2014-12-06 05:11:03.078 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 WOW64
2014-12-06 05:11:03.079 Checking for updates...
2014-12-06 05:11:03.090 Update progress: proxy server not available
2014-12-06 05:11:10.038 Option all = no
2014-12-06 05:11:10.038 Option recurse = yes
2014-12-06 05:11:10.038 Option archive = no
2014-12-06 05:11:10.039 Option service = yes
2014-12-06 05:11:10.039 Option confirm = yes
2014-12-06 05:11:10.039 Option sxl = yes
2014-12-06 05:11:10.040 Option max-data-age = 35
2014-12-06 05:11:10.040 Option EnableSafeClean = yes
2014-12-06 05:11:11.745 Option vdl-logging = yes
2014-12-06 05:11:11.750 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2014-12-06 05:11:11.750 Machine ID: dcc3a8405ef445959716cdd1ea3c0f16
2014-12-06 05:11:11.751 Component SVRTcli.exe version 2.5.4
2014-12-06 05:11:11.751 Component control.dll version 2.5.4
2014-12-06 05:11:11.751 Component SVRTservice.exe version 2.5.4
2014-12-06 05:11:11.751 Component engine\osdp.dll version 1.44.1.2183
2014-12-06 05:11:11.751 Component engine\veex.dll version 3.58.3.2183
2014-12-06 05:11:11.751 Component engine\savi.dll version 8.1.5.2183
2014-12-06 05:11:11.752 Component rkdisk.dll version 1.5.30.0
2014-12-06 05:11:11.752 Version info: Product version 2.5.4
2014-12-06 05:11:11.752 Version info: Detection engine 3.58.3
2014-12-06 05:11:11.752 Version info: Detection data 5.08
2014-12-06 05:11:11.752 Version info: Build date 11/11/2014
2014-12-06 05:11:11.752 Version info: Data files added 343
2014-12-06 05:11:11.752 Version info: Last successful update (not yet updated)
2014-12-06 05:11:50.670 Downloading updates...
2014-12-06 05:11:50.672 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2014-12-06 05:11:50.672 Update progress: [I49502] Found supplement SAVIW32 LATEST
2014-12-06 05:11:50.672 Update progress: [I49502] Found supplement IDE509 LATEST
2014-12-06 05:11:50.672 Update progress: [I49502] Found supplement IDE510 LATEST
2014-12-06 05:11:50.672 Update progress: [I49502] Found supplement IDE511 LATEST
2014-12-06 05:11:50.672 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2014-12-06 05:11:50.672 Update progress: [I19463] Syncing product SAVIW32 48
2014-12-06 05:11:59.610 Update progress: [I19463] Syncing product IDE509 177
2014-12-06 05:11:59.943 Update progress: [I19463] Syncing product IDE510 169
2014-12-06 05:12:00.455 Installing updates...
2014-12-06 05:12:01.061 Error level 1
2014-12-06 05:12:01.094 Update progress: [I19463] Syncing product IDE511 1
2014-12-06 05:12:11.628 Update successful
2014-12-06 05:12:20.157 Option all = no
2014-12-06 05:12:20.157 Option recurse = yes
2014-12-06 05:12:20.157 Option archive = no
2014-12-06 05:12:20.157 Option service = yes
2014-12-06 05:12:20.157 Option confirm = yes
2014-12-06 05:12:20.157 Option sxl = yes
2014-12-06 05:12:20.159 Option max-data-age = 35
2014-12-06 05:12:20.159 Option EnableSafeClean = yes
2014-12-06 05:12:20.317 Option vdl-logging = yes
2014-12-06 05:12:20.324 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2014-12-06 05:12:20.324 Machine ID: dcc3a8405ef445959716cdd1ea3c0f16
2014-12-06 05:12:20.325 Component SVRTcli.exe version 2.5.4
2014-12-06 05:12:20.325 Component control.dll version 2.5.4
2014-12-06 05:12:20.325 Component SVRTservice.exe version 2.5.4
2014-12-06 05:12:20.325 Component engine\osdp.dll version 1.44.1.2183
2014-12-06 05:12:20.325 Component engine\veex.dll version 3.58.3.2183
2014-12-06 05:12:20.325 Component engine\savi.dll version 8.1.5.2183
2014-12-06 05:12:20.325 Component rkdisk.dll version 1.5.30.0
2014-12-06 05:12:20.325 Version info: Product version 2.5.4
2014-12-06 05:12:20.326 Version info: Detection engine 3.58.3
2014-12-06 05:12:20.326 Version info: Detection data 5.08G
2014-12-06 05:12:20.326 Version info: Build date 11/11/2014
2014-12-06 05:12:20.326 Version info: Data files added 344
2014-12-06 05:12:20.326 Version info: Last successful update 12/6/2014 3:12:11 PM

