Solved Trojan.agent svchost.exe

dakiteha · Feb 22, 2014

Do you want me to try RK again?

dakiteha · Feb 23, 2014

RogueKiller V8.8.8 [Feb 19 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Kimberly [Admin rights]
Mode : Remove -- Date : 02/22/2014 23:05:50
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKUS\S-1-5-19\[...]\Run : Microsoft (rundll32.exe "C:\Windows\system32\config\systemprofile\AppData\Local\Mozilla\Microsoft\ygdntwpjk.dll",CreateInstance [x][x][x]) -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-20\[...]\Run : Microsoft (rundll32.exe "C:\Windows\system32\config\systemprofile\AppData\Local\Mozilla\Microsoft\ygdntwpjk.dll",CreateInstance [x][x][x]) -> DELETED
[IFEO] HKLM\[...]\bitguard.exe : Debugger (tasklist.exe [x]) -> DELETED
[IFEO] HKLM\[...]\bprotect.exe : Debugger (tasklist.exe [x]) -> DELETED
[IFEO] HKLM\[...]\browserdefender.exe : Debugger (tasklist.exe [x]) -> DELETED
[IFEO] HKLM\[...]\browserprotect.exe : Debugger (tasklist.exe [x]) -> DELETED
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 2 ¤¤¤
[V2][SUSP PATH] DTReg : C:\Users\Kimberly\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe [x] -> DELETED
[V2][SUSP PATH] RunAsStdUser Task : "C:\Users\Kimberly\AppData\Local\appkikxSA\bin\1.0.5.0\AppKikxSA.exe" [x] -> DELETED

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][File] @ : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{4f73ed5f-4eb3-905f-940d-e562bd6e5517}\@ [-] --> DELETED
[ZeroAccess][Folder] U : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{4f73ed5f-4eb3-905f-940d-e562bd6e5517}\U [-] --> DELETED
[ZeroAccess][Folder] L : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{4f73ed5f-4eb3-905f-940d-e562bd6e5517}\L [-] --> DELETED

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK5056GSY ATA Device +++++
--- User ---
[MBR] f4940743256ce8acb820d342b06a4eb4
[BSP] c19bd639d553b8934c8b82a8ad1b40b5 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 454187 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 930584576 | Size: 22449 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_02222014_230550.txt >>
RKreport[0]_S_02222014_230433.txt

dakiteha · Feb 23, 2014

ZeroAccess is flashing on RK

Broni · Feb 23, 2014

What do you mean by flashing?

Download TDSSKiller and save it to your desktop.

Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

dakiteha · Feb 23, 2014

There is a red triangle with an exclamation point inside and the word ZeroAccess next to it flashing on and off. When RK finished what it was doing it took me to their website and it had instructions--"
How to remove ZeroAccess (Sirefef) with RogueKiller"

dakiteha · Feb 23, 2014

23:23:53.0241 0x1748 TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
23:24:00.0176 0x1748 ============================================================
23:24:00.0176 0x1748 Current date / time: 2014/02/22 23:24:00.0176
23:24:00.0176 0x1748 SystemInfo:
23:24:00.0177 0x1748
23:24:00.0177 0x1748 OS Version: 6.1.7601 ServicePack: 1.0
23:24:00.0177 0x1748 Product type: Workstation
23:24:00.0177 0x1748 ComputerName: HP-LAPTOP
23:24:00.0177 0x1748 UserName: Kimberly
23:24:00.0177 0x1748 Windows directory: C:\Windows
23:24:00.0177 0x1748 System windows directory: C:\Windows
23:24:00.0178 0x1748 Running under WOW64
23:24:00.0178 0x1748 Processor architecture: Intel x64
23:24:00.0178 0x1748 Number of processors: 2
23:24:00.0178 0x1748 Page size: 0x1000
23:24:00.0178 0x1748 Boot type: Normal boot
23:24:00.0178 0x1748 ============================================================
23:24:01.0984 0x1748 KLMD registered as C:\Windows\system32\drivers\62444730.sys
23:24:02.0263 0x1748 System UUID: {509B96B0-6237-E181-90A4-190636F4995D}
23:24:03.0726 0x1748 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:24:03.0736 0x1748 ============================================================
23:24:03.0736 0x1748 \Device\Harddisk0\DR0:
23:24:03.0737 0x1748 MBR partitions:
23:24:03.0737 0x1748 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:24:03.0737 0x1748 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37715800
23:24:03.0737 0x1748 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37779800, BlocksNum 0x2BD8800
23:24:03.0737 0x1748 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
23:24:03.0737 0x1748 ============================================================
23:24:03.0758 0x1748 C: <-> \Device\Harddisk0\DR0\Partition2
23:24:03.0800 0x1748 D: <-> \Device\Harddisk0\DR0\Partition3
23:24:03.0815 0x1748 E: <-> \Device\Harddisk0\DR0\Partition4
23:24:03.0815 0x1748 ============================================================
23:24:03.0815 0x1748 Initialize success
23:24:03.0815 0x1748 ============================================================
23:24:38.0686 0x0e94 ============================================================
23:24:38.0686 0x0e94 Scan started
23:24:38.0686 0x0e94 Mode: Manual;
23:24:38.0686 0x0e94 ============================================================
23:24:38.0686 0x0e94 KSN ping started
23:24:41.0693 0x0e94 KSN ping finished: true
23:24:42.0589 0x0e94 ================ Scan system memory ========================
23:24:42.0590 0x0e94 System memory - ok
23:24:42.0591 0x0e94 ================ Scan services =============================
23:24:42.0820 0x0e94 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:24:42.0837 0x0e94 1394ohci - ok
23:24:42.0915 0x0e94 [ 3E2427D4966C7606097341E55AB4E105, 59A06E65A746D511BF76736A11DF4DA0692D8212ECEB2419238D6615A83388A4 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
23:24:42.0920 0x0e94 Accelerometer - ok
23:24:42.0996 0x0e94 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:24:43.0025 0x0e94 ACPI - ok
23:24:43.0051 0x0e94 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:24:43.0053 0x0e94 AcpiPmi - ok
23:24:43.0211 0x0e94 [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:24:43.0230 0x0e94 AdobeFlashPlayerUpdateSvc - ok
23:24:43.0305 0x0e94 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:24:43.0339 0x0e94 adp94xx - ok
23:24:43.0406 0x0e94 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:24:43.0429 0x0e94 adpahci - ok
23:24:43.0465 0x0e94 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:24:43.0478 0x0e94 adpu320 - ok
23:24:43.0520 0x0e94 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:24:43.0526 0x0e94 AeLookupSvc - ok
23:24:43.0662 0x0e94 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe
23:24:43.0669 0x0e94 AESTFilters - ok
23:24:43.0764 0x0e94 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
23:24:43.0795 0x0e94 AFD - ok
23:24:43.0846 0x0e94 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
23:24:43.0852 0x0e94 agp440 - ok
23:24:43.0875 0x0e94 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
23:24:43.0881 0x0e94 ALG - ok
23:24:43.0921 0x0e94 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
23:24:43.0924 0x0e94 aliide - ok
23:24:43.0979 0x0e94 [ 29C151492510640343B00B63996E4070, 44E80600CD9DF72187BC0543278D8D48A4AB7FF1F24A800ADB082FF86F137949 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:24:43.0993 0x0e94 AMD External Events Utility - ok
23:24:44.0012 0x0e94 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
23:24:44.0015 0x0e94 amdide - ok
23:24:44.0071 0x0e94 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:24:44.0077 0x0e94 AmdK8 - ok
23:24:44.0752 0x0e94 [ 2C9C4824664C61351FF1E0169262D026, 325444CC367A9B0F0CC13B653DA568BFD4E60769C48579C25C399333028774B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:24:45.0250 0x0e94 amdkmdag - ok
23:24:45.0465 0x0e94 [ EF7382689D3B17AC2983202E7A40AB45, 43A0F8A8521C7D19F138DE8F07A1C0FC09E6E49038019E48F59D250A023C3FCE ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:24:45.0477 0x0e94 amdkmdap - ok
23:24:45.0537 0x0e94 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:24:45.0540 0x0e94 AmdPPM - ok
23:24:45.0606 0x0e94 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:24:45.0614 0x0e94 amdsata - ok
23:24:45.0667 0x0e94 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:24:45.0681 0x0e94 amdsbs - ok
23:24:45.0703 0x0e94 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:24:45.0706 0x0e94 amdxata - ok
23:24:45.0757 0x0e94 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
23:24:45.0762 0x0e94 AppID - ok
23:24:45.0788 0x0e94 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:24:45.0791 0x0e94 AppIDSvc - ok
23:24:45.0842 0x0e94 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
23:24:45.0848 0x0e94 Appinfo - ok
23:24:45.0881 0x0e94 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
23:24:45.0889 0x0e94 arc - ok
23:24:45.0915 0x0e94 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:24:45.0923 0x0e94 arcsas - ok
23:24:46.0047 0x0e94 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:24:46.0061 0x0e94 aspnet_state - ok
23:24:46.0083 0x0e94 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:24:46.0086 0x0e94 AsyncMac - ok
23:24:46.0120 0x0e94 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
23:24:46.0122 0x0e94 atapi - ok
23:24:46.0328 0x0e94 [ 96ABF88241F90FF647E55C934C55C2F1, DC9EBDD132BC6A1A79A768C575C962B19DB9805C490F926BE8D4804164A2CD7F ] athr C:\Windows\system32\DRIVERS\athrx.sys
23:24:46.0468 0x0e94 athr - ok
23:24:46.0530 0x0e94 [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
23:24:46.0539 0x0e94 AtiHdmiService - ok
23:24:46.0570 0x0e94 [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
23:24:46.0573 0x0e94 AtiPcie - ok
23:24:46.0669 0x0e94 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:24:46.0716 0x0e94 AudioEndpointBuilder - ok
23:24:46.0773 0x0e94 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:24:46.0817 0x0e94 AudioSrv - ok
23:24:46.0869 0x0e94 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:24:46.0879 0x0e94 AxInstSV - ok
23:24:46.0957 0x0e94 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:24:46.0990 0x0e94 b06bdrv - ok
23:24:47.0043 0x0e94 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:24:47.0062 0x0e94 b57nd60a - ok
23:24:47.0131 0x0e94 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
23:24:47.0140 0x0e94 BDESVC - ok
23:24:47.0155 0x0e94 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
23:24:47.0157 0x0e94 Beep - ok
23:24:47.0261 0x0e94 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
23:24:47.0318 0x0e94 BFE - ok
23:24:47.0574 0x0e94 [ 6C64FA457C200874FAA87D74152E0D84, 88287266853146CFA7FC98F67A85ABC909CE95E4601EF0DFE323BB38F7FD62A5 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
23:24:47.0659 0x0e94 BHDrvx64 - ok
23:24:47.0763 0x0e94 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
23:24:47.0826 0x0e94 BITS - ok
23:24:47.0880 0x0e94 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:24:47.0885 0x0e94 blbdrive - ok
23:24:47.0932 0x0e94 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:24:47.0940 0x0e94 bowser - ok
23:24:47.0975 0x0e94 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:24:47.0978 0x0e94 BrFiltLo - ok
23:24:47.0998 0x0e94 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:24:48.0000 0x0e94 BrFiltUp - ok
23:24:48.0040 0x0e94 [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser C:\Windows\System32\browser.dll
23:24:48.0050 0x0e94 Browser - ok
23:24:48.0096 0x0e94 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:24:48.0117 0x0e94 Brserid - ok
23:24:48.0137 0x0e94 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:24:48.0142 0x0e94 BrSerWdm - ok
23:24:48.0175 0x0e94 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:24:48.0178 0x0e94 BrUsbMdm - ok
23:24:48.0202 0x0e94 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:24:48.0205 0x0e94 BrUsbSer - ok
23:24:48.0232 0x0e94 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:24:48.0238 0x0e94 BTHMODEM - ok
23:24:48.0281 0x0e94 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
23:24:48.0289 0x0e94 bthserv - ok
23:24:48.0392 0x0e94 [ 0E1737A63AEC0F6DE231BB59836C0A11, A67B1075E47B75CD271FB653F63D454499926C5D074BE7D1DF1D804F6C9AFE07 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys
23:24:48.0405 0x0e94 ccSet_NIS - ok
23:24:48.0438 0x0e94 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:24:48.0445 0x0e94 cdfs - ok
23:24:48.0506 0x0e94 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
23:24:48.0517 0x0e94 cdrom - ok
23:24:48.0567 0x0e94 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
23:24:48.0574 0x0e94 CertPropSvc - ok
23:24:48.0668 0x0e94 [ 2C24DB5F78F0ACA759803001E6B4F320, 4977EBCCD7026E941E8AD997967378D3080131929B8FE4DBA6F929CEC3AAC728 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
23:24:48.0668 0x0e94 CinemaNow Service - ok
23:24:48.0715 0x0e94 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:24:48.0731 0x0e94 circlass - ok
23:24:48.0778 0x0e94 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
23:24:48.0809 0x0e94 CLFS - ok
23:24:48.0856 0x0e94 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:24:48.0871 0x0e94 clr_optimization_v2.0.50727_32 - ok
23:24:48.0918 0x0e94 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:24:48.0918 0x0e94 clr_optimization_v2.0.50727_64 - ok
23:24:48.0996 0x0e94 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:24:49.0012 0x0e94 clr_optimization_v4.0.30319_32 - ok
23:24:49.0043 0x0e94 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:24:49.0058 0x0e94 clr_optimization_v4.0.30319_64 - ok
23:24:49.0105 0x0e94 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:24:49.0105 0x0e94 CmBatt - ok
23:24:49.0152 0x0e94 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:24:49.0152 0x0e94 cmdide - ok
23:24:49.0214 0x0e94 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
23:24:49.0261 0x0e94 CNG - ok
23:24:49.0292 0x0e94 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:24:49.0292 0x0e94 Compbatt - ok
23:24:49.0355 0x0e94 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:24:49.0355 0x0e94 CompositeBus - ok
23:24:49.0370 0x0e94 COMSysApp - ok
23:24:49.0417 0x0e94 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:24:49.0417 0x0e94 crcdisk - ok
23:24:49.0480 0x0e94 [ 4F5414602E2544A4554D95517948B705, 50121AD32ACF73F541DF3B655020F7B610B3E7B5E8C7B39D37D5958F28CB376E ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:24:49.0495 0x0e94 CryptSvc - ok
23:24:49.0573 0x0e94 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:24:49.0620 0x0e94 DcomLaunch - ok
23:24:49.0667 0x0e94 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
23:24:49.0682 0x0e94 defragsvc - ok
23:24:49.0729 0x0e94 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:24:49.0745 0x0e94 DfsC - ok
23:24:49.0807 0x0e94 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:24:49.0823 0x0e94 Dhcp - ok
23:24:49.0854 0x0e94 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
23:24:49.0854 0x0e94 discache - ok
23:24:49.0901 0x0e94 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:24:49.0916 0x0e94 Disk - ok
23:24:50.0041 0x0e94 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:24:50.0057 0x0e94 Dnscache - ok
23:24:50.0166 0x0e94 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
23:24:50.0197 0x0e94 dot3svc - ok
23:24:50.0291 0x0e94 [ 8CBE9EB5088E36DB88013D9D5858B87F, CCE31E3B6F9786E885C3EB8AC3F34406CD20E1D510683DABAEA202C88A3EBE3F ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
23:24:50.0322 0x0e94 DpHost - ok
23:24:50.0369 0x0e94 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
23:24:50.0384 0x0e94 DPS - ok
23:24:50.0416 0x0e94 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:24:50.0416 0x0e94 drmkaud - ok
23:24:50.0462 0x0e94 [ A298AEA9FCA253E7EFF040A08C7C6376, 3A0B0C375D5C029ACF4BAF7881094D447E20E76C83049DBAD0F5FDB7802A7CDC ] DVMIO C:\Windows\system32\DRIVERS\dvmio.sys
23:24:50.0462 0x0e94 DVMIO - ok
23:24:50.0556 0x0e94 [ 5EB46032ECA199F4721EB1915B5383C8, D3D7AF8678CD8BDA563A15EB7BF9041B27E9B4507EDF31227431AD7D0C515042 ] DvmMDES C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
23:24:50.0587 0x0e94 DvmMDES - ok
23:24:50.0774 0x0e94 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:24:50.0837 0x0e94 DXGKrnl - ok
23:24:50.0899 0x0e94 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
23:24:50.0915 0x0e94 EapHost - ok
23:24:51.0180 0x0e94 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:24:51.0430 0x0e94 ebdrv - ok
23:24:51.0976 0x0e94 [ 0C3F9EFF8DDD9F9EB56D754B4620155F, D81F2DF707E9A3852BB0CE30883B86D722EA1E7585E7A7D1BC3E081E0A4FDFDB ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:24:52.0007 0x0e94 eeCtrl - ok
23:24:52.0038 0x0e94 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
23:24:52.0038 0x0e94 EFS - ok
23:24:52.0163 0x0e94 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:24:52.0210 0x0e94 ehRecvr - ok
23:24:52.0256 0x0e94 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
23:24:52.0256 0x0e94 ehSched - ok
23:24:52.0334 0x0e94 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:24:52.0366 0x0e94 elxstor - ok
23:24:52.0397 0x0e94 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:24:52.0397 0x0e94 ErrDev - ok
23:24:52.0490 0x0e94 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
23:24:52.0522 0x0e94 EventSystem - ok
23:24:52.0568 0x0e94 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
23:24:52.0584 0x0e94 exfat - ok
23:24:52.0615 0x0e94 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:24:52.0631 0x0e94 fastfat - ok
23:24:52.0724 0x0e94 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
23:24:52.0771 0x0e94 Fax - ok
23:24:52.0818 0x0e94 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:24:52.0818 0x0e94 fdc - ok
23:24:52.0849 0x0e94 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
23:24:52.0849 0x0e94 fdPHost - ok
23:24:52.0865 0x0e94 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
23:24:52.0880 0x0e94 FDResPub - ok
23:24:52.0896 0x0e94 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:24:52.0912 0x0e94 FileInfo - ok
23:24:52.0927 0x0e94 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:24:52.0927 0x0e94 Filetrace - ok
23:24:52.0958 0x0e94 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:24:52.0958 0x0e94 flpydisk - ok
23:24:53.0021 0x0e94 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:24:53.0036 0x0e94 FltMgr - ok
23:24:53.0161 0x0e94 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
23:24:53.0239 0x0e94 FontCache - ok
23:24:53.0286 0x0e94 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:24:53.0302 0x0e94 FontCache3.0.0.0 - ok
23:24:53.0333 0x0e94 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:24:53.0333 0x0e94 FsDepends - ok
23:24:53.0380 0x0e94 [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:24:53.0380 0x0e94 fssfltr - ok
23:24:53.0426 0x0e94 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:24:53.0426 0x0e94 Fs_Rec - ok
23:24:53.0489 0x0e94 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:24:53.0504 0x0e94 fvevol - ok
23:24:53.0551 0x0e94 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:24:53.0567 0x0e94 gagp30kx - ok
23:24:53.0707 0x0e94 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
23:24:53.0723 0x0e94 GamesAppService - ok
23:24:53.0785 0x0e94 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F, 6D2B301E77839FFF1C74425B37D02C3F3837CE50E856C21AE4CF7ABABB04ADDC ] GoogleDesktopManager-051210-111108 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
23:24:53.0801 0x0e94 GoogleDesktopManager-051210-111108 - ok
23:24:53.0894 0x0e94 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
23:24:53.0957 0x0e94 gpsvc - ok
23:24:54.0019 0x0e94 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:24:54.0035 0x0e94 gupdate - ok
23:24:54.0050 0x0e94 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:24:54.0050 0x0e94 gupdatem - ok
23:24:54.0097 0x0e94 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:24:54.0097 0x0e94 hcw85cir - ok
23:24:54.0144 0x0e94 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:24:54.0160 0x0e94 HdAudAddService - ok
23:24:54.0206 0x0e94 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:24:54.0222 0x0e94 HDAudBus - ok
23:24:54.0253 0x0e94 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:24:54.0269 0x0e94 HidBatt - ok
23:24:54.0300 0x0e94 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:24:54.0316 0x0e94 HidBth - ok
23:24:54.0347 0x0e94 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:24:54.0347 0x0e94 HidIr - ok
23:24:54.0378 0x0e94 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
23:24:54.0394 0x0e94 hidserv - ok
23:24:54.0425 0x0e94 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:24:54.0425 0x0e94 HidUsb - ok
23:24:54.0472 0x0e94 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:24:54.0487 0x0e94 hkmsvc - ok
23:24:54.0534 0x0e94 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:24:54.0565 0x0e94 HomeGroupListener - ok
23:24:54.0612 0x0e94 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:24:54.0628 0x0e94 HomeGroupProvider - ok
23:24:54.0721 0x0e94 [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
23:24:54.0721 0x0e94 HP Support Assistant Service - ok
23:24:54.0815 0x0e94 [ 9ABD12FCE4A62905731C286BB1D66789, 2D1A5B991EE5BDBAF5501B0BA0CE75B2468B2179B179AF0769A8F1542FCD926B ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
23:24:54.0815 0x0e94 HP Wireless Assistant Service - ok
23:24:54.0862 0x0e94 [ CCBE758967CC0F53F5BA3B271653C4E6, B050B39A209CC30A801E0F903AE441B0F0C50DFAE747E71E4016F8D7552B2AE8 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
23:24:54.0877 0x0e94 hpdskflt - ok
23:24:55.0049 0x0e94 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
23:24:55.0127 0x0e94 hpqwmiex - ok
23:24:55.0205 0x0e94 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:24:55.0220 0x0e94 HpSAMD - ok
23:24:55.0236 0x0e94 [ E2223A37896A76861D7F79FD81A2A193, 9AFB0188CA5ED8A4F01FC7C8C4835097312AC15B754684880C6A1E48634ED687 ] hpsrv C:\Windows\system32\Hpservice.exe
23:24:55.0252 0x0e94 hpsrv - ok
23:24:55.0298 0x0e94 [ B6492D01712A22FF3FEA25A999DBD321, DA0BB9F4EC5352409F492378168C5A256186B1E76463C72ADE06C63F46363BEF ] HPWMISVC C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
23:24:55.0298 0x0e94 HPWMISVC - ok
23:24:55.0392 0x0e94 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:24:55.0439 0x0e94 HTTP - ok
23:24:55.0486 0x0e94 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:24:55.0501 0x0e94 hwpolicy - ok
23:24:55.0548 0x0e94 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:24:55.0548 0x0e94 i8042prt - ok
23:24:55.0642 0x0e94 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:24:55.0657 0x0e94 iaStorV - ok
23:24:55.0766 0x0e94 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:24:55.0829 0x0e94 idsvc - ok
23:24:55.0954 0x0e94 [ 18C40C3F368323B203ACE403CB430DB1, 068B4487EEE698DD4A6A99C4C26D5331566EE2AB263C86ADA0E5D878AA4BDB59 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120321.001\IDSvia64.sys
23:24:55.0985 0x0e94 IDSVia64 - ok
23:24:56.0515 0x0e94 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:24:57.0046 0x0e94 igfx - ok
23:24:57.0139 0x0e94 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:24:57.0155 0x0e94 iirsp - ok
23:24:57.0264 0x0e94 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
23:24:57.0311 0x0e94 IKEEXT - ok
23:24:57.0358 0x0e94 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
23:24:57.0358 0x0e94 intelide - ok
23:24:57.0404 0x0e94 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:24:57.0404 0x0e94 intelppm - ok
23:24:57.0451 0x0e94 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:24:57.0451 0x0e94 IPBusEnum - ok
23:24:57.0498 0x0e94 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:24:57.0498 0x0e94 IpFilterDriver - ok
23:24:57.0638 0x0e94 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:24:57.0670 0x0e94 iphlpsvc - ok
23:24:57.0716 0x0e94 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:24:57.0716 0x0e94 IPMIDRV - ok
23:24:57.0779 0x0e94 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:24:57.0779 0x0e94 IPNAT - ok
23:24:57.0810 0x0e94 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:24:57.0810 0x0e94 IRENUM - ok
23:24:57.0841 0x0e94 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:24:57.0841 0x0e94 isapnp - ok
23:24:57.0888 0x0e94 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:24:57.0904 0x0e94 iScsiPrt - ok
23:24:57.0935 0x0e94 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:24:57.0950 0x0e94 kbdclass - ok
23:24:57.0997 0x0e94 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:24:57.0997 0x0e94 kbdhid - ok
23:24:58.0028 0x0e94 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
23:24:58.0028 0x0e94 KeyIso - ok
23:24:58.0075 0x0e94 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:24:58.0075 0x0e94 KSecDD - ok
23:24:58.0122 0x0e94 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:24:58.0138 0x0e94 KSecPkg - ok
23:24:58.0169 0x0e94 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:24:58.0169 0x0e94 ksthunk - ok
23:24:58.0231 0x0e94 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
23:24:58.0262 0x0e94 KtmRm - ok
23:24:58.0325 0x0e94 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:24:58.0340 0x0e94 LanmanServer - ok
23:24:58.0387 0x0e94 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:24:58.0403 0x0e94 LanmanWorkstation - ok
23:24:58.0465 0x0e94 [ 3503F257B3203F824B1567238EBE17E2, A6F7B0D3C213DC17B266199FAC7F242529A1C030244A819BDBDB892BF2969FD3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:24:58.0465 0x0e94 LightScribeService - ok
23:24:58.0528 0x0e94 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:24:58.0528 0x0e94 lltdio - ok
23:24:58.0590 0x0e94 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:24:58.0606 0x0e94 lltdsvc - ok
23:24:58.0621 0x0e94 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:24:58.0621 0x0e94 lmhosts - ok
23:24:58.0684 0x0e94 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:24:58.0699 0x0e94 LSI_FC - ok
23:24:58.0762 0x0e94 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:24:58.0762 0x0e94 LSI_SAS - ok
23:24:58.0808 0x0e94 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:24:58.0824 0x0e94 LSI_SAS2 - ok
23:24:58.0840 0x0e94 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:24:58.0855 0x0e94 LSI_SCSI - ok
23:24:58.0886 0x0e94 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
23:24:58.0902 0x0e94 luafv - ok
23:24:58.0949 0x0e94 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
23:24:58.0949 0x0e94 MBAMProtector - ok
23:24:59.0027 0x0e94 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:24:59.0058 0x0e94 MBAMScheduler - ok
23:24:59.0152 0x0e94 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:24:59.0198 0x0e94 MBAMService - ok