2014-12-06 05:18:01.880 >>> Virus 'Troj/Delf-FNL' found in file D:\stuff\programs\plugins etc\After Effects\Red Giant - Trapcode Suite 12.1 - 2010kaiser\Crack - Key-Gen - Serials\Key-Gen\TC3.exe
2014-12-06 05:18:02.327 >>> Virus 'Troj/Delf-FNL' found in file D:\stuff\programs\plugins etc\After Effects\Red Giant - Trapcode Suite 12.1 - 2010kaiser\Crack - Key-Gen - Serials\Key-Gen\TCE.exe
2014-12-06 05:18:02.847 >>> Virus 'Troj/Delf-FNL' found in file D:\stuff\programs\plugins etc\After Effects\Red Giant - Trapcode Suite 12.1 - 2010kaiser\Crack - Key-Gen - Serials\Key-Gen\TCG.exe
2014-12-06 05:18:03.256 >>> Virus 'Troj/Delf-FNL' found in file D:\stuff\programs\plugins etc\After Effects\Red Giant - Trapcode Suite 12.1 - 2010kaiser\Crack - Key-Gen - Serials\Key-Gen\TCH.exe
2014-12-06 05:18:03.662 >>> Virus 'Troj/Delf-FNL' found in file D:\stuff\programs\plugins etc\After Effects\Red Giant - Trapcode Suite 12.1 - 2010kaiser\Crack - Key-Gen - Serials\Key-Gen\TCK.exe
2014-12-06 05:18:04.110 >>> Virus 'Troj/Delf-FNL' found in file D:\stuff\programs\plugins etc\After Effects\Red Giant - Trapcode Suite 12.1 - 2010kaiser\Crack - Key-Gen - Serials\Key-Gen\TCL.exe
2014-12-06 05:18:04.660 >>> Virus 'Troj/Delf-FNL' found in file D:\stuff\programs\plugins etc\After Effects\Red Giant - Trapcode Suite 12.1 - 2010kaiser\Crack - Key-Gen - Serials\Key-Gen\TCP.exe
2014-12-06 05:18:05.068 >>> Virus 'Troj/Delf-FNL' found in file D:\stuff\programs\plugins etc\After Effects\Red Giant - Trapcode Suite 12.1 - 2010kaiser\Crack - Key-Gen - Serials\Key-Gen\TCS.exe
2014-12-06 06:50:51.924 Could not open C:\hiberfil.sys
2014-12-06 06:50:52.743 Could not open C:\pagefile.sys
2014-12-06 07:14:42.799 Could not open C:\swapfile.sys
2014-12-06 07:14:43.049 Could not open C:\System Volume Information\{0db1d6ed-7837-11e4-828b-d0509907a9cf}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-06 07:14:43.051 Could not open C:\System Volume Information\{309c4819-7388-11e4-8280-d0509907a9cf}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-06 07:14:43.052 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-06 07:14:43.053 Could not open C:\System Volume Information\{71c11bb2-7c3e-11e4-8299-d0509907a9cf}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-06 07:15:00.664 Could not open C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Current Session
2014-12-06 07:15:00.665 Could not open C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
2014-12-06 07:15:00.710 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOCK (virus scan failed)
2014-12-06 07:15:00.727 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK (virus scan failed)
2014-12-06 07:15:11.275 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil\LOCK (virus scan failed)
2014-12-06 07:15:11.288 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh\LOCK (virus scan failed)
2014-12-06 07:15:12.250 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK (virus scan failed)
2014-12-06 07:15:12.587 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Sync App Settings\bebigdkelppomhhjaaianniiifjbgocn\LOCK (virus scan failed)
2014-12-06 07:15:12.606 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil\LOCK (virus scan failed)
2014-12-06 07:27:06.601 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2014-12-06 07:27:06.602 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2014-12-06 07:27:08.540 Could not open C:\Windows\System32\config\BBI
2014-12-06 07:27:08.630 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2014-12-06 07:27:08.649 Could not open C:\Windows\System32\config\RegBack\SAM
2014-12-06 07:27:08.652 Could not open C:\Windows\System32\config\RegBack\SECURITY
2014-12-06 07:27:08.660 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2014-12-06 07:27:08.672 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2014-12-06 07:42:56.831 >>> Virus 'Mal/VMProtBad-A' found in file D:\Game ISO's\Call of Duty 9 - Black Ops II\Call of Duty Black Ops II Update 1 and 2\SKIDROW\buddha.dll