dakiteha · Feb 23, 2014

23:24:59.0323 0x0e94 [ 49F5B235EDC9C6AC0ABA44737B190317, 096D8D583ED024F1B3AD30DD5EBA38B1FEE518166E157C0E3890D80687181F60 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
23:24:59.0339 0x0e94 McComponentHostService - ok
23:24:59.0370 0x0e94 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:24:59.0386 0x0e94 Mcx2Svc - ok
23:24:59.0417 0x0e94 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:24:59.0417 0x0e94 megasas - ok
23:24:59.0464 0x0e94 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:24:59.0495 0x0e94 MegaSR - ok
23:24:59.0526 0x0e94 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
23:24:59.0542 0x0e94 MMCSS - ok
23:24:59.0557 0x0e94 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
23:24:59.0557 0x0e94 Modem - ok
23:24:59.0604 0x0e94 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:24:59.0604 0x0e94 monitor - ok
23:24:59.0666 0x0e94 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:24:59.0666 0x0e94 mouclass - ok
23:24:59.0698 0x0e94 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:24:59.0698 0x0e94 mouhid - ok
23:24:59.0744 0x0e94 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:24:59.0744 0x0e94 mountmgr - ok
23:24:59.0838 0x0e94 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:24:59.0854 0x0e94 MozillaMaintenance - ok
23:24:59.0900 0x0e94 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
23:24:59.0916 0x0e94 mpio - ok
23:24:59.0963 0x0e94 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:24:59.0978 0x0e94 mpsdrv - ok
23:25:00.0088 0x0e94 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:25:00.0150 0x0e94 MpsSvc - ok
23:25:00.0212 0x0e94 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:25:00.0228 0x0e94 MRxDAV - ok
23:25:00.0337 0x0e94 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:25:00.0337 0x0e94 mrxsmb - ok
23:25:00.0400 0x0e94 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:25:00.0415 0x0e94 mrxsmb10 - ok
23:25:00.0462 0x0e94 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:25:00.0462 0x0e94 mrxsmb20 - ok
23:25:00.0509 0x0e94 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
23:25:00.0509 0x0e94 msahci - ok
23:25:00.0540 0x0e94 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:25:00.0540 0x0e94 msdsm - ok
23:25:00.0571 0x0e94 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
23:25:00.0587 0x0e94 MSDTC - ok
23:25:00.0634 0x0e94 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:25:00.0634 0x0e94 Msfs - ok
23:25:00.0649 0x0e94 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:25:00.0649 0x0e94 mshidkmdf - ok
23:25:00.0665 0x0e94 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:25:00.0665 0x0e94 msisadrv - ok
23:25:00.0727 0x0e94 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:25:00.0743 0x0e94 MSiSCSI - ok
23:25:00.0758 0x0e94 msiserver - ok
23:25:00.0790 0x0e94 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:25:00.0805 0x0e94 MSKSSRV - ok
23:25:00.0821 0x0e94 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:25:00.0821 0x0e94 MSPCLOCK - ok
23:25:00.0836 0x0e94 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:25:00.0836 0x0e94 MSPQM - ok
23:25:00.0899 0x0e94 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:25:00.0930 0x0e94 MsRPC - ok
23:25:00.0946 0x0e94 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:25:00.0946 0x0e94 mssmbios - ok
23:25:00.0961 0x0e94 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:25:00.0961 0x0e94 MSTEE - ok
23:25:00.0992 0x0e94 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:25:00.0992 0x0e94 MTConfig - ok
23:25:01.0024 0x0e94 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
23:25:01.0039 0x0e94 Mup - ok
23:25:01.0117 0x0e94 [ 48D50D679D28E5C4BF5A67664CC56B41, 8AFBD0A0705D4576EACC0017BD5367391FA16B011DB23DB839DD58C8127915F3 ] MyWebSearchService C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe
23:25:01.0133 0x0e94 MyWebSearchService - ok
23:25:01.0195 0x0e94 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
23:25:01.0226 0x0e94 napagent - ok
23:25:01.0289 0x0e94 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:25:01.0304 0x0e94 NativeWifiP - ok
23:25:01.0429 0x0e94 [ 2DBE90210DE76BE6E1653BB20EC70EC2, E5AB955082084EB2261C801E74C1EEBEC26472DB3EE803C65C5ADF5A92527F07 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120321.008\ENG64.SYS
23:25:01.0429 0x0e94 NAVENG - ok
23:25:01.0648 0x0e94 [ 346DA70E203B8E2C850277713DE8F71B, 3F9359A3E2CC9B6158A9549E6786C6622BDA6E8851EDE0EF73F9AC8145F86D35 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120321.008\EX64.SYS
23:25:01.0788 0x0e94 NAVEX15 - ok
23:25:01.0897 0x0e94 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
23:25:01.0944 0x0e94 NDIS - ok
23:25:01.0975 0x0e94 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:25:01.0975 0x0e94 NdisCap - ok
23:25:02.0022 0x0e94 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:25:02.0022 0x0e94 NdisTapi - ok
23:25:02.0069 0x0e94 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:25:02.0069 0x0e94 Ndisuio - ok
23:25:02.0116 0x0e94 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:25:02.0131 0x0e94 NdisWan - ok
23:25:02.0162 0x0e94 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:25:02.0178 0x0e94 NDProxy - ok
23:25:02.0209 0x0e94 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:25:02.0209 0x0e94 NetBIOS - ok
23:25:02.0256 0x0e94 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:25:02.0272 0x0e94 NetBT - ok
23:25:02.0287 0x0e94 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
23:25:02.0303 0x0e94 Netlogon - ok
23:25:02.0350 0x0e94 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
23:25:02.0381 0x0e94 Netman - ok
23:25:02.0428 0x0e94 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:25:02.0428 0x0e94 NetMsmqActivator - ok
23:25:02.0459 0x0e94 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:25:02.0459 0x0e94 NetPipeActivator - ok
23:25:02.0537 0x0e94 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
23:25:02.0568 0x0e94 netprofm - ok
23:25:02.0615 0x0e94 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:25:02.0615 0x0e94 NetTcpActivator - ok
23:25:02.0646 0x0e94 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:25:02.0646 0x0e94 NetTcpPortSharing - ok
23:25:03.0083 0x0e94 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
23:25:03.0582 0x0e94 netw5v64 - ok
23:25:03.0769 0x0e94 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:25:03.0769 0x0e94 nfrd960 - ok
23:25:03.0863 0x0e94 [ C6948F034D7EDABCFA2234D399FC78BC, EDB56D870F0251B88FFF52E6733F6A613AA1629F1F0CB55841FD8F46D7882D15 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
23:25:03.0878 0x0e94 NIS - ok
23:25:03.0941 0x0e94 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:25:03.0972 0x0e94 NlaSvc - ok
23:25:03.0988 0x0e94 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:25:03.0988 0x0e94 Npfs - ok
23:25:04.0019 0x0e94 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
23:25:04.0019 0x0e94 nsi - ok
23:25:04.0050 0x0e94 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:25:04.0050 0x0e94 nsiproxy - ok
23:25:04.0222 0x0e94 [ A2F74975097F52A00745F9637451FDD8, C681DDBD3382C477C2A030E828B5CFB529CB57C7847BD9AFF25E2A5E58B2DAF3 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:25:04.0331 0x0e94 Ntfs - ok
23:25:04.0362 0x0e94 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
23:25:04.0362 0x0e94 Null - ok
23:25:04.0409 0x0e94 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:25:04.0424 0x0e94 nvraid - ok
23:25:04.0456 0x0e94 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:25:04.0456 0x0e94 nvstor - ok
23:25:04.0487 0x0e94 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:25:04.0502 0x0e94 nv_agp - ok
23:25:04.0612 0x0e94 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:25:04.0643 0x0e94 odserv - ok
23:25:04.0705 0x0e94 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:25:04.0721 0x0e94 ohci1394 - ok
23:25:04.0768 0x0e94 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:25:04.0768 0x0e94 ose - ok
23:25:04.0846 0x0e94 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:25:04.0861 0x0e94 p2pimsvc - ok
23:25:04.0908 0x0e94 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
23:25:04.0939 0x0e94 p2psvc - ok
23:25:04.0970 0x0e94 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:25:04.0986 0x0e94 Parport - ok
23:25:05.0033 0x0e94 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:25:05.0048 0x0e94 partmgr - ok
23:25:05.0080 0x0e94 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
23:25:05.0095 0x0e94 PcaSvc - ok
23:25:05.0142 0x0e94 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
23:25:05.0158 0x0e94 pci - ok
23:25:05.0189 0x0e94 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
23:25:05.0189 0x0e94 pciide - ok
23:25:05.0236 0x0e94 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:25:05.0251 0x0e94 pcmcia - ok
23:25:05.0282 0x0e94 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
23:25:05.0282 0x0e94 pcw - ok
23:25:05.0345 0x0e94 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:25:05.0392 0x0e94 PEAUTH - ok
23:25:05.0470 0x0e94 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:25:05.0470 0x0e94 PerfHost - ok
23:25:05.0626 0x0e94 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
23:25:05.0735 0x0e94 pla - ok
23:25:05.0813 0x0e94 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:25:05.0828 0x0e94 PlugPlay - ok
23:25:05.0860 0x0e94 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:25:05.0860 0x0e94 PNRPAutoReg - ok
23:25:05.0891 0x0e94 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:25:05.0906 0x0e94 PNRPsvc - ok
23:25:05.0953 0x0e94 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:25:05.0984 0x0e94 PolicyAgent - ok
23:25:06.0031 0x0e94 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
23:25:06.0031 0x0e94 Power - ok
23:25:06.0094 0x0e94 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:25:06.0094 0x0e94 PptpMiniport - ok
23:25:06.0125 0x0e94 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:25:06.0125 0x0e94 Processor - ok
23:25:06.0187 0x0e94 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
23:25:06.0218 0x0e94 ProfSvc - ok
23:25:06.0234 0x0e94 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
23:25:06.0234 0x0e94 ProtectedStorage - ok
23:25:06.0281 0x0e94 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:25:06.0296 0x0e94 Psched - ok
23:25:06.0359 0x0e94 [ F3775745CBEEDC8E4690D822FE669BF5, CA455B6EFA352B3992D7B8882C3CCDB96D4335E442E59017C99B987CBCC37E42 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
23:25:06.0359 0x0e94 QBCFMonitorService - ok
23:25:06.0406 0x0e94 [ 2241EAF40E472C471CB80CF6B97CCA11, A19F76D73A8FF69DF6A008B6B079989376FAC3E4B743054AC257A758904C9A97 ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
23:25:06.0406 0x0e94 QBFCService - ok
23:25:06.0546 0x0e94 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:25:06.0655 0x0e94 ql2300 - ok
23:25:06.0702 0x0e94 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:25:06.0718 0x0e94 ql40xx - ok
23:25:06.0827 0x0e94 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
23:25:06.0842 0x0e94 QWAVE - ok
23:25:06.0889 0x0e94 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:25:06.0889 0x0e94 QWAVEdrv - ok
23:25:06.0920 0x0e94 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:25:06.0920 0x0e94 RasAcd - ok
23:25:06.0967 0x0e94 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:25:06.0967 0x0e94 RasAgileVpn - ok
23:25:06.0998 0x0e94 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
23:25:07.0014 0x0e94 RasAuto - ok
23:25:07.0061 0x0e94 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:25:07.0061 0x0e94 Rasl2tp - ok
23:25:07.0139 0x0e94 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
23:25:07.0154 0x0e94 RasMan - ok
23:25:07.0201 0x0e94 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:25:07.0201 0x0e94 RasPppoe - ok
23:25:07.0248 0x0e94 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:25:07.0248 0x0e94 RasSstp - ok
23:25:07.0310 0x0e94 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:25:07.0342 0x0e94 rdbss - ok
23:25:07.0357 0x0e94 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:25:07.0373 0x0e94 rdpbus - ok
23:25:07.0388 0x0e94 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:25:07.0388 0x0e94 RDPCDD - ok
23:25:07.0420 0x0e94 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:25:07.0420 0x0e94 RDPENCDD - ok
23:25:07.0451 0x0e94 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:25:07.0451 0x0e94 RDPREFMP - ok
23:25:07.0498 0x0e94 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:25:07.0513 0x0e94 RDPWD - ok
23:25:07.0576 0x0e94 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:25:07.0591 0x0e94 rdyboost - ok
23:25:07.0654 0x0e94 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:25:07.0669 0x0e94 RemoteAccess - ok
23:25:07.0700 0x0e94 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:25:07.0716 0x0e94 RemoteRegistry - ok
23:25:07.0732 0x0e94 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:25:07.0747 0x0e94 RpcEptMapper - ok
23:25:07.0778 0x0e94 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
23:25:07.0794 0x0e94 RpcLocator - ok
23:25:07.0856 0x0e94 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
23:25:07.0888 0x0e94 RpcSs - ok
23:25:07.0950 0x0e94 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:25:07.0950 0x0e94 rspndr - ok
23:25:08.0044 0x0e94 [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
23:25:08.0059 0x0e94 RSUSBSTOR - ok
23:25:08.0122 0x0e94 [ 777FC2C418465404E3D8A290DC247D24, D053ABB41B0F859762E4BE724EF4EB9F39B83215BC1C7C02B3BE8F02B2A4B094 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:25:08.0153 0x0e94 RTL8167 - ok
23:25:08.0168 0x0e94 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
23:25:08.0184 0x0e94 SamSs - ok
23:25:08.0231 0x0e94 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:25:08.0246 0x0e94 sbp2port - ok
23:25:08.0278 0x0e94 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:25:08.0293 0x0e94 SCardSvr - ok
23:25:08.0340 0x0e94 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:25:08.0340 0x0e94 scfilter - ok
23:25:08.0465 0x0e94 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
23:25:08.0543 0x0e94 Schedule - ok
23:25:08.0590 0x0e94 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:25:08.0590 0x0e94 SCPolicySvc - ok
23:25:08.0636 0x0e94 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
23:25:08.0668 0x0e94 sdbus - ok
23:25:08.0714 0x0e94 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:25:08.0730 0x0e94 SDRSVC - ok
23:25:08.0777 0x0e94 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:25:08.0792 0x0e94 secdrv - ok
23:25:08.0824 0x0e94 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
23:25:08.0839 0x0e94 seclogon - ok
23:25:08.0870 0x0e94 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
23:25:08.0870 0x0e94 SENS - ok
23:25:08.0902 0x0e94 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:25:08.0917 0x0e94 SensrSvc - ok
23:25:08.0933 0x0e94 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:25:08.0948 0x0e94 Serenum - ok
23:25:08.0980 0x0e94 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:25:08.0980 0x0e94 Serial - ok
23:25:09.0011 0x0e94 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:25:09.0011 0x0e94 sermouse - ok
23:25:09.0089 0x0e94 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
23:25:09.0104 0x0e94 SessionEnv - ok
23:25:09.0120 0x0e94 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:25:09.0120 0x0e94 sffdisk - ok
23:25:09.0151 0x0e94 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:25:09.0151 0x0e94 sffp_mmc - ok
23:25:09.0167 0x0e94 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:25:09.0182 0x0e94 sffp_sd - ok
23:25:09.0198 0x0e94 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:25:09.0198 0x0e94 sfloppy - ok
23:25:09.0276 0x0e94 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:25:09.0292 0x0e94 SharedAccess - ok
23:25:09.0338 0x0e94 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:25:09.0370 0x0e94 ShellHWDetection - ok
23:25:09.0401 0x0e94 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:25:09.0401 0x0e94 SiSRaid2 - ok
23:25:09.0448 0x0e94 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:25:09.0448 0x0e94 SiSRaid4 - ok
23:25:09.0479 0x0e94 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:25:09.0494 0x0e94 Smb - ok
23:25:09.0541 0x0e94 [ D48F87803F3965EE04D9BCB318791AAB, 7FC5C23D571B4A3EBBCF7BEBED9DA67FB43E5B0C7D20A3EBF37DF64BC64782A8 ] SMR311 C:\Windows\system32\drivers\SMR311.SYS
23:25:09.0541 0x0e94 SMR311 - ok
23:25:09.0604 0x0e94 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:25:09.0604 0x0e94 SNMPTRAP - ok
23:25:09.0635 0x0e94 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
23:25:09.0635 0x0e94 spldr - ok
23:25:09.0697 0x0e94 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
23:25:09.0744 0x0e94 Spooler - ok
23:25:10.0087 0x0e94 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
23:25:10.0352 0x0e94 sppsvc - ok
23:25:10.0446 0x0e94 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:25:10.0462 0x0e94 sppuinotify - ok
23:25:10.0586 0x0e94 [ 06B9A7BA94356EC5207C5DDB59540378, 246D70611185F8F5D769A0C3B2B821303328C4F8BFFFB220115B14B6B22CFABF ] SRTSP C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS
23:25:10.0633 0x0e94 SRTSP - ok
23:25:10.0649 0x0e94 [ FBB8945A61E55A2345D12487C74A9D76, A99CA299EE6572DC9B4B7958D16A06BA6D98134A839BD423B65405D31443E268 ] SRTSPX C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS
23:25:10.0664 0x0e94 SRTSPX - ok
23:25:10.0727 0x0e94 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:25:10.0758 0x0e94 srv - ok
23:25:10.0820 0x0e94 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:25:10.0852 0x0e94 srv2 - ok
23:25:10.0914 0x0e94 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
23:25:10.0930 0x0e94 SrvHsfHDA - ok
23:25:11.0070 0x0e94 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
23:25:11.0164 0x0e94 SrvHsfV92 - ok
23:25:11.0226 0x0e94 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
23:25:11.0257 0x0e94 SrvHsfWinac - ok
23:25:11.0288 0x0e94 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:25:11.0304 0x0e94 srvnet - ok
23:25:11.0351 0x0e94 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:25:11.0351 0x0e94 SSDPSRV - ok
23:25:11.0382 0x0e94 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:25:11.0382 0x0e94 SstpSvc - ok
23:25:11.0476 0x0e94 [ 7F30633A5AEC81140DBC6DAAAEBD0CBE, BAFF5C5A740A33184545608E590FFC11BFE55D31F080304E05F163FA4AB91AA7 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe
23:25:11.0491 0x0e94 STacSV - ok
23:25:11.0522 0x0e94 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:25:11.0522 0x0e94 stexstor - ok
23:25:11.0585 0x0e94 [ F991751C2477257BBCEDB364A0F449B4, 91DF33BC167A453635375FDD13EC45E76E82ACC1C5AF23978CA2E92156DFA28F ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
23:25:11.0616 0x0e94 STHDA - ok
23:25:11.0678 0x0e94 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
23:25:11.0678 0x0e94 StillCam - ok
23:25:11.0756 0x0e94 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
23:25:11.0803 0x0e94 stisvc - ok
23:25:11.0834 0x0e94 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
23:25:11.0850 0x0e94 swenum - ok
23:25:11.0912 0x0e94 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
23:25:11.0944 0x0e94 swprv - ok
23:25:12.0022 0x0e94 [ 8B2430762099598DA40686F754632EFD, BEF443EB8CDB8792E8B9CF861E8D2205DEA336BC24A92417D67DD5A28DD35BE9 ] SymDS C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS
23:25:12.0053 0x0e94 SymDS - ok
23:25:12.0162 0x0e94 [ F90C7A190399165D3AB2245048D34786, B356C624F5AC41D8AD1AC843CB29F99EECE00600CECF60E794F672DF2CB97616 ] SymEFA C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS
23:25:12.0240 0x0e94 SymEFA - ok
23:25:12.0302 0x0e94 [ 894579207E39C465737E850A252CE4F2, 9441C99E4853183E53E201FE7D3271ECFAEFD124DF77802B3DCA3728F09293DA ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
23:25:12.0318 0x0e94 SymEvent - ok
23:25:12.0349 0x0e94 [ 5013A76CAAA1D7CF1C55214B490B4E35, B7AC28C29C4152977A6313FB47984643EC395BCDD9B417853D4E31D7AD98598B ] SymIRON C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS
23:25:12.0365 0x0e94 SymIRON - ok
23:25:12.0427 0x0e94 [ 3911BD0E68C010E5438A87706ABBE9AB, C79D2444830E4AE8A36D8686635463BF34B22913AA417A48AB0AC0A48F7D227B ] SymNetS C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS
23:25:12.0458 0x0e94 SymNetS - ok
23:25:12.0521 0x0e94 [ 3A706A967295E16511E40842B1A2761D, 593C53373AB6026DA80168CA8F636A67F831D4A07F6B8B601E17C486A22CA25C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:25:12.0536 0x0e94 SynTP - ok
23:25:12.0708 0x0e94 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
23:25:12.0833 0x0e94 SysMain - ok
23:25:12.0880 0x0e94 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

dakiteha · Feb 23, 2014

23:25:12.0895 0x0e94 TabletInputService - ok
23:25:12.0926 0x0e94 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
23:25:12.0958 0x0e94 TapiSrv - ok
23:25:12.0989 0x0e94 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
23:25:13.0004 0x0e94 TBS - ok
23:25:13.0207 0x0e94 [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E8865C88E44CDF3E17 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:25:13.0332 0x0e94 Tcpip - ok
23:25:13.0504 0x0e94 [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E8865C88E44CDF3E17 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:25:13.0628 0x0e94 TCPIP6 - ok
23:25:13.0675 0x0e94 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:25:13.0675 0x0e94 tcpipreg - ok
23:25:13.0722 0x0e94 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:25:13.0722 0x0e94 TDPIPE - ok
23:25:13.0753 0x0e94 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:25:13.0753 0x0e94 TDTCP - ok
23:25:13.0800 0x0e94 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:25:13.0816 0x0e94 tdx - ok
23:25:13.0847 0x0e94 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
23:25:13.0862 0x0e94 TermDD - ok
23:25:13.0925 0x0e94 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
23:25:13.0972 0x0e94 TermService - ok
23:25:14.0003 0x0e94 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
23:25:14.0003 0x0e94 Themes - ok
23:25:14.0034 0x0e94 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
23:25:14.0050 0x0e94 THREADORDER - ok
23:25:14.0065 0x0e94 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
23:25:14.0081 0x0e94 TrkWks - ok
23:25:14.0159 0x0e94 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:25:14.0174 0x0e94 TrustedInstaller - ok
23:25:14.0252 0x0e94 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:25:14.0252 0x0e94 tssecsrv - ok
23:25:14.0315 0x0e94 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:25:14.0315 0x0e94 TsUsbFlt - ok
23:25:14.0362 0x0e94 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:25:14.0377 0x0e94 tunnel - ok
23:25:14.0408 0x0e94 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:25:14.0424 0x0e94 uagp35 - ok
23:25:14.0471 0x0e94 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:25:14.0502 0x0e94 udfs - ok
23:25:14.0549 0x0e94 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:25:14.0564 0x0e94 UI0Detect - ok
23:25:14.0596 0x0e94 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:25:14.0596 0x0e94 uliagpkx - ok
23:25:14.0642 0x0e94 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
23:25:14.0642 0x0e94 umbus - ok
23:25:14.0658 0x0e94 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:25:14.0674 0x0e94 UmPass - ok
23:25:14.0736 0x0e94 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
23:25:14.0767 0x0e94 upnphost - ok
23:25:14.0783 0x0e94 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:25:14.0798 0x0e94 usbccgp - ok
23:25:14.0845 0x0e94 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:25:14.0861 0x0e94 usbcir - ok
23:25:14.0876 0x0e94 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:25:14.0892 0x0e94 usbehci - ok
23:25:14.0970 0x0e94 [ 2C780746DC44A28FE67004DC58173F05, 9E0596CE35C7430A31A7E77B4D12A1F521B9ED8EB0614E6FB38403AC614C3EE3 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
23:25:14.0970 0x0e94 usbfilter - ok
23:25:15.0032 0x0e94 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:25:15.0048 0x0e94 usbhub - ok
23:25:15.0079 0x0e94 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:25:15.0079 0x0e94 usbohci - ok
23:25:15.0110 0x0e94 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:25:15.0110 0x0e94 usbprint - ok
23:25:15.0157 0x0e94 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:25:15.0157 0x0e94 USBSTOR - ok
23:25:15.0188 0x0e94 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:25:15.0188 0x0e94 usbuhci - ok
23:25:15.0235 0x0e94 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:25:15.0251 0x0e94 usbvideo - ok
23:25:15.0282 0x0e94 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
23:25:15.0282 0x0e94 UxSms - ok
23:25:15.0313 0x0e94 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
23:25:15.0313 0x0e94 VaultSvc - ok
23:25:15.0563 0x0e94 [ 8159F83408230045F731C6C7799A7D44, 0800E3E467FF1F9337BBEB6B4ECB1567EFBE31FE0C2A08E1849F26A7A063724D ] vcsFPService C:\Windows\system32\vcsFPService.exe
23:25:15.0703 0x0e94 vcsFPService - ok
23:25:15.0750 0x0e94 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:25:15.0750 0x0e94 vdrvroot - ok
23:25:15.0828 0x0e94 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
23:25:15.0875 0x0e94 vds - ok
23:25:15.0906 0x0e94 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:25:15.0906 0x0e94 vga - ok
23:25:15.0937 0x0e94 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:25:15.0937 0x0e94 VgaSave - ok
23:25:15.0984 0x0e94 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:25:16.0000 0x0e94 vhdmp - ok
23:25:16.0031 0x0e94 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
23:25:16.0046 0x0e94 viaide - ok
23:25:16.0078 0x0e94 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:25:16.0078 0x0e94 volmgr - ok
23:25:16.0156 0x0e94 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:25:16.0171 0x0e94 volmgrx - ok
23:25:16.0234 0x0e94 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:25:16.0249 0x0e94 volsnap - ok
23:25:16.0312 0x0e94 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:25:16.0327 0x0e94 vsmraid - ok
23:25:16.0499 0x0e94 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
23:25:16.0608 0x0e94 VSS - ok
23:25:16.0655 0x0e94 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:25:16.0655 0x0e94 vwifibus - ok
23:25:16.0702 0x0e94 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:25:16.0717 0x0e94 vwififlt - ok
23:25:16.0764 0x0e94 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:25:16.0764 0x0e94 vwifimp - ok
23:25:16.0811 0x0e94 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
23:25:16.0842 0x0e94 W32Time - ok
23:25:16.0904 0x0e94 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:25:16.0904 0x0e94 WacomPen - ok
23:25:16.0967 0x0e94 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:25:16.0967 0x0e94 WANARP - ok
23:25:16.0982 0x0e94 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:25:16.0982 0x0e94 Wanarpv6 - ok
23:25:17.0138 0x0e94 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:25:17.0216 0x0e94 WatAdminSvc - ok
23:25:17.0357 0x0e94 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
23:25:17.0466 0x0e94 wbengine - ok
23:25:17.0513 0x0e94 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:25:17.0528 0x0e94 WbioSrvc - ok
23:25:17.0591 0x0e94 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:25:17.0622 0x0e94 wcncsvc - ok
23:25:17.0653 0x0e94 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:25:17.0669 0x0e94 WcsPlugInService - ok
23:25:17.0716 0x0e94 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:25:17.0716 0x0e94 Wd - ok
23:25:17.0809 0x0e94 [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:25:17.0856 0x0e94 Wdf01000 - ok
23:25:17.0887 0x0e94 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:25:17.0903 0x0e94 WdiServiceHost - ok
23:25:17.0918 0x0e94 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:25:17.0934 0x0e94 WdiSystemHost - ok
23:25:17.0981 0x0e94 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
23:25:17.0996 0x0e94 WebClient - ok
23:25:18.0028 0x0e94 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:25:18.0059 0x0e94 Wecsvc - ok
23:25:18.0074 0x0e94 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:25:18.0090 0x0e94 wercplsupport - ok
23:25:18.0137 0x0e94 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
23:25:18.0137 0x0e94 WerSvc - ok
23:25:18.0168 0x0e94 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:25:18.0168 0x0e94 WfpLwf - ok
23:25:18.0184 0x0e94 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:25:18.0184 0x0e94 WIMMount - ok
23:25:18.0230 0x0e94 WinDefend - ok
23:25:18.0246 0x0e94 WinHttpAutoProxySvc - ok
23:25:18.0324 0x0e94 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:25:18.0340 0x0e94 Winmgmt - ok
23:25:18.0558 0x0e94 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
23:25:18.0698 0x0e94 WinRM - ok
23:25:18.0776 0x0e94 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
23:25:18.0792 0x0e94 WinUSB - ok
23:25:18.0886 0x0e94 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:25:18.0948 0x0e94 Wlansvc - ok
23:25:19.0026 0x0e94 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:25:19.0026 0x0e94 wlcrasvc - ok
23:25:19.0291 0x0e94 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:25:19.0447 0x0e94 wlidsvc - ok
23:25:19.0478 0x0e94 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:25:19.0478 0x0e94 WmiAcpi - ok
23:25:19.0525 0x0e94 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:25:19.0541 0x0e94 wmiApSrv - ok
23:25:19.0588 0x0e94 WMPNetworkSvc - ok
23:25:19.0619 0x0e94 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:25:19.0619 0x0e94 WPCSvc - ok
23:25:19.0681 0x0e94 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:25:19.0697 0x0e94 WPDBusEnum - ok
23:25:19.0712 0x0e94 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:25:19.0712 0x0e94 ws2ifsl - ok
23:25:19.0759 0x0e94 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
23:25:19.0775 0x0e94 wscsvc - ok
23:25:19.0775 0x0e94 WSearch - ok
23:25:20.0040 0x0e94 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
23:25:20.0212 0x0e94 wuauserv - ok
23:25:20.0305 0x0e94 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:25:20.0305 0x0e94 WudfPf - ok
23:25:20.0368 0x0e94 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:25:20.0383 0x0e94 WUDFRd - ok
23:25:20.0414 0x0e94 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:25:20.0430 0x0e94 wudfsvc - ok
23:25:20.0477 0x0e94 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
23:25:20.0492 0x0e94 WwanSvc - ok
23:25:20.0617 0x0e94 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
23:25:20.0664 0x0e94 yukonw7 - ok
23:25:20.0742 0x0e94 [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
23:25:20.0758 0x0e94 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
23:25:20.0773 0x0e94 ================ Scan global ===============================
23:25:20.0789 0x0e94 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
23:25:20.0851 0x0e94 [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\Windows\system32\winsrv.dll
23:25:20.0882 0x0e94 [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\Windows\system32\winsrv.dll
23:25:20.0929 0x0e94 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:25:20.0992 0x0e94 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
23:25:21.0023 0x0e94 [ Global ] - ok
23:25:21.0023 0x0e94 ================ Scan MBR ==================================
23:25:21.0038 0x0e94 [ 9D47346C41296565D44EFB723608B19F ] \Device\Harddisk0\DR0
23:25:21.0366 0x0e94 \Device\Harddisk0\DR0 - ok
23:25:21.0366 0x0e94 ================ Scan VBR ==================================
23:25:21.0382 0x0e94 [ 1C28E6ED9FA52BDB6F83F2D4C37AE11C ] \Device\Harddisk0\DR0\Partition1
23:25:21.0382 0x0e94 \Device\Harddisk0\DR0\Partition1 - ok
23:25:21.0397 0x0e94 [ 4EC94A131ACCA191D376D6BF862422F1 ] \Device\Harddisk0\DR0\Partition2
23:25:21.0397 0x0e94 \Device\Harddisk0\DR0\Partition2 - ok
23:25:21.0397 0x0e94 [ 41742451FB4D7EE874EB4E734DC611F2 ] \Device\Harddisk0\DR0\Partition3
23:25:21.0413 0x0e94 \Device\Harddisk0\DR0\Partition3 - ok
23:25:21.0428 0x0e94 [ 4443656571552D056D217B8A58A7F533 ] \Device\Harddisk0\DR0\Partition4
23:25:21.0428 0x0e94 \Device\Harddisk0\DR0\Partition4 - ok
23:25:21.0428 0x0e94 Waiting for KSN requests completion. In queue: 100
23:25:22.0442 0x0e94 Waiting for KSN requests completion. In queue: 100
23:25:23.0456 0x0e94 Waiting for KSN requests completion. In queue: 100
23:25:24.0595 0x0e94 AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\WSCStub.exe ( 19.7.0.0 ), 0x50010 ( disabled : outofdate )
23:25:24.0611 0x0e94 FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\WSCStub.exe ( 19.7.0.0 ), 0x50010 ( disabled )
23:25:24.0626 0x0e94 Win FW state via NFP2: enabled
23:25:27.0185 0x0e94 ============================================================
23:25:27.0185 0x0e94 Scan finished
23:25:27.0185 0x0e94 ============================================================
23:25:27.0200 0x00f8 Detected object count: 0
23:25:27.0200 0x00f8 Actual detected object count: 0

Broni · Feb 23, 2014

That looks good.