2014-12-06 07:42:56.831 >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:42:56.832 >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:43:04.031 >>> Virus 'Mal/VMProtBad-A' found in file D:\Game ISO's\Call of Duty 9 - Black Ops II\Call of Duty Black Ops II Update 3\SKIDROW\buddha.dll
2014-12-06 07:43:04.033 >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:43:04.034 >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:43:49.537 >>> Virus 'Mal/Chifrax-A' found in file D:\Game ISO's\The Binding of Isaac v1.0r10\The Binding of Isaac.exe
2014-12-06 07:43:49.538 >>> Virus 'Mal/Chifrax-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:43:49.539 >>> Virus 'Mal/Chifrax-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:43:54.008 >>> Virus 'Mal/Chifrax-A' found in file D:\Game ISO's\The Binding of Isaac Wrath of the Lamb v1.48\The Binding of Isaac - Wrath of the Lamb.exe
2014-12-06 07:43:54.009 >>> Virus 'Mal/Chifrax-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:43:54.010 >>> Virus 'Mal/Chifrax-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:45:23.750 >>> Virus 'Troj/Agent-RCG' found in file D:\stuff\programs\3ds max 2012\xf-adesk2012x32.exe
2014-12-06 07:45:23.751 >>> Virus 'Troj/Agent-RCG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:45:23.752 >>> Virus 'Troj/Agent-RCG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:45:26.232 >>> Virus 'Troj/Agent-RCG' found in file D:\stuff\programs\3ds max 2012\xf-adesk2012x64.exe
2014-12-06 07:45:26.233 >>> Virus 'Troj/Agent-RCG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:45:26.233 >>> Virus 'Troj/Agent-RCG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:45:42.860 >>> Virus 'Mal/KeyGen-A' found in file D:\stuff\programs\Corel Paintshop Pro X6 16.0.0.113 (keygen X-Force) [ChingLiu]\Keygen X-Force\Keygen.exe
2014-12-06 07:45:42.860 >>> Virus 'Mal/KeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:45:42.861 >>> Virus 'Mal/KeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:45:47.275 >>> Virus 'Troj/Delf-FNL' found in file D:\stuff\programs\plugins etc\After Effects\Red Giant - Trapcode Suite 12.1 - 2010kaiser\Crack - Key-Gen - Serials\Key-Gen\TCF.exe
2014-12-06 07:45:47.276 >>> Virus 'Troj/Delf-FNL' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:45:47.278 >>> Virus 'Troj/Delf-FNL' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:45:49.857 >>> Virus 'Troj/Delf-FNL' found in file D:\stuff\programs\plugins etc\After Effects\Red Giant - Trapcode Suite 12.1 - 2010kaiser\Crack - Key-Gen - Serials\Key-Gen\TCM.exe
2014-12-06 07:45:49.859 >>> Virus 'Troj/Delf-FNL' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:45:49.860 >>> Virus 'Troj/Delf-FNL' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:46:22.551 >>> Virus 'Troj/Agent-WFN' found in file D:\stuff\programs\Sony Vegas Pro 13.0 build 310 (64 bit) (patch KHG) [ChingLiu]\Patch KHG\vegas.pro.13.0.(64-bit)-patch.exe
2014-12-06 07:46:22.552 >>> Virus 'Troj/Agent-WFN' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:46:22.553 >>> Virus 'Troj/Agent-WFN' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 07:46:26.506 The following items will be cleaned up:
2014-12-06 07:46:26.506 Mal/VMProtBad-A
2014-12-06 07:46:26.506 Mal/Chifrax-A
2014-12-06 07:46:26.506 Troj/Agent-RCG
2014-12-06 07:46:26.507 Mal/KeyGen-A
2014-12-06 07:46:26.507 Troj/Delf-FNL
2014-12-06 07:46:26.507 Troj/Agent-WFN
2014-12-06 07:46:26.507 Troj/Delf-FNL
2014-12-06 07:46:26.507 Troj/Delf-FNL
2014-12-06 07:46:26.507 Troj/Delf-FNL
2014-12-06 07:46:26.507 Troj/Delf-FNL
2014-12-06 07:46:26.507 Troj/Delf-FNL
2014-12-06 07:46:26.507 Troj/Delf-FNL
2014-12-06 07:46:26.507 Troj/Delf-FNL
2014-12-06 07:46:26.507 Troj/Delf-FNL
2014-12-06 08:55:22.965 Sophos Virus Removal Tool version 2.5.4
2014-12-06 08:55:22.965 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