This will be my last post for tonight.
Don't do anything by yourself. Just follow my instructions.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

dakiteha · Feb 23, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2014 01
Ran by Kimberly at 2014-02-22 23:47:18
Running from C:\Users\Kimberly\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Reader 9.3.3 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A93000000001}) (Version: 9.3.3 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD USB Filter Driver (x32 Version: 1.0.15.94 - Advanced Micro Devices, Inc.) Hidden
AnalogX AutoTune (HKLM-x32\...\AnalogX AutoTune) (Version: - AnalogX)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{11A4D79B-672C-7FFF-B5F7-B4409B1194EF}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Aveyond: The Darkthrop Prophecy (x32 Version: 2.2.0.97 - WildTangent) Hidden
Babysitting Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.82 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0416.541.8279 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0416.541.8279 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help English (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help French (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help German (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0416.0540.8279 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0416.541.8279 - ATI) Hidden
ccc-utility64 (Version: 2010.0416.541.8279 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contents (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Cooking Dash - DinerTown Studios (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cooking Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cooking Dash 3: Thrills and Spills (x32 Version: 2.2.0.95 - WildTangent) Hidden
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.116 - Corel Corporation)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.286 - Corel Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2527 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.2527 - CyberLink Corp.) Hidden
DeviceIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Diner Dash - Flo on the Go (x32 Version: 2.2.0.95 - WildTangent) Hidden
Diner Dash - Flo Through Time (x32 Version: 2.2.0.95 - WildTangent) Hidden
Diner Dash - Seasonal Snack Pack (x32 Version: 2.2.0.95 - WildTangent) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
Diner Dash 2: Restaurant Rescue™ (HKLM-x32\...\Diner Dash 2: Restaurant Rescue™) (Version: 32.0.0.0 - Shockwave.com)
Diner Dash 5 - Boom! The Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Diner Dash Hometown Hero (x32 Version: 2.2.0.98 - WildTangent) Hidden
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ATTENTION
Dora's Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fashionista (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Talk Plugin (HKLM-x32\...\{41101F0C-DBD9-321C-A6B1-E0689B495A4E}) (Version: 5.1.4.17398 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GoToMeeting 4.5.0.457 (HKCU\...\GoToMeeting) (Version: - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotel Dash - Suite Success (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.0.3822 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.0.3822 - Hewlett-Packard) Hidden
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.2.2513 - Hewlett-Packard)
HP MediaSmart Internet TV (x32 Version: 3.2.2513 - Hewlett-Packard) Hidden
HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.0.3903 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.0.3903 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.0.3911 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.0.3911 - Hewlett-Packard) Hidden
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.2511 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 4.0.2511 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2261 - HP Photo Creations Powered by RocketLife)
HP Power Plan Utility (HKLM-x32\...\{F6B6A150-08FA-46D5-808A-EB638269551D}) (Version: 1.0.6 - Hewlett-Packard)
HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP QuickWeb Installer (HKLM-x32\...\{394FA67A-FF0A-4356-BB77-D85E5A300BDE}) (Version: 1.2.12.0 - DeviceVM Inc.)
HP Setup (HKLM-x32\...\{E2831862-F131-4327-B9CC-FA30F587EB6C}) (Version: 1.2.3988.3281 - Hewlett-Packard)
HP SimplePass Identity Protection (HKLM\...\{F20DF0CA-5929-4C26-A501-FDB19FDF0A50}) (Version: 5.00.140 - DigitalPersona, Inc.)
HP Software Framework (HKLM-x32\...\{B7F60A16-7A7B-41FB-9AE3-DE9E324FBA06}) (Version: 4.0.112.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Tone Control (HKLM\...\{9207D4A1-586E-49CA-A002-FC9F475AB1A3}) (Version: 2.0.2 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0188 (HKLM-x32\...\{7D2B5801-18A1-428D-A601-EE0D30CCF060}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{E6BC696E-5E96-4C1B-9371-379AF3A46B6B}) (Version: 4.0.4.2 - Hewlett-Packard)
ICA (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
ICA (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
Inbox Toolbar (HKLM-x32\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 1.0.0 - Inbox.com, Inc.)
IPM_PSP_Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2515 - CyberLink Corp.) Hidden
LEGO MINDSTORMS Education EV3 (x32 Version: 1.0.345 - The LEGO Group) Hidden
LEGO MINDSTORMS Education EV3 Content (x32 Version: 1.0.246 - The LEGO Group) Hidden
LEGO MINDSTORMS Education EV3 English Support (x32 Version: 1.0.443 - The LEGO Group) Hidden
LEGO MINDSTORMS EV3 (HKLM-x32\...\LEGO_SW.{5B0CB826-E499-4E6B-94F0-75B6327ED934}) (Version: 1.0.0 - The LEGO Group)
LEGO MINDSTORMS EV3 Uninstaller (x32 Version: 1.0.11 - The LEGO Group) Hidden
LEGO MINDSTORMS NXT x64 Driver (HKLM\...\{A0831C28-A6FA-49A3-86AE-B5AE3C9EE19C}) (Version: 1.20.115.0 - LEGO)
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft Silverlight 5.1 (x32 Version: 5.1.4001 - National Instruments) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
My Web Search (MyWebFace) (HKLM-x32\...\MyWebSearch bar Uninstall) (Version: - My Web Search) <==== ATTENTION
Mystery P.I. - The New York Fortune (x32 Version: 2.2.0.82 - WildTangent) Hidden
Nanny Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
NetAssistant (x32 Version: 3.6.5 - Freeze.com) Hidden
NetAssistant for Firefox (HKCU\...\NetAssistant) (Version: 3.6.5 - Freeze.com)
NI .NET Framework 4 (x32 Version: 4.00.49152 - National Instruments) Hidden
NI EulaDepot (x32 Version: 3.20.357 - National Instruments) Hidden
NI MDF Support (x32 Version: 3.20.357 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (64-bit) (Version: 1.0.29.0 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (x32 Version: 1.0.29.0 - National Instruments) Hidden
NI Uninstaller (x32 Version: 3.20.357 - National Instruments) Hidden
NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden
NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.7.1.5 - Symantec Corporation)
Optimizer Pro v3.0 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3715 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3715 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2514 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2514 - CyberLink Corp.) Hidden
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
PureHD (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
QuickBooks (x32 Version: 19.0.4012.705 - Intuit Inc.) Hidden
QuickBooks Pro 2009 (HKLM-x32\...\{9A2F0810-3622-4E86-9072-973FBE1679C5}) (Version: 19.0.4012.705 - Intuit Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2512 - CyberLink Corp.) Hidden
Roxio CinemaNow 2.0 (x32 Version: 1.0.262 - Hewlett-Packard) Hidden
SBLite (HKLM-x32\...\SBLite) (Version: 1.0 - )
Setup (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Setup (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
Share (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Share64 (Version: 1.6.0.286 - Corel Corporation) Hidden
Skype Toolbars (HKLM-x32\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4137 - Skype Technologies S.A.)
Skype™ 5.1 (HKLM-x32\...\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}) (Version: 5.1.112 - Skype Technologies S.A.)
Soap Opera Dash (x32 Version: 2.2.0.97 - WildTangent) Hidden
Summer Resort Mogul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Supermarket Mania 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.17.4 - Synaptics Incorporated)
TextTwist 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Ubuntu (HKLM-x32\...\Wubi) (Version: 12.10-rev273 - Ubuntu)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VAFPlayer (HKLM-x32\...\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}) (Version: 1.6.8 - Tuguu SL)
Validity Sensors DDK (HKLM\...\{EE5017A6-7525-4EE9-99DA-2EF1F6C16B1B}) (Version: 4.1.129.0 - Validity Sensors, Inc.)
VIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
VSClassic (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
VSPro (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.10.16 - WildTangent) Hidden
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.1 - Xvid Team)
Yontoo Layers Client 1.10.01 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.01 - Yontoo Technology, Inc.) <==== ATTENTION
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Restore Points =========================

06-01-2014 01:55:55 HPSF Restore Point
18-01-2014 01:56:42 Installed Java 7 Update 51
01-02-2014 03:22:06 Scheduled Checkpoint
06-02-2014 01:19:46 Installed HP Support Assistant
06-02-2014 01:24:21 Windows Modules Installer
06-02-2014 01:25:24 Windows Modules Installer
22-02-2014 23:34:23 Quitado VAFPlayer
22-02-2014 23:35:35 Quitado VAFPlayer
23-02-2014 03:40:03 before malwarebytes rootkit
23-02-2014 04:08:12 Malwarebytes Anti-Rootkit Restore Point
23-02-2014 04:12:56 Windows Update

==================== Hosts content: ==========================

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {02EB3CDF-A753-467B-BDF5-FD2058F2E300} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-01-28] (Microsoft)
Task: {07775B1F-6F11-4F49-9561-8F5A07DDE1E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {0D72B943-02BE-4D8F-9B03-EC47EAA89213} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067438776-955256638-4198274019-1001Core => C:\Users\Kimberly\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-30] (Google Inc.)
Task: {0F96C0FC-D1D0-4DC3-94ED-4C42D04F7661} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\WSCStub.exe [2012-05-12] (Symantec Corporation)
Task: {2B26E624-D41F-47EE-835D-C3394AA2DC4B} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\SymErr.exe [2012-02-03] (Symantec Corporation)
Task: {2C21ABCE-9FA1-4E37-A70C-6CA7632DF5D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN365D3HXN05KD => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {4A50B4CF-9D17-4AAF-8A38-85FABF2E0846} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067438776-955256638-4198274019-1001UA => C:\Users\Kimberly\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-30] (Google Inc.)
Task: {6354E8A5-942A-4B87-82C1-5AA49A817241} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {6672DD6E-161C-4094-8E3B-89F42E6B14FC} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe
Task: {78D2B75D-9B2F-4AB5-8A83-7DC22FA5AC1E} - \win4036e0 No Task File
Task: {83916B00-24EA-4722-AF8C-E714486DE4AE} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {99D8EE4E-B12C-4037-948B-A7B36684C6DA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {A9D8BDE5-4C9A-48BC-8244-475D052A6C44} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-22] (Adobe Systems Incorporated)
Task: {AB6AB4A9-256A-41F8-9290-1611C24C78A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20] (Google Inc.)
Task: {C307D471-57D2-4699-8D27-BAC17DE6DB22} - System32\Tasks\{6FCF4E30-DE0F-43B4-8D29-0292090FE3C4} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2011-01-26] (Skype Technologies S.A.)
Task: {C3ECEFF1-1BBC-4243-B70C-9088464965BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C7852062-6A7E-4388-85D3-CD58772946E8} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-26] ()
Task: {CD7B26BB-5AA0-49E9-9058-89918154DF10} - System32\Tasks\HPCeeScheduleForKimberly => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {D26D3A36-E302-4CFC-A23C-49657737DC25} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20] (Google Inc.)
Task: {D3B15BA3-E331-4F39-96B3-198B2AFC52D3} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {D91EEE5E-C5F6-417F-BD42-C2938C975A23} - \3900417440 No Task File
Task: {E491BA77-89B5-492E-AD0C-42D344801C5B} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-26] ()
Task: {F6776817-9D55-491B-887B-9AD66E8285F2} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\SymErr.exe [2012-02-03] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067438776-955256638-4198274019-1001Core.job => C:\Users\Kimberly\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067438776-955256638-4198274019-1001UA.job => C:\Users\Kimberly\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKimberly.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2010-01-18 16:04 - 2010-01-18 16:04 - 00020480 _____ () C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2010-01-20 17:20 - 2010-01-20 17:20 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2010-03-09 15:34 - 2010-03-09 15:34 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-01 02:38 - 2010-06-01 02:38 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-01-27 15:01 - 2010-01-27 15:01 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-01-27 15:01 - 2010-01-27 15:01 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-01-27 15:01 - 2010-01-27 15:01 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-01-22 11:29 - 2010-01-22 11:29 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-01-22 11:30 - 2010-01-22 11:30 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-01-22 11:29 - 2010-01-22 11:29 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2010-08-09 21:37 - 2010-08-09 21:37 - 00034816 _____ () C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2014-02-22 15:18 - 2014-02-22 15:18 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:22912C1D
AlternateDataStreams: C:\ProgramData\Temp:6BD304B9
AlternateDataStreams: C:\ProgramData\Temp

1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:E30E6B9F
AlternateDataStreams: C:\ProgramData\Temp:E5DE9C8F

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/22/2014 09:21:53 PM) (Source: Application Error) (User: )
Description: Faulting application name: RogueKiller.exe, version: 8.8.8.0, time stamp: 0x5304779b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xfffffb0e
Faulting process id: 0xf18
Faulting application start time: 0xRogueKiller.exe0
Faulting application path: RogueKiller.exe1
Faulting module path: RogueKiller.exe2
Report Id: RogueKiller.exe3

Error: (02/22/2014 09:16:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: RogueKiller.exe, version: 8.8.8.0, time stamp: 0x5304779b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xfffffb0e
Faulting process id: 0x604
Faulting application start time: 0xRogueKiller.exe0
Faulting application path: RogueKiller.exe1
Faulting module path: RogueKiller.exe2
Report Id: RogueKiller.exe3

Error: (02/22/2014 09:12:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: RogueKiller.exe, version: 8.8.8.0, time stamp: 0x5304779b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xfffffb0e
Faulting process id: 0x1df8
Faulting application start time: 0xRogueKiller.exe0
Faulting application path: RogueKiller.exe1
Faulting module path: RogueKiller.exe2
Report Id: RogueKiller.exe3

Error: (02/22/2014 09:04:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: RogueKiller.exe, version: 8.8.8.0, time stamp: 0x5304779b
Faulting module name: RogueKiller.exe, version: 8.8.8.0, time stamp: 0x5304779b
Exception code: 0xc0000409
Fault offset: 0x000d2821
Faulting process id: 0x15bc
Faulting application start time: 0xRogueKiller.exe0
Faulting application path: RogueKiller.exe1
Faulting module path: RogueKiller.exe2
Report Id: RogueKiller.exe3

Error: (02/22/2014 05:36:02 PM) (Source: MsiInstaller) (User: HP-Laptop)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files (x86)\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. The system cannot find the file specified..(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/22/2014 05:35:24 PM) (Source: MsiInstaller) (User: HP-Laptop)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files (x86)\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. The system cannot find the file specified..(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/22/2014 02:27:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: cmd.exe, version: 6.1.7601.17514, time stamp: 0x4ce798e5
Faulting module name: RPCRT4.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c96e
Exception code: 0xc0000005
Fault offset: 0x0000000000048fc5
Faulting process id: 0x11f8
Faulting application start time: 0xcmd.exe0
Faulting application path: cmd.exe1
Faulting module path: cmd.exe2
Report Id: cmd.exe3

Error: (02/22/2014 02:18:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000420
Fault offset: 0x00013ce2
Faulting process id: 0x1f6c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (02/22/2014 02:14:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000420
Fault offset: 0x00013ce2
Faulting process id: 0x13b4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (02/07/2014 09:42:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000420
Fault offset: 0x00013ce2
Faulting process id: 0xe8c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

System errors:
=============
Error: (02/22/2014 10:09:25 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error:
%%1290

Error: (02/22/2014 10:09:25 PM) (Source: Service Control Manager) (User: )
Description: The Base Filtering Engine service failed to start due to the following error:
%%1290

Error: (02/22/2014 10:09:12 PM) (Source: Service Control Manager) (User: )
Description: The Security Center service failed to start due to the following error:
%%1314

Error: (02/22/2014 10:09:09 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error:
%%1290

Error: (02/22/2014 10:09:09 PM) (Source: Service Control Manager) (User: )
Description: The Base Filtering Engine service failed to start due to the following error:
%%1290

Error: (02/22/2014 10:09:06 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error:
%%1290

Error: (02/22/2014 10:09:06 PM) (Source: Service Control Manager) (User: )
Description: The Base Filtering Engine service failed to start due to the following error:
%%1290

Error: (02/22/2014 10:09:05 PM) (Source: Service Control Manager) (User: )
Description: The Base Filtering Engine service failed to start due to the following error:
%%1290

Error: (02/22/2014 05:30:51 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (02/22/2014 05:30:47 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 59%
Total physical RAM: 3834.9 MB
Available physical RAM: 1558.91 MB
Total Pagefile: 7668 MB
Available Pagefile: 5050.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:443.54 GB) (Free:359.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:21.92 GB) (Free:3.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: F1977E89)

Partition: GPT Partition Type.

==================== End Of Log ============================

dakiteha · Feb 23, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2014 01
Ran by Kimberly (administrator) on HP-LAPTOP on 22-02-2014 23:45:54
Running from C:\Users\Kimberly\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Advanced Micro Devices, Inc.) C:\Windows\system32\atibtmon.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
(DeviceVM, Inc.) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(MyWebSearch.com) C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard ) C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(MyWebSearch.com) C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE
(Akamai Technologies, Inc.) C:\Users\Kimberly\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Akamai Technologies, Inc.) C:\Users\Kimberly\AppData\Local\Akamai\netsession_win.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [HPToneControl] - C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe [107832 2009-08-19] (Hewlett-Packard )
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [172032 2010-04-25] (Sun Microsystems, Inc.)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-01-27] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-01] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Intuit SyncManager] - C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [1092872 2009-12-22] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [Google Desktop Search] - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
HKLM-x32\...\Run: [MyWebSearch Email Plugin] - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE [32849 2011-04-07] (MyWebSearch.com)
HKLM-x32\...\Run: [InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] - C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe [265608 2013-08-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKLM\...\Winlogon: [Shell] [0 ] () <=== ATTENTION
HKU\.DEFAULT\...0c966feabec1\InprocServer32: [Default-shell32] C:\Windows\system32\config\systemprofile\AppData\Local\{4f73ed5f-4eb3-905f-940d-e562bd6e5517}\n. ATTENTION! ====> ZeroAccess/Alureon?
HKU\.DEFAULT\...409d6c4515e9\InprocServer32: [Default-shell32] C:\Windows\TEMP\sbquicx\sxqrrcs\wow.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-01-22] (Hewlett-Packard Company)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [MyWebSearch Email Plugin] - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE [32849 2011-04-07] (MyWebSearch.com)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [Google Update] - C:\Users\Kimberly\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-30] (Google Inc.)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [GameXN GO] - "C:\ProgramData\GameXN\GameXNGO.exe" /startup
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [Akamai NetSession Interface] - C:\Users\Kimberly\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\MountPoints2: G - G:\LaunchU3.exe -a
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:54525
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
URLSearchHook: HKCU - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ie...D406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {56256A51-B582-467e-B8D4-7786EDA79AE0} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ie...D406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - {BF6FB75C-5999-457A-AB6E-BADE0AF7FAFF} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.a...-4199-9E9D-331246C9A6E8&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.a...-4199-9E9D-331246C9A6E8&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searc...SP_ss&mntrId=727cf46c00000000000078e400d82e8d
SearchScopes: HKCU - {3FB43F15-065F-4C8E-B068-0141C455814C} URL = http://websearch.ask.com/redirect?c...pn_sauid=47026863-8C7D-4DEA-93CF-BDA207F484BF
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=JEl-aoK2K4rPMF8Ub49f2kNxYyA?q={searchTerms}
SearchScopes: HKCU - {7B6CED84-F63F-43EB-9393-A0E69BF10A7D} URL = http://search.conduit.com/ResultsEx...4&ctid=CT3294791&CUI=UN17126568714873958&UM=2
SearchScopes: HKCU - {853592DE-BB3B-46B9-8A81-4A8771AFB8F8} URL = http://search.conduit.com/Results.aspx?ctid=CT3300024&SearchSource=45&UM=2&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ie...D406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=retail&geo=US&ver=19
SearchScopes: HKCU - {BF6FB75C-5999-457A-AB6E-BADE0AF7FAFF} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
BHO: weDownload Manager Pro - {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho64.dll No File
BHO: HP SimplePass Identity Protection Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\dpotspluginie8.dll (DigitalPersona, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: HP SimplePass Identity Protection Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll (DigitalPersona, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SBLite - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\SBLite\SBLite.dll (SBLite)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
DPF: HKLM-x32 {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Nanny%20Mania/Images/stg_drm.ocx
DPF: HKLM-x32 {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Nanny%20Mania/Images/armhelper.ocx
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - No File
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - No File
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll No File
Handler-x32: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1

FireFox:
========
FF ProfilePath: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default
FF user.js: detected! => C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\user.js
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Ask.com
FF SearchEngineOrder.user_pref("browser.search.order.2", "");: user_pref("browser.search.order.2", "");
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://search.conduit.com/?ctid=CT3294791&octid=CT3294791&SearchSource=61&CUI=UN29272984232113624&UM=2&UP=SP038215DA-0746-4199-9E9D-331246C9A6E8&SSPV=
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=706&systemid=406&v=a9396-124&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=7466448302814054&o=APN10645&q=
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 54525
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @mywebsearch.com/Plugin - C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Kimberly\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Kimberly\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Kimberly\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kimberly\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Kimberly\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\mywebsearch.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\vafmusic2-customized-web-search.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\web-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF Extension: weDownload Manager Pro - C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\Extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com [2013-12-15]
FF Extension: SearchDonkey - C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\Extensions\support@searchdonkeyapp.com [2013-12-21]
FF Extension: SBLite - C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\Extensions\{83aace32-eca0-4c3a-b4d6-9ad594496b48} [2013-12-15]
FF Extension: Performance Cache - C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\Extensions\nkwhhakmzf@nkwhhakmzf.org.xpi [2012-03-21]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-02-22]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-22]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-02-22]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [m3ffxtbr@mywebsearch.com] - C:\Program Files (x86)\MyWebSearch\bar\1.bin
FF Extension: No Name - C:\Program Files (x86)\MyWebSearch\bar\1.bin [2011-04-07]
FF HKCU\...\Firefox\Extensions: [{1266764D-FC4F-4FA7-B63B-884D53B1680F}] - C:\Users\Kimberly\AppData\Roaming\NetAssistant\
FF Extension: Freeze.com NetAssistant - C:\Users\Kimberly\AppData\Roaming\NetAssistant\ []

Chrome:
=======
CHR HomePage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-706&v=a10781-124&t=4
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask.com
CHR DefaultSearchURL: http://dts.search.ask.com/sr?src=cr...D406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Zylom Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npzylomgamesplayer.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
CHR Plugin: (Windows LiveÃƒÆ’Ã¢â‚¬Å¡Ãƒâ€šÃ‚Â® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Hulu Desktop) - C:\Users\Kimberly\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Vafmusic2) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko [2013-08-22]
CHR Extension: (Lightning Newtab) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-01-18]
CHR Extension: (weDownload Manager Pro) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb [2013-12-15]
CHR Extension: (SBLite) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlilniamimbmlkmnmjbphgghilbfbcp [2014-01-18]
CHR Extension: (Google Wallet) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-18]
CHR HKCU\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Kimberly\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Kimberly\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [kjlilniamimbmlkmnmjbphgghilbfbcp] - C:\Users\Kimberly\AppData\Roaming\SBLite for Chrome\SBLite.crx [2013-12-05]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\Exts\Chrome.crx [2013-12-05]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Kimberly\AppData\Local\Temp\YontooLayers.crx [2013-12-05]

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 DvmMDES; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-03-05] (DeviceVM, Inc.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 MyWebSearchService; C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE [28762 2011-04-07] (MyWebSearch.com)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe [138232 2012-03-27] (Symantec Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe [244736 2010-02-01] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [1157240 2012-03-02] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [167048 2011-11-29] (Symantec Corporation)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-11] (DeviceVM, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-02-16] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120321.001\IDSvia64.sys [488568 2012-03-05] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120321.008\ENG64.SYS [117880 2012-03-21] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120321.008\EX64.SYS [2048632 2012-03-21] (Symantec Corporation)
R0 SMR311; C:\Windows\System32\drivers\SMR311.SYS [95392 2012-12-06] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS [737912 2012-03-29] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS [37496 2012-03-29] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1307010.005\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1307010.005\SYMEFA64.SYS [1092728 2012-03-29] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [190072 2012-03-29] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS [405624 2012-03-29] (Symantec Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-02-22] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-22 23:45 - 2014-02-22 23:46 - 00031909 _____ () C:\Users\Kimberly\Downloads\FRST.txt
2014-02-22 23:45 - 2014-02-22 23:45 - 00000000 ____D () C:\FRST
2014-02-22 23:44 - 2014-02-22 23:44 - 02154496 _____ (Farbar) C:\Users\Kimberly\Downloads\FRST64.exe
2014-02-22 23:23 - 2014-02-22 23:23 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\Kimberly\Downloads\tdsskiller.exe
2014-02-22 23:05 - 2014-02-22 23:05 - 00003105 _____ () C:\Users\Kimberly\Desktop\RKreport[0]_D_02222014_230550.txt
2014-02-22 23:04 - 2014-02-22 23:04 - 00003185 _____ () C:\Users\Kimberly\Desktop\RKreport[0]_S_02222014_230433.txt
2014-02-22 21:43 - 2014-02-22 22:47 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-22 21:43 - 2014-02-22 22:17 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-22 21:36 - 2014-02-22 22:15 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-22 21:35 - 2014-02-22 22:47 - 00000000 ____D () C:\Users\Kimberly\Desktop\mbar
2014-02-22 21:35 - 2014-02-22 21:35 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Kimberly\Downloads\mbar-1.07.0.1009.exe
2014-02-22 21:00 - 2014-02-22 23:05 - 00000000 ____D () C:\Users\Kimberly\Desktop\RK_Quarantine
2014-02-22 21:00 - 2014-02-22 21:00 - 03817984 _____ () C:\Users\Kimberly\Downloads\RogueKiller.exe
2014-02-22 20:57 - 2014-02-22 20:57 - 00558888 _____ (Fusion Install ) C:\Users\Kimberly\Downloads\Setup.exe
2014-02-22 19:28 - 2014-02-22 19:28 - 00077772 _____ () C:\Users\Kimberly\Desktop\MBAM2.txt
2014-02-22 19:04 - 2014-02-22 19:04 - 00024295 _____ () C:\Users\Kimberly\Desktop\dds.txt
2014-02-22 19:04 - 2014-02-22 19:04 - 00011255 _____ () C:\Users\Kimberly\Desktop\attach.txt
2014-02-22 19:01 - 2014-02-22 19:01 - 00688992 ____R (Swearware) C:\Users\Kimberly\Downloads\dds.com
2014-02-22 18:17 - 2014-02-22 18:17 - 00001503 _____ () C:\Users\Kimberly\Desktop\aswMBR.txt
2014-02-22 17:39 - 2014-02-22 17:39 - 04745728 _____ (AVAST Software) C:\Users\Kimberly\Downloads\aswMBR.exe
2014-02-22 15:18 - 2014-02-22 15:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 14:42 - 2014-02-22 20:42 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-22 14:20 - 2014-02-22 14:20 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\Malwarebytes
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-22 14:20 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-22 14:17 - 2014-02-22 14:17 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kimberly\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-22 14:11 - 2014-02-22 14:11 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-07 21:34 - 2014-02-07 21:36 - 00000000 ____D () C:\Users\Kimberly\AppData\Local\HP
2014-02-07 21:34 - 2014-02-07 21:34 - 00002200 _____ () C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2014-02-07 21:34 - 2014-02-07 21:34 - 00001152 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8600.lnk
2014-02-07 21:34 - 2014-02-07 21:34 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-02-07 21:34 - 2014-02-07 21:34 - 00000000 ____D () C:\ProgramData\HP
2014-02-07 21:34 - 2014-02-07 21:34 - 00000000 ____D () C:\Program Files\HP
2014-02-07 21:34 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5912.dll
2014-02-07 21:33 - 2014-02-07 21:33 - 31455000 _____ () C:\Users\Kimberly\Downloads\OJ8600_Basicx64_1315.exe
2014-02-05 19:26 - 2014-02-05 19:26 - 00002177 _____ () C:\Users\Kimberly\Desktop\HP Support Assistant.lnk
2014-02-05 19:18 - 2014-02-05 19:18 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}

==================== One Month Modified Files and Folders =======

2014-02-22 23:46 - 2014-02-22 23:45 - 00031909 _____ () C:\Users\Kimberly\Downloads\FRST.txt
2014-02-22 23:45 - 2014-02-22 23:45 - 00000000 ____D () C:\FRST
2014-02-22 23:44 - 2014-02-22 23:44 - 02154496 _____ (Farbar) C:\Users\Kimberly\Downloads\FRST64.exe
2014-02-22 23:42 - 2012-04-12 16:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-22 23:39 - 2010-06-01 02:41 - 01369271 _____ () C:\Windows\WindowsUpdate.log
2014-02-22 23:23 - 2014-02-22 23:23 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\Kimberly\Downloads\tdsskiller.exe
2014-02-22 23:16 - 2011-05-14 18:05 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067438776-955256638-4198274019-1001UA.job
2014-02-22 23:13 - 2011-01-20 20:16 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-22 23:05 - 2014-02-22 23:05 - 00003105 _____ () C:\Users\Kimberly\Desktop\RKreport[0]_D_02222014_230550.txt
2014-02-22 23:05 - 2014-02-22 21:00 - 00000000 ____D () C:\Users\Kimberly\Desktop\RK_Quarantine
2014-02-22 23:04 - 2014-02-22 23:04 - 00003185 _____ () C:\Users\Kimberly\Desktop\RKreport[0]_S_02222014_230433.txt
2014-02-22 22:47 - 2014-02-22 21:43 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-22 22:47 - 2014-02-22 21:35 - 00000000 ____D () C:\Users\Kimberly\Desktop\mbar
2014-02-22 22:18 - 2009-07-13 23:13 - 00782336 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-22 22:17 - 2014-02-22 21:43 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-22 22:17 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-22 22:17 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-22 22:15 - 2014-02-22 21:36 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-22 22:11 - 2011-01-20 20:16 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-22 22:10 - 2010-06-01 02:43 - 00549626 _____ () C:\Windows\PFRO.log
2014-02-22 22:10 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-22 22:10 - 2009-07-13 22:51 - 00060206 _____ () C:\Windows\setupact.log
2014-02-22 21:35 - 2014-02-22 21:35 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Kimberly\Downloads\mbar-1.07.0.1009.exe
2014-02-22 21:00 - 2014-02-22 21:00 - 03817984 _____ () C:\Users\Kimberly\Downloads\RogueKiller.exe
2014-02-22 20:57 - 2014-02-22 20:57 - 00558888 _____ (Fusion Install ) C:\Users\Kimberly\Downloads\Setup.exe
2014-02-22 20:42 - 2014-02-22 14:42 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-22 19:28 - 2014-02-22 19:28 - 00077772 _____ () C:\Users\Kimberly\Desktop\MBAM2.txt
2014-02-22 19:04 - 2014-02-22 19:04 - 00024295 _____ () C:\Users\Kimberly\Desktop\dds.txt
2014-02-22 19:04 - 2014-02-22 19:04 - 00011255 _____ () C:\Users\Kimberly\Desktop\attach.txt
2014-02-22 19:01 - 2014-02-22 19:01 - 00688992 ____R (Swearware) C:\Users\Kimberly\Downloads\dds.com
2014-02-22 18:17 - 2014-02-22 18:17 - 00001503 _____ () C:\Users\Kimberly\Desktop\aswMBR.txt
2014-02-22 18:11 - 2014-01-16 18:39 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKimberly
2014-02-22 18:11 - 2014-01-16 18:39 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForKimberly.job
2014-02-22 17:39 - 2014-02-22 17:39 - 04745728 _____ (AVAST Software) C:\Users\Kimberly\Downloads\aswMBR.exe
2014-02-22 17:30 - 2012-05-31 14:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-22 17:29 - 2013-08-22 22:25 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-02-22 17:29 - 2013-08-22 22:24 - 00000000 ____D () C:\Program Files (x86)\DefaultTab
2014-02-22 15:24 - 2014-01-16 18:28 - 00000000 ____D () C:\ProgramData\WPM
2014-02-22 15:24 - 2013-08-22 22:24 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\DefaultTab
2014-02-22 15:24 - 2011-05-21 20:57 - 00000000 ____D () C:\Program Files (x86)\Inbox Toolbar
2014-02-22 15:23 - 2013-08-22 22:37 - 00000000 ____D () C:\Program Files (x86)\Tuguu SL
2014-02-22 15:18 - 2014-02-22 15:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 14:51 - 2011-05-12 21:00 - 00000000 ____D () C:\Program Files (x86)\Yontoo Layers Client
2014-02-22 14:42 - 2012-04-12 16:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-22 14:42 - 2012-04-12 16:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-22 14:37 - 2011-01-20 20:17 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-22 14:27 - 2011-05-14 18:05 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067438776-955256638-4198274019-1001Core.job
2014-02-22 14:24 - 2010-04-25 12:02 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-22 14:22 - 2010-10-23 13:06 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-22 14:21 - 2012-03-10 14:04 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-22 14:20 - 2014-02-22 14:20 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\Malwarebytes
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-22 14:17 - 2014-02-22 14:17 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kimberly\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-22 14:17 - 2010-08-15 11:23 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\Mozilla
2014-02-22 14:14 - 2010-08-08 17:32 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0EE82060-B24D-41BA-80A4-1B5799415D26}
2014-02-22 14:11 - 2014-02-22 14:11 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-22 14:11 - 2011-05-14 18:05 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067438776-955256638-4198274019-1001UA
2014-02-22 14:11 - 2011-05-14 18:05 - 00003500 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067438776-955256638-4198274019-1001Core
2014-02-22 14:11 - 2010-10-24 12:55 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-22 14:08 - 2011-01-20 20:16 - 00003898 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-22 14:08 - 2011-01-20 20:16 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-07 21:36 - 2014-02-07 21:34 - 00000000 ____D () C:\Users\Kimberly\AppData\Local\HP
2014-02-07 21:34 - 2014-02-07 21:34 - 00002200 _____ () C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2014-02-07 21:34 - 2014-02-07 21:34 - 00001152 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8600.lnk
2014-02-07 21:34 - 2014-02-07 21:34 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-02-07 21:34 - 2014-02-07 21:34 - 00000000 ____D () C:\ProgramData\HP
2014-02-07 21:34 - 2014-02-07 21:34 - 00000000 ____D () C:\Program Files\HP
2014-02-07 21:34 - 2010-04-25 14:26 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-02-07 21:33 - 2014-02-07 21:33 - 31455000 _____ () C:\Users\Kimberly\Downloads\OJ8600_Basicx64_1315.exe
2014-02-07 19:52 - 2011-01-26 01:29 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\Template
2014-02-07 19:52 - 2009-07-13 23:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-07 18:23 - 2013-08-22 22:24 - 00000258 __RSH () C:\Users\Kimberly\ntuser.pol
2014-02-07 18:23 - 2010-08-08 17:12 - 00000000 ____D () C:\Users\Kimberly
2014-02-05 19:26 - 2014-02-05 19:26 - 00002177 _____ () C:\Users\Kimberly\Desktop\HP Support Assistant.lnk
2014-02-05 19:26 - 2010-04-25 10:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-05 19:25 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\Help
2014-02-05 19:22 - 2010-04-25 10:39 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-02-05 19:20 - 2010-10-23 15:58 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\hpqLog
2014-02-05 19:18 - 2014-02-05 19:18 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-05 19:10 - 2009-09-06 18:40 - 00000000 ____D () C:\SwSetup
2014-02-04 18:42 - 2012-04-12 16:33 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 18:40 - 2010-08-09 23:34 - 00000000 ____D () C:\Users\Kimberly\AppData\Local\CrashDumps