2014-12-06 08:55:22.965 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2014-12-06 08:55:22.965 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 WOW64
2014-12-06 08:55:22.966 Checking for updates...
2014-12-06 08:55:22.972 Update progress: proxy server not available
2014-12-06 08:55:38.942 Option all = no
2014-12-06 08:55:38.942 Option recurse = yes
2014-12-06 08:55:38.942 Option archive = no
2014-12-06 08:55:38.942 Option service = yes
2014-12-06 08:55:38.942 Option confirm = yes
2014-12-06 08:55:38.942 Option sxl = yes
2014-12-06 08:55:38.944 Option max-data-age = 35
2014-12-06 08:55:38.944 Option EnableSafeClean = yes
2014-12-06 08:55:39.919 Option vdl-logging = yes
2014-12-06 08:55:39.925 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2014-12-06 08:55:39.925 Machine ID: dcc3a8405ef445959716cdd1ea3c0f16
2014-12-06 08:55:40.276 Component SVRTcli.exe version 2.5.4
2014-12-06 08:55:40.276 Component control.dll version 2.5.4
2014-12-06 08:55:40.277 Component SVRTservice.exe version 2.5.4
2014-12-06 08:55:40.277 Component engine\osdp.dll version 1.44.1.2183
2014-12-06 08:55:40.277 Component engine\veex.dll version 3.58.3.2183
2014-12-06 08:55:40.277 Component engine\savi.dll version 8.1.5.2183
2014-12-06 08:55:40.421 Component rkdisk.dll version 1.5.30.0
2014-12-06 08:55:40.421 Version info: Product version 2.5.4
2014-12-06 08:55:40.422 Version info: Detection engine 3.58.3
2014-12-06 08:55:40.422 Version info: Detection data 5.08G
2014-12-06 08:55:40.422 Version info: Build date 11/11/2014
2014-12-06 08:55:40.422 Version info: Data files added 344
2014-12-06 08:55:40.422 Version info: Last successful update 12/6/2014 3:12:11 PM
2014-12-06 08:55:56.925 Update not required