Some content of TEMP:
====================
C:\Users\Kimberly\AppData\Local\Temp\0.35523540588089986.exe
C:\Users\Kimberly\AppData\Local\Temp\0.7089009233042556.exe
C:\Users\Kimberly\AppData\Local\Temp\1385723452_wedownload_manager_pro.exe
C:\Users\Kimberly\AppData\Local\Temp\7za.exe
C:\Users\Kimberly\AppData\Local\Temp\airB1B8.exe
C:\Users\Kimberly\AppData\Local\Temp\airD2E9.exe
C:\Users\Kimberly\AppData\Local\Temp\airFB60.exe
C:\Users\Kimberly\AppData\Local\Temp\BackupSetup.exe
C:\Users\Kimberly\AppData\Local\Temp\bfguni.exe
C:\Users\Kimberly\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Kimberly\AppData\Local\Temp\contentDATs.exe
C:\Users\Kimberly\AppData\Local\Temp\Delta.exe
C:\Users\Kimberly\AppData\Local\Temp\DeltaTB.exe
C:\Users\Kimberly\AppData\Local\Temp\Extract.exe
C:\Users\Kimberly\AppData\Local\Temp\GoogleChromeInstaller.exe
C:\Users\Kimberly\AppData\Local\Temp\HPQSi.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Kimberly\AppData\Local\Temp\nsisdt.dll
C:\Users\Kimberly\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Kimberly\AppData\Local\Temp\Player_Setup.exe
C:\Users\Kimberly\AppData\Local\Temp\propsys.dll
C:\Users\Kimberly\AppData\Local\Temp\pyl14B8.tmp.exe
C:\Users\Kimberly\AppData\Local\Temp\pyl1C08.tmp.exe
C:\Users\Kimberly\AppData\Local\Temp\pyl2B82.tmp.exe
C:\Users\Kimberly\AppData\Local\Temp\pyl646.tmp.exe
C:\Users\Kimberly\AppData\Local\Temp\pyl79E0.tmp.exe
C:\Users\Kimberly\AppData\Local\Temp\Resource.exe
C:\Users\Kimberly\AppData\Local\Temp\SBLite_2803.exe
C:\Users\Kimberly\AppData\Local\Temp\Setup.exe
C:\Users\Kimberly\AppData\Local\Temp\SP48394.exe
C:\Users\Kimberly\AppData\Local\Temp\SP48755.exe
C:\Users\Kimberly\AppData\Local\Temp\SP49432.exe
C:\Users\Kimberly\AppData\Local\Temp\SP50162.exe
C:\Users\Kimberly\AppData\Local\Temp\SP50365.exe
C:\Users\Kimberly\AppData\Local\Temp\SP50490.exe
C:\Users\Kimberly\AppData\Local\Temp\SP50498.exe
C:\Users\Kimberly\AppData\Local\Temp\SP50595.exe
C:\Users\Kimberly\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Kimberly\AppData\Local\Temp\SP51865.exe
C:\Users\Kimberly\AppData\Local\Temp\SP52264.exe
C:\Users\Kimberly\AppData\Local\Temp\SP52615.exe
C:\Users\Kimberly\AppData\Local\Temp\sp64126.exe
C:\Users\Kimberly\AppData\Local\Temp\tbVafm.dll
C:\Users\Kimberly\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Kimberly\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Kimberly\AppData\Local\Temp\WSSetup.exe
C:\Users\Kimberly\AppData\Local\Temp\{56AECA8B-7F02-42E8-9089-FF8399809AA3}-23.0.1271.95_chrome_installer.exe
C:\Users\Kimberly\AppData\Local\Temp\{78543A04-09F7-45D4-A44C-EB3EF31276FC}-chrome_installer.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-08 12:48

==================== End Of Log ============================

dakiteha · Feb 23, 2014

I will be around most of the day but understand if you don't work on Sundays.

Broni · Feb 23, 2014

You're still very seriously infected.
I'll be back later this afternoon.

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

IMPORTANT! Restart computer.

Re-run FRST "Scan" one more time and post fresh log.

dakiteha · Feb 23, 2014

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-02-2014 01
Ran by Kimberly at 2014-02-23 13:50:07 Run:1
Running from C:\Users\Kimberly\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ATTENTION
My Web Search (MyWebFace) (HKLM-x32\...\MyWebSearch bar Uninstall) (Version: - My Web Search) <==== ATTENTION
Optimizer Pro v3.0 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION
Yontoo Layers Client 1.10.01 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.01 - Yontoo Technology, Inc.) <==== ATTENTION
Task: {78D2B75D-9B2F-4AB5-8A83-7DC22FA5AC1E} - \win4036e0 No Task File
Task: {D3B15BA3-E331-4F39-96B3-198B2AFC52D3} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {D91EEE5E-C5F6-417F-BD42-C2938C975A23} - \3900417440 No Task File
AlternateDataStreams: C:\ProgramData\Temp:22912C1D
AlternateDataStreams: C:\ProgramData\Temp:6BD304B9
AlternateDataStreams: C:\ProgramData\Temp

1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:E30E6B9F
AlternateDataStreams: C:\ProgramData\Temp:E5DE9C8F
(MyWebSearch.com) C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files (x86)\MyWebSearch
HKLM-x32\...\Run: [MyWebSearch Email Plugin] - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE [32849 2011-04-07] (MyWebSearch.com)
HKLM\...\Winlogon: [Shell] [0 ] () <=== ATTENTION
HKU\.DEFAULT\...0c966feabec1\InprocServer32: [Default-shell32] C:\Windows\system32\config\systemprofile\AppData\Local\{4f73ed5f-4eb3-905f-940d-e562bd6e5517}\n. ATTENTION! ====> ZeroAccess/Alureon?
HKU\.DEFAULT\...409d6c4515e9\InprocServer32: [Default-shell32] C:\Windows\TEMP\sbquicx\sxqrrcs\wow.dll ATTENTION! ====> ZeroAccess?
C:\Windows\TEMP\sbquicx\sxqrrcs\wow.dll
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [MyWebSearch Email Plugin] - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE [32849 2011-04-07] (MyWebSearch.com)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\MountPoints2: G - G:\LaunchU3.exe -a
ProxyServer: http=127.0.0.1:54525
URLSearchHook: HKCU - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL No File
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.a...-4199-9E9D-331246C9A6E8&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.a...-4199-9E9D-331246C9A6E8&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searc...SP_ss&mntrId=727cf46c00000000000078e400d82e8d
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=JEl-aoK2K4rPMF8Ub49f2kNxYyA?q={searchTerms}
SearchScopes: HKCU - {7B6CED84-F63F-43EB-9393-A0E69BF10A7D} URL = http://search.conduit.com/ResultsEx...4&ctid=CT3294791&CUI=UN17126568714873958&UM=2
SearchScopes: HKCU - {853592DE-BB3B-46B9-8A81-4A8771AFB8F8} URL = http://search.conduit.com/Results.aspx?ctid=CT3300024&SearchSource=45&UM=2&q={searchTerms}
BHO: weDownload Manager Pro - {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho64.dll No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
Toolbar: HKLM-x32 - My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - No File
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - No File
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll No File
FF Homepage: hxxp://search.conduit.com/?ctid=CT3294791&octid=CT3294791&SearchSource=61&CUI=UN29272984232113624&UM=2&UP=SP038215DA-0746-4199-9E9D-331246C9A6E8&SSPV=
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @mywebsearch.com/Plugin - C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\mywebsearch.xml
FF Extension: Performance Cache - C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\Extensions\nkwhhakmzf@nkwhhakmzf.org.xpi [2012-03-21]
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (Zylom Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npzylomgamesplayer.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
CHR Plugin: (Hulu Desktop) - C:\Users\Kimberly\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Kimberly\AppData\Local\Temp\YontooLayers.crx [2013-12-05]
R2 MyWebSearchService; C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE [28762 2011-04-07] (MyWebSearch.com)
C:\Users\Kimberly\AppData\Local\Temp\0.35523540588089986.exe
C:\Users\Kimberly\AppData\Local\Temp\0.7089009233042556.exe
C:\Users\Kimberly\AppData\Local\Temp\1385723452_wedownload_manager_pro.exe
C:\Users\Kimberly\AppData\Local\Temp\7za.exe
C:\Users\Kimberly\AppData\Local\Temp\airB1B8.exe
C:\Users\Kimberly\AppData\Local\Temp\airD2E9.exe
C:\Users\Kimberly\AppData\Local\Temp\airFB60.exe
C:\Users\Kimberly\AppData\Local\Temp\BackupSetup.exe
C:\Users\Kimberly\AppData\Local\Temp\bfguni.exe
C:\Users\Kimberly\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Kimberly\AppData\Local\Temp\contentDATs.exe
C:\Users\Kimberly\AppData\Local\Temp\Delta.exe
C:\Users\Kimberly\AppData\Local\Temp\DeltaTB.exe
C:\Users\Kimberly\AppData\Local\Temp\Extract.exe
C:\Users\Kimberly\AppData\Local\Temp\GoogleChromeInstaller.exe
C:\Users\Kimberly\AppData\Local\Temp\HPQSi.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Kimberly\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Kimberly\AppData\Local\Temp\nsisdt.dll
C:\Users\Kimberly\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Kimberly\AppData\Local\Temp\Player_Setup.exe
C:\Users\Kimberly\AppData\Local\Temp\propsys.dll
C:\Users\Kimberly\AppData\Local\Temp\pyl14B8.tmp.exe
C:\Users\Kimberly\AppData\Local\Temp\pyl1C08.tmp.exe
C:\Users\Kimberly\AppData\Local\Temp\pyl2B82.tmp.exe
C:\Users\Kimberly\AppData\Local\Temp\pyl646.tmp.exe
C:\Users\Kimberly\AppData\Local\Temp\pyl79E0.tmp.exe
C:\Users\Kimberly\AppData\Local\Temp\Resource.exe
C:\Users\Kimberly\AppData\Local\Temp\SBLite_2803.exe
C:\Users\Kimberly\AppData\Local\Temp\Setup.exe
C:\Users\Kimberly\AppData\Local\Temp\SP48394.exe
C:\Users\Kimberly\AppData\Local\Temp\SP48755.exe
C:\Users\Kimberly\AppData\Local\Temp\SP49432.exe
C:\Users\Kimberly\AppData\Local\Temp\SP50162.exe
C:\Users\Kimberly\AppData\Local\Temp\SP50365.exe
C:\Users\Kimberly\AppData\Local\Temp\SP50490.exe
C:\Users\Kimberly\AppData\Local\Temp\SP50498.exe
C:\Users\Kimberly\AppData\Local\Temp\SP50595.exe
C:\Users\Kimberly\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Kimberly\AppData\Local\Temp\SP51865.exe
C:\Users\Kimberly\AppData\Local\Temp\SP52264.exe
C:\Users\Kimberly\AppData\Local\Temp\SP52615.exe
C:\Users\Kimberly\AppData\Local\Temp\sp64126.exe
C:\Users\Kimberly\AppData\Local\Temp\tbVafm.dll
C:\Users\Kimberly\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Kimberly\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Kimberly\AppData\Local\Temp\WSSetup.exe
C:\Users\Kimberly\AppData\Local\Temp\{56AECA8B-7F02-42E8-9089-FF8399809AA3}-23.0.1271.95_chrome_installer.exe
C:\Users\Kimberly\AppData\Local\Temp\{78543A04-09F7-45D4-A44C-EB3EF31276FC}-chrome_installer.exe

*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{78D2B75D-9B2F-4AB5-8A83-7DC22FA5AC1E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78D2B75D-9B2F-4AB5-8A83-7DC22FA5AC1E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\win4036e0 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3B15BA3-E331-4F39-96B3-198B2AFC52D3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3B15BA3-E331-4F39-96B3-198B2AFC52D3} => Key deleted successfully.
C:\Windows\System32\Tasks\Desk 365 RunAsStdUser => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D91EEE5E-C5F6-417F-BD42-C2938C975A23} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D91EEE5E-C5F6-417F-BD42-C2938C975A23} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3900417440 => Key deleted successfully.
C:\ProgramData\Temp => ":22912C1D" ADS removed successfully.
C:\ProgramData\Temp => ":6BD304B9" ADS removed successfully.
C:\ProgramData\Temp => "

1B5B4F1" ADS removed successfully.
C:\ProgramData\Temp => ":E30E6B9F" ADS removed successfully.
C:\ProgramData\Temp => ":E5DE9C8F" ADS removed successfully.
[3412] C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE => Process closed successfully.
C:\Program Files (x86)\MyWebSearch => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value was restored successfully.
HKU\.DEFAULT\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} => Key deleted successfully.
HKU\.DEFAULT\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} => Key not found.
C:\Windows\TEMP\sbquicx\sxqrrcs\wow.dll => Moved successfully.
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin => Value deleted successfully.
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2067438776-955256638-4198274019-1001 => Key not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key deleted successfully.
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} => Key deleted successfully.
HKCR\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7B6CED84-F63F-43EB-9393-A0E69BF10A7D} => Key deleted successfully.
HKCR\CLSID\{7B6CED84-F63F-43EB-9393-A0E69BF10A7D} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{853592DE-BB3B-46B9-8A81-4A8771AFB8F8} => Key deleted successfully.
HKCR\CLSID\{853592DE-BB3B-46B9-8A81-4A8771AFB8F8} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128} => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110411361128} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} => Value deleted successfully.
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} => Key not found.
HKCR\PROTOCOLS\Handler\inbox => Key deleted successfully.
HKCR\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27} => Key not found.
HKCR\PROTOCOLS\Handler\intu-help-qb2 => Key deleted successfully.
HKCR\CLSID\{84D77A00-41B5-4b8b-8ADF-86486D72E749} => Key not found.
HKCR\PROTOCOLS\Handler\qbwc => Key deleted successfully.
HKCR\CLSID\{FC598A64-626C-4447-85B8-53150405FD57} => Key not found.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\inbox => Key not found.
HKCR\Wow6432Node\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27} => Key deleted successfully.
Firefox homepage deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer => Key deleted successfully.
C:\Windows\system32\Adobe\Director\np32dsw.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@mywebsearch.com/Plugin => Key deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll not found.
C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\mywebsearch.xml => Moved successfully.
C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\Extensions\nkwhhakmzf@nkwhhakmzf.org.xpi => Moved successfully.
C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll not found.
C:\Program Files (x86)\Mozilla Firefox\plugins\npzylomgamesplayer.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll not found.
C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll not found.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll not found.
C:\Users\Kimberly\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll not found.
C:\Windows\system32\Adobe\Director\np32dsw.dll not found.
c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc => Key deleted successfully.
"C:\Users\Kimberly\AppData\Local\Temp\YontooLayers.crx" => File/Directory not found.
MyWebSearchService => Service deleted successfully.
C:\Users\Kimberly\AppData\Local\Temp\0.35523540588089986.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\0.7089009233042556.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\1385723452_wedownload_manager_pro.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\7za.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\airB1B8.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\airD2E9.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\airFB60.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\bfguni.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\BundleSweetIMSetup.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\contentDATs.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\Delta.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\DeltaTB.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\Extract.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\GoogleChromeInstaller.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\HPQSi.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\MybabylonTB.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\nsisdt.dll => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\ntdll_dump.dll => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\Player_Setup.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\propsys.dll => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\pyl14B8.tmp.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\pyl1C08.tmp.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\pyl2B82.tmp.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\pyl646.tmp.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\pyl79E0.tmp.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\Resource.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\SBLite_2803.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\Setup.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\SP48394.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\SP48755.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\SP49432.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\SP50162.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\SP50365.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\SP50490.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\SP50498.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\SP50595.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\sp50843.exe.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\SP51865.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\SP52264.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\SP52615.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\sp64126.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\tbVafm.dll => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\UninstallHPSA.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\UninstallHPTCA.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\WSSetup.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\{56AECA8B-7F02-42E8-9089-FF8399809AA3}-23.0.1271.95_chrome_installer.exe => Moved successfully.
C:\Users\Kimberly\AppData\Local\Temp\{78543A04-09F7-45D4-A44C-EB3EF31276FC}-chrome_installer.exe => Moved successfully.

The system needs a manual reboot.

==== End of Fixlog ====

dakiteha · Feb 23, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 01
Ran by Kimberly (administrator) on HP-LAPTOP on 23-02-2014 15:19:42
Running from C:\Users\Kimberly\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
(DeviceVM, Inc.) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\system32\atibtmon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard ) C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Google Inc.) C:\Users\Kimberly\AppData\Local\Google\Update\GoogleUpdate.exe
(Akamai Technologies, Inc.) C:\Users\Kimberly\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Akamai Technologies, Inc.) C:\Users\Kimberly\AppData\Local\Akamai\netsession_win.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [HPToneControl] - C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe [107832 2009-08-19] (Hewlett-Packard )
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [172032 2010-04-25] (Sun Microsystems, Inc.)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-01-27] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-01] (IDT, Inc.)
HKLM\...\Run: [MRT] - C:\Windows\system32\MRT.exe [88567024 2014-02-04] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Intuit SyncManager] - C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [1092872 2009-12-22] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [Google Desktop Search] - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
HKLM-x32\...\Run: [InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] - C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe [265608 2013-08-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKLM\...\Winlogon: [Shell] [0 ] () <=== ATTENTION
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-01-22] (Hewlett-Packard Company)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [Google Update] - C:\Users\Kimberly\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-30] (Google Inc.)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [GameXN GO] - "C:\ProgramData\GameXN\GameXNGO.exe" /startup
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [Akamai NetSession Interface] - C:\Users\Kimberly\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\MountPoints2: G - G:\LaunchU3.exe -a
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ie...D406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {56256A51-B582-467e-B8D4-7786EDA79AE0} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ie...D406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - {BF6FB75C-5999-457A-AB6E-BADE0AF7FAFF} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - {3FB43F15-065F-4C8E-B068-0141C455814C} URL = http://websearch.ask.com/redirect?c...pn_sauid=47026863-8C7D-4DEA-93CF-BDA207F484BF
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ie...D406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=retail&geo=US&ver=19
SearchScopes: HKCU - {BF6FB75C-5999-457A-AB6E-BADE0AF7FAFF} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
BHO: HP SimplePass Identity Protection Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\dpotspluginie8.dll (DigitalPersona, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: HP SimplePass Identity Protection Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll (DigitalPersona, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SBLite - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\SBLite\SBLite.dll (SBLite)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Nanny%20Mania/Images/stg_drm.ocx
DPF: HKLM-x32 {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Nanny%20Mania/Images/armhelper.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1

FireFox:
========
FF ProfilePath: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default
FF user.js: detected! => C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\user.js
FF SearchEngineOrder.1: Ask.com
FF SearchEngineOrder.user_pref("browser.search.order.2", "");: user_pref("browser.search.order.2", "");
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=706&systemid=406&v=a9396-124&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=7466448302814054&o=APN10645&q=
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 54525
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Kimberly\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Kimberly\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Kimberly\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kimberly\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Kimberly\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\vafmusic2-customized-web-search.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\web-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF Extension: weDownload Manager Pro - C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\Extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com [2013-12-15]
FF Extension: SearchDonkey - C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\Extensions\support@searchdonkeyapp.com [2013-12-21]
FF Extension: SBLite - C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\Extensions\{83aace32-eca0-4c3a-b4d6-9ad594496b48} [2013-12-15]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-02-22]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-22]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-02-22]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [m3ffxtbr@mywebsearch.com] - C:\Program Files (x86)\MyWebSearch\bar\1.bin
FF HKCU\...\Firefox\Extensions: [{1266764D-FC4F-4FA7-B63B-884D53B1680F}] - C:\Users\Kimberly\AppData\Roaming\NetAssistant\
FF Extension: Freeze.com NetAssistant - C:\Users\Kimberly\AppData\Roaming\NetAssistant\ []

Chrome:
=======
CHR HomePage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-706&v=a10781-124&t=4
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask.com
CHR DefaultSearchURL: http://dts.search.ask.com/sr?src=cr...D406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Zylom Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npzylomgamesplayer.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll No File
CHR Plugin: (Windows LiveÃƒÆ’Ã¢â‚¬Å¡Ãƒâ€šÃ‚Â® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Hulu Desktop) - C:\Users\Kimberly\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Vafmusic2) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko [2013-08-22]
CHR Extension: (Lightning Newtab) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-01-18]
CHR Extension: (weDownload Manager Pro) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb [2013-12-15]
CHR Extension: (SBLite) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlilniamimbmlkmnmjbphgghilbfbcp [2014-01-18]
CHR Extension: (Google Wallet) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-18]
CHR HKCU\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Kimberly\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Kimberly\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [kjlilniamimbmlkmnmjbphgghilbfbcp] - C:\Users\Kimberly\AppData\Roaming\SBLite for Chrome\SBLite.crx [2013-12-05]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\Exts\Chrome.crx [2013-12-05]

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 DvmMDES; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-03-05] (DeviceVM, Inc.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe [138232 2012-03-27] (Symantec Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe [244736 2010-02-01] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [1157240 2012-03-02] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [167048 2011-11-29] (Symantec Corporation)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-11] (DeviceVM, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-02-16] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120321.001\IDSvia64.sys [488568 2012-03-05] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120321.008\ENG64.SYS [117880 2012-03-21] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120321.008\EX64.SYS [2048632 2012-03-21] (Symantec Corporation)
R0 SMR311; C:\Windows\System32\drivers\SMR311.SYS [95392 2012-12-06] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS [737912 2012-03-29] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS [37496 2012-03-29] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1307010.005\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1307010.005\SYMEFA64.SYS [1092728 2012-03-29] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [190072 2012-03-29] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS [405624 2012-03-29] (Symantec Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-02-22] (CyberLink Corp.)
S1 plgniqvd; \??\C:\Windows\system32\drivers\plgniqvd.sys [X]

dakiteha · Feb 23, 2014

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-23 13:49 - 2014-02-23 13:49 - 00000000 ____D () C:\Users\Kimberly\Desktop\FRST-OlderVersion
2014-02-23 11:50 - 2013-05-09 23:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-02-23 11:50 - 2013-05-09 23:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-02-23 11:50 - 2013-05-09 22:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-02-23 11:50 - 2013-05-09 22:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-02-23 11:41 - 2014-02-23 11:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-23 11:16 - 2014-02-23 11:27 - 00006836 _____ () C:\Windows\IE11_main.log
2014-02-23 10:16 - 2014-02-23 10:16 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-23 10:16 - 2014-02-23 10:16 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 10:16 - 2014-02-23 10:16 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 10:16 - 2014-02-23 10:16 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-23 10:16 - 2014-02-23 10:16 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-02-23 10:16 - 2014-02-23 10:16 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-02-23 10:16 - 2014-02-23 10:16 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-23 10:16 - 2014-02-23 10:16 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-02-23 10:16 - 2014-02-23 10:16 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-02-23 10:16 - 2014-02-23 10:16 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-02-23 10:16 - 2014-02-23 10:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-02-23 10:10 - 2014-02-23 10:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-23 10:06 - 2014-02-23 10:25 - 00009883 _____ () C:\Windows\IE10_main.log
2014-02-23 09:26 - 2012-07-25 21:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-02-23 09:26 - 2012-07-25 21:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-02-23 09:26 - 2012-07-25 21:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-02-23 09:26 - 2012-07-25 21:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-02-23 09:26 - 2012-07-25 21:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-02-23 09:26 - 2012-07-25 20:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-02-23 09:26 - 2012-07-25 20:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-02-23 09:26 - 2012-06-02 08:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-02-22 23:47 - 2014-02-22 23:48 - 00045366 _____ () C:\Users\Kimberly\Downloads\Addition.txt
2014-02-22 23:45 - 2014-02-23 15:19 - 00027508 _____ () C:\Users\Kimberly\Desktop\FRST.txt
2014-02-22 23:45 - 2014-02-23 15:19 - 00000000 ____D () C:\FRST
2014-02-22 23:44 - 2014-02-23 13:49 - 02155520 _____ (Farbar) C:\Users\Kimberly\Desktop\FRST64.exe
2014-02-22 23:23 - 2014-02-22 23:23 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\Kimberly\Downloads\tdsskiller.exe
2014-02-22 23:12 - 2013-10-29 20:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-02-22 23:12 - 2013-10-29 20:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-02-22 23:12 - 2013-07-04 06:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-02-22 23:12 - 2013-07-04 05:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-02-22 23:11 - 2013-07-08 23:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-02-22 23:11 - 2013-07-08 22:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-02-22 23:11 - 2013-02-15 00:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-22 23:11 - 2013-02-15 00:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-22 23:11 - 2013-02-15 00:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-02-22 23:11 - 2013-02-14 22:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-22 23:11 - 2013-02-14 22:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-02-22 23:11 - 2013-02-14 21:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-22 23:11 - 2012-10-09 12:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-02-22 23:11 - 2012-10-09 12:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-02-22 23:11 - 2012-10-09 11:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-02-22 23:11 - 2012-10-09 11:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-02-22 23:10 - 2013-12-31 17:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-22 23:10 - 2013-12-31 17:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-22 23:10 - 2013-12-05 20:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-22 23:10 - 2013-12-05 20:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-22 23:10 - 2013-12-05 20:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-22 23:10 - 2013-12-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-22 23:10 - 2013-11-11 20:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-02-22 23:10 - 2013-11-11 20:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-02-22 23:10 - 2013-10-18 20:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-02-22 23:10 - 2013-10-18 19:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-02-22 23:10 - 2013-10-05 14:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-02-22 23:10 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-02-22 23:10 - 2013-07-08 23:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-02-22 23:10 - 2013-07-08 23:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-02-22 23:10 - 2013-07-08 22:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-02-22 23:10 - 2013-07-08 22:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-02-22 23:10 - 2013-04-12 08:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-02-22 23:10 - 2013-03-18 23:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-02-22 23:10 - 2013-03-18 23:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-02-22 23:10 - 2013-02-27 00:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-02-22 23:10 - 2013-02-26 23:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-02-22 23:09 - 2013-12-03 20:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-22 23:09 - 2013-12-03 20:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-22 23:09 - 2013-12-03 20:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-22 23:09 - 2013-12-03 20:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-22 23:09 - 2013-12-03 20:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-22 23:09 - 2013-12-03 20:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-22 23:09 - 2013-12-03 20:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-22 23:09 - 2013-12-03 20:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-22 23:09 - 2013-12-03 20:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-22 23:09 - 2013-12-03 20:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-22 23:09 - 2013-12-03 20:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-22 23:09 - 2013-12-03 20:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-22 23:09 - 2013-12-03 20:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-22 23:09 - 2013-12-03 20:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-22 23:09 - 2013-12-03 19:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-22 23:09 - 2013-12-03 19:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-22 23:09 - 2013-12-03 19:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-22 23:09 - 2013-12-03 19:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-22 23:09 - 2013-11-26 19:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-02-22 23:09 - 2013-11-26 19:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-02-22 23:09 - 2013-11-26 19:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-02-22 23:09 - 2013-11-26 19:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-02-22 23:09 - 2013-11-26 19:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-02-22 23:09 - 2013-11-26 19:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-02-22 23:09 - 2013-11-26 19:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-02-22 23:09 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-02-22 23:09 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-02-22 23:09 - 2013-10-03 20:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-02-22 23:09 - 2013-10-03 20:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-02-22 23:09 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-02-22 23:09 - 2013-10-03 19:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-02-22 23:09 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-02-22 23:09 - 2013-10-03 19:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-02-22 23:09 - 2013-09-27 19:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-02-22 23:09 - 2013-09-24 20:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-02-22 23:09 - 2013-09-24 20:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-02-22 23:09 - 2013-09-24 20:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-02-22 23:09 - 2013-09-24 20:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-02-22 23:09 - 2013-09-24 20:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-02-22 23:09 - 2013-09-24 20:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-02-22 23:09 - 2013-09-24 20:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-02-22 23:09 - 2013-09-24 20:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-02-22 23:09 - 2013-09-24 19:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-02-22 23:09 - 2013-09-24 19:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-02-22 23:09 - 2013-09-24 19:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-02-22 23:09 - 2013-09-24 19:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-02-22 23:09 - 2013-09-24 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-02-22 23:09 - 2013-08-04 20:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-02-22 23:09 - 2013-08-01 20:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-02-22 23:09 - 2013-08-01 19:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-02-22 23:09 - 2013-07-04 06:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-02-22 23:09 - 2013-06-05 23:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

dakiteha · Feb 23, 2014

2014-02-22 23:09 - 2013-06-05 23:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-02-22 23:09 - 2013-06-05 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-02-22 23:09 - 2013-06-05 23:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-02-22 23:09 - 2013-06-05 22:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-02-22 23:09 - 2013-06-05 22:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-02-22 23:09 - 2013-06-05 22:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-02-22 23:09 - 2013-06-05 21:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-02-22 23:09 - 2013-06-05 21:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-02-22 23:09 - 2013-06-05 21:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-02-22 23:09 - 2013-04-25 17:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-02-22 23:09 - 2013-03-31 16:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-02-22 23:09 - 2012-08-22 12:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-02-22 23:09 - 2012-07-04 14:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-02-22 23:08 - 2013-08-01 20:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-02-22 23:08 - 2013-08-01 20:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-02-22 23:08 - 2013-08-01 20:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-02-22 23:08 - 2013-08-01 20:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-02-22 23:08 - 2013-08-01 20:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-02-22 23:08 - 2013-08-01 20:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-02-22 23:08 - 2013-08-01 20:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-02-22 23:08 - 2013-08-01 20:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-02-22 23:08 - 2013-08-01 19:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-02-22 23:08 - 2013-08-01 19:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-02-22 23:08 - 2013-08-01 19:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-02-22 23:08 - 2013-08-01 19:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-02-22 23:08 - 2013-08-01 18:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-02-22 23:08 - 2013-08-01 18:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-02-22 23:08 - 2013-08-01 18:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-02-22 23:08 - 2013-08-01 18:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-02-22 23:08 - 2013-08-01 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-02-22 23:08 - 2013-08-01 18:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 18:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 18:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 18:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-02-22 23:08 - 2013-07-25 03:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-02-22 23:08 - 2013-07-25 02:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-02-22 23:08 - 2013-07-12 04:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-02-22 23:08 - 2013-07-12 04:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-02-22 23:08 - 2013-07-08 23:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-02-22 23:08 - 2013-07-08 22:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-02-22 23:08 - 2013-07-02 22:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-22 23:08 - 2013-07-02 22:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-02-22 23:08 - 2013-06-25 16:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-02-22 23:08 - 2013-02-11 22:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-02-22 23:08 - 2012-11-28 16:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-02-22 23:08 - 2012-11-28 16:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-02-22 23:08 - 2012-11-28 16:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-02-22 23:08 - 2012-10-31 23:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-02-22 23:08 - 2012-10-31 22:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-02-22 23:08 - 2012-10-03 11:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-02-22 23:08 - 2012-10-03 11:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-02-22 23:08 - 2012-10-03 11:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-02-22 23:08 - 2012-10-03 11:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-02-22 23:08 - 2012-10-03 11:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-02-22 23:08 - 2012-10-03 11:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-02-22 23:08 - 2012-10-03 10:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-02-22 23:08 - 2012-10-03 10:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-02-22 23:08 - 2012-10-03 10:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-02-22 23:08 - 2012-10-03 10:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-02-22 23:08 - 2012-01-13 01:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-02-22 23:07 - 2013-09-07 20:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-02-22 23:07 - 2013-09-07 20:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-02-22 23:07 - 2013-07-04 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-02-22 23:07 - 2013-07-04 06:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-02-22 23:07 - 2013-07-04 05:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-02-22 23:07 - 2013-07-04 05:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-02-22 23:07 - 2013-07-04 04:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-02-22 23:07 - 2013-06-14 22:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-02-22 23:07 - 2013-06-04 00:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-02-22 23:07 - 2013-06-03 22:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-02-22 23:07 - 2012-12-07 07:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-02-22 23:07 - 2012-12-07 07:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-02-22 23:07 - 2012-12-07 06:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-02-22 23:07 - 2012-12-07 06:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-02-22 23:07 - 2012-12-07 05:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-02-22 23:07 - 2012-12-07 05:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-02-22 23:07 - 2012-12-07 05:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-02-22 23:07 - 2012-12-07 05:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-02-22 23:07 - 2012-12-07 05:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-02-22 23:07 - 2012-12-07 05:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-02-22 23:07 - 2012-12-07 05:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-02-22 23:07 - 2012-11-21 23:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-02-22 23:07 - 2012-11-21 22:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-02-22 23:07 - 2012-11-01 23:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-02-22 23:07 - 2012-11-01 23:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-02-22 23:07 - 2012-08-21 15:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-02-22 23:06 - 2013-11-26 05:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-02-22 23:06 - 2013-09-07 20:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-22 23:06 - 2012-08-10 18:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-02-22 23:06 - 2012-08-10 17:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-02-22 23:05 - 2014-02-22 23:05 - 00003105 _____ () C:\Users\Kimberly\Desktop\RKreport[0]_D_02222014_230550.txt
2014-02-22 23:05 - 2013-10-02 20:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-02-22 23:05 - 2013-10-02 20:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-02-22 23:05 - 2013-07-25 20:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-02-22 23:05 - 2013-07-25 20:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-02-22 23:05 - 2013-07-25 19:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-02-22 23:05 - 2013-07-25 19:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-02-22 23:05 - 2013-07-20 04:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-22 23:05 - 2013-07-20 04:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-02-22 23:05 - 2013-05-09 23:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-02-22 23:05 - 2013-05-09 21:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-02-22 23:05 - 2013-04-25 23:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-02-22 23:05 - 2013-04-25 22:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-02-22 23:05 - 2013-01-24 00:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-02-22 23:05 - 2013-01-03 00:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-02-22 23:05 - 2012-11-22 21:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-02-22 23:05 - 2012-09-25 16:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-02-22 23:05 - 2012-09-25 16:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-02-22 23:05 - 2012-07-04 16:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-02-22 23:05 - 2012-07-04 16:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-02-22 23:05 - 2012-07-04 16:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-02-22 23:05 - 2012-07-04 15:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-02-22 23:05 - 2012-07-04 15:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-02-22 23:05 - 2012-05-05 02:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-02-22 23:05 - 2012-05-05 01:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-02-22 23:04 - 2014-02-22 23:04 - 00003185 _____ () C:\Users\Kimberly\Desktop\RKreport[0]_S_02222014_230433.txt
2014-02-22 23:04 - 2013-10-11 20:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-02-22 23:04 - 2013-10-11 20:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-02-22 23:04 - 2013-10-11 20:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-02-22 23:04 - 2013-10-11 20:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-02-22 23:04 - 2013-10-11 19:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-02-22 23:04 - 2013-10-11 19:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-02-22 23:04 - 2013-10-11 19:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-02-22 23:04 - 2013-10-11 19:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-02-22 23:04 - 2013-08-01 06:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-02-22 23:04 - 2013-05-12 23:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-02-22 23:04 - 2013-05-12 21:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-02-22 23:04 - 2013-05-12 21:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-02-22 23:04 - 2013-05-12 21:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-02-22 23:04 - 2013-04-10 00:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-02-22 23:04 - 2012-05-13 23:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-02-22 23:04 - 2011-02-03 05:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-02-22 23:03 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-02-22 23:03 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-02-22 23:03 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-02-22 23:03 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-02-22 23:03 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-02-22 22:34 - 2013-08-27 19:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-02-22 21:36 - 2014-02-22 22:15 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-22 21:35 - 2014-02-22 22:47 - 00000000 ____D () C:\Users\Kimberly\Desktop\mbar
2014-02-22 21:35 - 2014-02-22 21:35 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Kimberly\Downloads\mbar-1.07.0.1009.exe
2014-02-22 21:00 - 2014-02-22 23:05 - 00000000 ____D () C:\Users\Kimberly\Desktop\RK_Quarantine
2014-02-22 21:00 - 2014-02-22 21:00 - 03817984 _____ () C:\Users\Kimberly\Downloads\RogueKiller.exe
2014-02-22 20:57 - 2014-02-22 20:57 - 00558888 _____ (Fusion Install ) C:\Users\Kimberly\Downloads\Setup.exe
2014-02-22 19:28 - 2014-02-22 19:28 - 00077772 _____ () C:\Users\Kimberly\Desktop\MBAM2.txt
2014-02-22 19:04 - 2014-02-22 19:04 - 00024295 _____ () C:\Users\Kimberly\Desktop\dds.txt
2014-02-22 19:04 - 2014-02-22 19:04 - 00011255 _____ () C:\Users\Kimberly\Desktop\attach.txt
2014-02-22 19:01 - 2014-02-22 19:01 - 00688992 ____R (Swearware) C:\Users\Kimberly\Downloads\dds.com
2014-02-22 18:17 - 2014-02-22 18:17 - 00001503 _____ () C:\Users\Kimberly\Desktop\aswMBR.txt
2014-02-22 17:39 - 2014-02-22 17:39 - 04745728 _____ (AVAST Software) C:\Users\Kimberly\Downloads\aswMBR.exe
2014-02-22 15:18 - 2014-02-22 15:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 14:42 - 2014-02-22 20:42 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-22 14:20 - 2014-02-22 14:20 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\Malwarebytes
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-22 14:20 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-22 14:17 - 2014-02-22 14:17 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kimberly\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-22 14:11 - 2014-02-22 14:11 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-07 21:34 - 2014-02-07 21:36 - 00000000 ____D () C:\Users\Kimberly\AppData\Local\HP
2014-02-07 21:34 - 2014-02-07 21:34 - 00002200 _____ () C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2014-02-07 21:34 - 2014-02-07 21:34 - 00001152 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8600.lnk
2014-02-07 21:34 - 2014-02-07 21:34 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-02-07 21:34 - 2014-02-07 21:34 - 00000000 ____D () C:\ProgramData\HP
2014-02-07 21:34 - 2014-02-07 21:34 - 00000000 ____D () C:\Program Files\HP
2014-02-07 21:34 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5912.dll
2014-02-07 21:33 - 2014-02-07 21:33 - 31455000 _____ () C:\Users\Kimberly\Downloads\OJ8600_Basicx64_1315.exe
2014-02-05 19:26 - 2014-02-05 19:26 - 00002177 _____ () C:\Users\Kimberly\Desktop\HP Support Assistant.lnk
2014-02-05 19:18 - 2014-02-05 19:18 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}