2014-12-06 10:56:58.989 Could not open C:\hiberfil.sys
2014-12-06 10:56:59.934 Could not open C:\pagefile.sys
2014-12-06 11:20:51.671 Could not open C:\swapfile.sys
2014-12-06 11:20:52.063 Could not open C:\System Volume Information\{0db1d6ed-7837-11e4-828b-d0509907a9cf}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-06 11:20:52.065 Could not open C:\System Volume Information\{309c4819-7388-11e4-8280-d0509907a9cf}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-06 11:20:52.065 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-06 11:20:52.066 Could not open C:\System Volume Information\{71c11bb2-7c3e-11e4-8299-d0509907a9cf}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-06 11:21:20.269 Could not open C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Current Session
2014-12-06 11:21:20.270 Could not open C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
2014-12-06 11:21:20.316 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOCK (virus scan failed)
2014-12-06 11:21:20.370 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK (virus scan failed)
2014-12-06 11:21:31.062 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ajdnlgehefnmaiighnbaibekhdfhnipd\LOCK (virus scan failed)
2014-12-06 11:21:31.082 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil\LOCK (virus scan failed)
2014-12-06 11:21:31.094 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh\LOCK (virus scan failed)
2014-12-06 11:21:32.765 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK (virus scan failed)
2014-12-06 11:21:33.116 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Sync App Settings\bebigdkelppomhhjaaianniiifjbgocn\LOCK (virus scan failed)
2014-12-06 11:21:33.124 Could not check C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil\LOCK (virus scan failed)
2014-12-06 11:34:08.921 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2014-12-06 11:34:08.922 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2014-12-06 11:34:10.795 Could not open C:\Windows\System32\config\BBI
2014-12-06 11:34:10.993 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2014-12-06 11:34:11.020 Could not open C:\Windows\System32\config\RegBack\SAM
2014-12-06 11:34:11.023 Could not open C:\Windows\System32\config\RegBack\SECURITY
2014-12-06 11:34:11.056 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2014-12-06 11:34:11.068 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2014-12-06 11:52:26.694 >>> Virus 'Mal/VMProtBad-A' found in file D:\Game ISO's\Call of Duty 9 - Black Ops II\Call of Duty Black Ops II Update 1 and 2\SKIDROW\buddha.dll
2014-12-06 11:52:26.695 >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:52:26.695 >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:52:35.084 >>> Virus 'Mal/VMProtBad-A' found in file D:\Game ISO's\Call of Duty 9 - Black Ops II\Call of Duty Black Ops II Update 3\SKIDROW\buddha.dll
2014-12-06 11:52:35.084 >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:52:35.084 >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:53:25.612 >>> Virus 'Mal/Chifrax-A' found in file D:\Game ISO's\The Binding of Isaac v1.0r10\The Binding of Isaac.exe
2014-12-06 11:53:25.612 >>> Virus 'Mal/Chifrax-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:53:25.612 >>> Virus 'Mal/Chifrax-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:53:31.852 >>> Virus 'Mal/Chifrax-A' found in file D:\Game ISO's\The Binding of Isaac Wrath of the Lamb v1.48\The Binding of Isaac - Wrath of the Lamb.exe
2014-12-06 11:53:31.852 >>> Virus 'Mal/Chifrax-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:53:31.852 >>> Virus 'Mal/Chifrax-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:54:54.991 >>> Virus 'Troj/Agent-RCG' found in file D:\stuff\programs\3ds max 2012\xf-adesk2012x32.exe
2014-12-06 11:54:54.991 >>> Virus 'Troj/Agent-RCG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:54:54.991 >>> Virus 'Troj/Agent-RCG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:54:58.213 >>> Virus 'Troj/Agent-RCG' found in file D:\stuff\programs\3ds max 2012\xf-adesk2012x64.exe
2014-12-06 11:54:58.213 >>> Virus 'Troj/Agent-RCG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:54:58.213 >>> Virus 'Troj/Agent-RCG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:55:14.539 >>> Virus 'Mal/KeyGen-A' found in file D:\stuff\programs\Corel Paintshop Pro X6 16.0.0.113 (keygen X-Force) [ChingLiu]\Keygen X-Force\Keygen.exe
2014-12-06 11:55:14.540 >>> Virus 'Mal/KeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:55:14.540 >>> Virus 'Mal/KeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:55:19.603 >>> Virus 'Troj/Delf-FNL' found in file D:\stuff\programs\plugins etc\After Effects\Red Giant - Trapcode Suite 12.1 - 2010kaiser\Crack - Key-Gen - Serials\Key-Gen\TCF.exe
2014-12-06 11:55:19.604 >>> Virus 'Troj/Delf-FNL' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:55:19.605 >>> Virus 'Troj/Delf-FNL' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:55:22.841 >>> Virus 'Troj/Delf-FNL' found in file D:\stuff\programs\plugins etc\After Effects\Red Giant - Trapcode Suite 12.1 - 2010kaiser\Crack - Key-Gen - Serials\Key-Gen\TCM.exe
2014-12-06 11:55:22.842 >>> Virus 'Troj/Delf-FNL' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:55:22.844 >>> Virus 'Troj/Delf-FNL' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:55:55.873 >>> Virus 'Troj/Agent-WFN' found in file D:\stuff\programs\Sony Vegas Pro 13.0 build 310 (64 bit) (patch KHG) [ChingLiu]\Patch KHG\vegas.pro.13.0.(64-bit)-patch.exe
2014-12-06 11:55:55.874 >>> Virus 'Troj/Agent-WFN' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:55:55.874 >>> Virus 'Troj/Agent-WFN' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2014-12-06 11:55:59.935 The following items will be cleaned up:
2014-12-06 11:55:59.935 Mal/VMProtBad-A
2014-12-06 11:55:59.935 Mal/Chifrax-A
2014-12-06 11:55:59.935 Troj/Agent-RCG
2014-12-06 11:55:59.935 Mal/KeyGen-A
2014-12-06 11:55:59.936 Troj/Delf-FNL
2014-12-06 11:55:59.936 Troj/Agent-WFN

Broni · Dec 6, 2014

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download

DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

Activate UAC (optional; some users prefer to keep it off)
Remove disinfection tools
Create registry backup
Purge System Restore
Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.

yesame · Dec 6, 2014

Thanks for your help :^)
I am just wondering what type of infection I actually had if I had one at all? Also in the future if it'd be easier to just copy over my games and documents to my 2nd hard drive then reinstall windows?

Broni · Dec 6, 2014

Actually it wasn't much there.
Just couple of adwares but I don't think they were connected to the file you downloaded and ran.

yesame · Dec 6, 2014

So this RAT either uninstalled itself once the damage was done or it's still hiding somewhere?
Either way thanks again for your time you do a good thing here.

Solved Suspected RAT

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 56,041 +516

Attachments

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Similar threads