==================== One Month Modified Files and Folders =======

2014-02-23 15:20 - 2014-02-22 23:45 - 00027508 _____ () C:\Users\Kimberly\Desktop\FRST.txt
2014-02-23 15:19 - 2014-02-22 23:45 - 00000000 ____D () C:\FRST
2014-02-23 15:18 - 2010-08-08 17:19 - 00103208 _____ () C:\Users\Kimberly\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-23 15:17 - 2010-08-08 17:20 - 00000000 ___RD () C:\Users\Kimberly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-23 15:17 - 2010-08-08 17:20 - 00000000 ___RD () C:\Users\Kimberly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-23 15:17 - 2009-07-13 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-23 15:16 - 2012-04-12 16:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-23 15:16 - 2011-05-14 18:05 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067438776-955256638-4198274019-1001UA.job
2014-02-23 15:16 - 2011-01-20 20:16 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-23 15:16 - 2011-01-20 20:16 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-23 15:16 - 2010-08-08 17:20 - 00001413 _____ () C:\Users\Kimberly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-23 14:16 - 2011-05-14 18:05 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067438776-955256638-4198274019-1001Core.job
2014-02-23 14:15 - 2009-07-13 23:13 - 00782336 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 14:15 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-23 14:15 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-23 14:08 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-23 14:07 - 2013-12-15 15:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-23 14:07 - 2013-12-15 15:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-02-23 14:07 - 2009-07-13 22:51 - 00060374 _____ () C:\Windows\setupact.log
2014-02-23 14:07 - 2009-07-13 22:45 - 00395176 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-23 14:03 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-23 14:03 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-02-23 14:02 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-02-23 14:02 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-02-23 14:02 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-02-23 14:02 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-02-23 14:02 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-02-23 13:57 - 2010-06-01 02:41 - 01950769 _____ () C:\Windows\WindowsUpdate.log
2014-02-23 13:49 - 2014-02-23 13:49 - 00000000 ____D () C:\Users\Kimberly\Desktop\FRST-OlderVersion
2014-02-23 13:49 - 2014-02-22 23:44 - 02155520 _____ (Farbar) C:\Users\Kimberly\Desktop\FRST64.exe
2014-02-23 12:51 - 2010-10-23 13:06 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-23 12:50 - 2012-03-10 14:04 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-23 11:41 - 2014-02-23 11:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-23 11:27 - 2014-02-23 11:16 - 00006836 _____ () C:\Windows\IE11_main.log
2014-02-23 11:16 - 2010-04-25 11:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-23 10:25 - 2014-02-23 10:06 - 00009883 _____ () C:\Windows\IE10_main.log
2014-02-23 10:16 - 2014-02-23 10:16 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-23 10:16 - 2014-02-23 10:16 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 10:16 - 2014-02-23 10:16 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 10:16 - 2014-02-23 10:16 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-23 10:16 - 2014-02-23 10:16 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-02-23 10:16 - 2014-02-23 10:16 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-02-23 10:16 - 2014-02-23 10:16 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-23 10:16 - 2014-02-23 10:16 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-02-23 10:16 - 2014-02-23 10:16 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

dakiteha · Feb 23, 2014

2014-02-23 10:16 - 2014-02-23 10:16 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-02-23 10:16 - 2014-02-23 10:16 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-02-23 10:16 - 2014-02-23 10:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-02-23 10:10 - 2014-02-23 10:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-23 09:57 - 2013-12-15 15:11 - 00774950 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-23 09:38 - 2010-04-25 11:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-02-22 23:48 - 2014-02-22 23:47 - 00045366 _____ () C:\Users\Kimberly\Downloads\Addition.txt
2014-02-22 23:23 - 2014-02-22 23:23 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\Kimberly\Downloads\tdsskiller.exe
2014-02-22 23:05 - 2014-02-22 23:05 - 00003105 _____ () C:\Users\Kimberly\Desktop\RKreport[0]_D_02222014_230550.txt
2014-02-22 23:05 - 2014-02-22 21:00 - 00000000 ____D () C:\Users\Kimberly\Desktop\RK_Quarantine
2014-02-22 23:04 - 2014-02-22 23:04 - 00003185 _____ () C:\Users\Kimberly\Desktop\RKreport[0]_S_02222014_230433.txt
2014-02-22 22:47 - 2014-02-22 21:35 - 00000000 ____D () C:\Users\Kimberly\Desktop\mbar
2014-02-22 22:15 - 2014-02-22 21:36 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-22 22:10 - 2010-06-01 02:43 - 00549626 _____ () C:\Windows\PFRO.log
2014-02-22 21:35 - 2014-02-22 21:35 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Kimberly\Downloads\mbar-1.07.0.1009.exe
2014-02-22 21:00 - 2014-02-22 21:00 - 03817984 _____ () C:\Users\Kimberly\Downloads\RogueKiller.exe
2014-02-22 20:57 - 2014-02-22 20:57 - 00558888 _____ (Fusion Install ) C:\Users\Kimberly\Downloads\Setup.exe
2014-02-22 20:42 - 2014-02-22 14:42 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-22 19:28 - 2014-02-22 19:28 - 00077772 _____ () C:\Users\Kimberly\Desktop\MBAM2.txt
2014-02-22 19:04 - 2014-02-22 19:04 - 00024295 _____ () C:\Users\Kimberly\Desktop\dds.txt
2014-02-22 19:04 - 2014-02-22 19:04 - 00011255 _____ () C:\Users\Kimberly\Desktop\attach.txt
2014-02-22 19:01 - 2014-02-22 19:01 - 00688992 ____R (Swearware) C:\Users\Kimberly\Downloads\dds.com
2014-02-22 18:17 - 2014-02-22 18:17 - 00001503 _____ () C:\Users\Kimberly\Desktop\aswMBR.txt
2014-02-22 18:11 - 2014-01-16 18:39 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKimberly
2014-02-22 18:11 - 2014-01-16 18:39 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForKimberly.job
2014-02-22 17:39 - 2014-02-22 17:39 - 04745728 _____ (AVAST Software) C:\Users\Kimberly\Downloads\aswMBR.exe
2014-02-22 17:30 - 2012-05-31 14:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-22 17:29 - 2013-08-22 22:25 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-02-22 17:29 - 2013-08-22 22:24 - 00000000 ____D () C:\Program Files (x86)\DefaultTab
2014-02-22 15:24 - 2014-01-16 18:28 - 00000000 ____D () C:\ProgramData\WPM
2014-02-22 15:24 - 2013-08-22 22:24 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\DefaultTab
2014-02-22 15:24 - 2011-05-21 20:57 - 00000000 ____D () C:\Program Files (x86)\Inbox Toolbar
2014-02-22 15:23 - 2013-08-22 22:37 - 00000000 ____D () C:\Program Files (x86)\Tuguu SL
2014-02-22 15:18 - 2014-02-22 15:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 14:51 - 2011-05-12 21:00 - 00000000 ____D () C:\Program Files (x86)\Yontoo Layers Client
2014-02-22 14:42 - 2012-04-12 16:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-22 14:42 - 2012-04-12 16:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-22 14:37 - 2011-01-20 20:17 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-22 14:24 - 2010-04-25 12:02 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-22 14:20 - 2014-02-22 14:20 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\Malwarebytes
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-22 14:17 - 2014-02-22 14:17 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kimberly\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-22 14:17 - 2010-08-15 11:23 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\Mozilla
2014-02-22 14:14 - 2010-08-08 17:32 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0EE82060-B24D-41BA-80A4-1B5799415D26}
2014-02-22 14:11 - 2014-02-22 14:11 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-22 14:11 - 2011-05-14 18:05 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067438776-955256638-4198274019-1001UA
2014-02-22 14:11 - 2011-05-14 18:05 - 00003500 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067438776-955256638-4198274019-1001Core
2014-02-22 14:11 - 2010-10-24 12:55 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-22 14:08 - 2011-01-20 20:16 - 00003898 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-22 14:08 - 2011-01-20 20:16 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-07 21:36 - 2014-02-07 21:34 - 00000000 ____D () C:\Users\Kimberly\AppData\Local\HP
2014-02-07 21:34 - 2014-02-07 21:34 - 00002200 _____ () C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2014-02-07 21:34 - 2014-02-07 21:34 - 00001152 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8600.lnk
2014-02-07 21:34 - 2014-02-07 21:34 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-02-07 21:34 - 2014-02-07 21:34 - 00000000 ____D () C:\ProgramData\HP
2014-02-07 21:34 - 2014-02-07 21:34 - 00000000 ____D () C:\Program Files\HP
2014-02-07 21:34 - 2010-04-25 14:26 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-02-07 21:33 - 2014-02-07 21:33 - 31455000 _____ () C:\Users\Kimberly\Downloads\OJ8600_Basicx64_1315.exe
2014-02-07 19:52 - 2011-01-26 01:29 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\Template
2014-02-07 19:52 - 2009-07-13 23:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-07 18:23 - 2013-08-22 22:24 - 00000258 __RSH () C:\Users\Kimberly\ntuser.pol
2014-02-07 18:23 - 2010-08-08 17:12 - 00000000 ____D () C:\Users\Kimberly
2014-02-05 19:26 - 2014-02-05 19:26 - 00002177 _____ () C:\Users\Kimberly\Desktop\HP Support Assistant.lnk
2014-02-05 19:26 - 2010-04-25 10:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-05 19:25 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\Help
2014-02-05 19:22 - 2010-04-25 10:39 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-02-05 19:20 - 2010-10-23 15:58 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\hpqLog
2014-02-05 19:18 - 2014-02-05 19:18 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-05 19:10 - 2009-09-06 18:40 - 00000000 ____D () C:\SwSetup
2014-02-04 19:09 - 2010-08-10 18:45 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-04 18:42 - 2012-04-12 16:33 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 18:40 - 2010-08-09 23:34 - 00000000 ____D () C:\Users\Kimberly\AppData\Local\CrashDumps

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-08 12:48

==================== End Of Log

Broni · Feb 23, 2014

Looks much better but we need to run one more fix.

Delete your existing "fixlist.txt" file.

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

IMPORTANT! Restart computer.

Re-run FRST "Scan" one more time and post fresh log.

dakiteha · Feb 23, 2014

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-02-2014 01
Ran by Kimberly at 2014-02-23 17:25:24 Run:2
Running from C:\Users\Kimberly\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\...\Winlogon: [Shell] [0 ] () <=== ATTENTION

*****************

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value was restored successfully.

==== End of Fixlog ====

Broni · Feb 23, 2014

...and new scan...

dakiteha · Feb 23, 2014

Coming

dakiteha · Feb 23, 2014

Ran by Kimberly (administrator) on HP-LAPTOP on 23-02-2014 17:30:21
Running from C:\Users\Kimberly\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\system32\atibtmon.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
(DeviceVM, Inc.) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard ) C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
() C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Akamai Technologies, Inc.) C:\Users\Kimberly\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Akamai Technologies, Inc.) C:\Users\Kimberly\AppData\Local\Akamai\netsession_win.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [HPToneControl] - C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe [107832 2009-08-19] (Hewlett-Packard )
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [172032 2010-04-25] (Sun Microsystems, Inc.)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-01-27] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-01] (IDT, Inc.)
HKLM\...\Run: [MRT] - C:\Windows\system32\MRT.exe [88567024 2014-02-04] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Intuit SyncManager] - C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [1092872 2009-12-22] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [Google Desktop Search] - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
HKLM-x32\...\Run: [InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] - C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe [265608 2013-08-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKLM\...\Winlogon: [Shell] [0 ] () <=== ATTENTION
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-01-22] (Hewlett-Packard Company)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [Google Update] - C:\Users\Kimberly\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-30] (Google Inc.)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [GameXN GO] - "C:\ProgramData\GameXN\GameXNGO.exe" /startup
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [Akamai NetSession Interface] - C:\Users\Kimberly\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2067438776-955256638-4198274019-1001\...\MountPoints2: G - G:\LaunchU3.exe -a
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ie...D406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {56256A51-B582-467e-B8D4-7786EDA79AE0} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ie...D406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - {BF6FB75C-5999-457A-AB6E-BADE0AF7FAFF} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - {3FB43F15-065F-4C8E-B068-0141C455814C} URL = http://websearch.ask.com/redirect?c...pn_sauid=47026863-8C7D-4DEA-93CF-BDA207F484BF
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ie...D406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=retail&geo=US&ver=19
SearchScopes: HKCU - {BF6FB75C-5999-457A-AB6E-BADE0AF7FAFF} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
BHO: HP SimplePass Identity Protection Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\dpotspluginie8.dll (DigitalPersona, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: HP SimplePass Identity Protection Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll (DigitalPersona, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SBLite - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\SBLite\SBLite.dll (SBLite)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Nanny%20Mania/Images/stg_drm.ocx
DPF: HKLM-x32 {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Nanny%20Mania/Images/armhelper.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1

FireFox:
========
FF ProfilePath: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default
FF user.js: detected! => C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\user.js
FF SearchEngineOrder.1: Ask.com
FF SearchEngineOrder.user_pref("browser.search.order.2", "");: user_pref("browser.search.order.2", "");
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=706&systemid=406&v=a9396-124&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=7466448302814054&o=APN10645&q=
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 54525
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Kimberly\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Kimberly\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Kimberly\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kimberly\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Kimberly\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\vafmusic2-customized-web-search.xml
FF SearchPlugin: C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\searchplugins\web-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF Extension: weDownload Manager Pro - C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\Extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com [2013-12-15]
FF Extension: SearchDonkey - C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\Extensions\support@searchdonkeyapp.com [2013-12-21]
FF Extension: SBLite - C:\Users\Kimberly\AppData\Roaming\Mozilla\Firefox\Profiles\wytp5qmo.default\Extensions\{83aace32-eca0-4c3a-b4d6-9ad594496b48} [2013-12-15]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-02-22]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-22]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-02-22]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [m3ffxtbr@mywebsearch.com] - C:\Program Files (x86)\MyWebSearch\bar\1.bin
FF HKCU\...\Firefox\Extensions: [{1266764D-FC4F-4FA7-B63B-884D53B1680F}] - C:\Users\Kimberly\AppData\Roaming\NetAssistant\
FF Extension: Freeze.com NetAssistant - C:\Users\Kimberly\AppData\Roaming\NetAssistant\ []

Chrome:
=======
CHR HomePage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-706&v=a10781-124&t=4
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask.com
CHR DefaultSearchURL: http://dts.search.ask.com/sr?src=cr...D406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Zylom Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npzylomgamesplayer.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Kimberly\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll No File
CHR Plugin: (Windows LiveÃƒÆ’Ã¢â‚¬Å¡Ãƒâ€šÃ‚Â® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Hulu Desktop) - C:\Users\Kimberly\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Vafmusic2) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko [2013-08-22]
CHR Extension: (Lightning Newtab) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-01-18]
CHR Extension: (weDownload Manager Pro) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb [2013-12-15]
CHR Extension: (SBLite) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlilniamimbmlkmnmjbphgghilbfbcp [2014-01-18]
CHR Extension: (Google Wallet) - C:\Users\Kimberly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-18]
CHR HKCU\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Kimberly\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Kimberly\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [kjlilniamimbmlkmnmjbphgghilbfbcp] - C:\Users\Kimberly\AppData\Roaming\SBLite for Chrome\SBLite.crx [2013-12-05]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\Exts\Chrome.crx [2013-12-05]

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 DvmMDES; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-03-05] (DeviceVM, Inc.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe [138232 2012-03-27] (Symantec Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe [244736 2010-02-01] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [1157240 2012-03-02] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [167048 2011-11-29] (Symantec Corporation)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-11] (DeviceVM, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-02-16] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120321.001\IDSvia64.sys [488568 2012-03-05] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120321.008\ENG64.SYS [117880 2012-03-21] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120321.008\EX64.SYS [2048632 2012-03-21] (Symantec Corporation)
R0 SMR311; C:\Windows\System32\drivers\SMR311.SYS [95392 2012-12-06] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS [737912 2012-03-29] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS [37496 2012-03-29] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1307010.005\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1307010.005\SYMEFA64.SYS [1092728 2012-03-29] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [190072 2012-03-29] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS [405624 2012-03-29] (Symantec Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-02-22] (CyberLink Corp.)
S1 plgniqvd; \??\C:\Windows\system32\drivers\plgniqvd.sys [X]

dakiteha · Feb 23, 2014

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-23 13:49 - 2014-02-23 13:49 - 00000000 ____D () C:\Users\Kimberly\Desktop\FRST-OlderVersion
2014-02-23 11:50 - 2013-05-09 23:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-02-23 11:50 - 2013-05-09 23:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-02-23 11:50 - 2013-05-09 22:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-02-23 11:50 - 2013-05-09 22:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-02-23 11:41 - 2014-02-23 11:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-23 11:16 - 2014-02-23 11:27 - 00006836 _____ () C:\Windows\IE11_main.log
2014-02-23 10:16 - 2014-02-23 10:16 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-23 10:16 - 2014-02-23 10:16 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 10:16 - 2014-02-23 10:16 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 10:16 - 2014-02-23 10:16 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-23 10:16 - 2014-02-23 10:16 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-02-23 10:16 - 2014-02-23 10:16 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-02-23 10:16 - 2014-02-23 10:16 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-23 10:16 - 2014-02-23 10:16 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-02-23 10:16 - 2014-02-23 10:16 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-02-23 10:16 - 2014-02-23 10:16 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-02-23 10:16 - 2014-02-23 10:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-02-23 10:16 - 2014-02-23 10:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-23 10:16 - 2014-02-23 10:16 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-02-23 10:10 - 2014-02-23 10:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-23 10:10 - 2014-02-23 10:10 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-23 10:06 - 2014-02-23 10:25 - 00009883 _____ () C:\Windows\IE10_main.log
2014-02-23 09:26 - 2012-07-25 21:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-02-23 09:26 - 2012-07-25 21:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-02-23 09:26 - 2012-07-25 21:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-02-23 09:26 - 2012-07-25 21:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-02-23 09:26 - 2012-07-25 21:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-02-23 09:26 - 2012-07-25 20:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-02-23 09:26 - 2012-07-25 20:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-02-23 09:26 - 2012-06-02 08:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-02-22 23:47 - 2014-02-22 23:48 - 00045366 _____ () C:\Users\Kimberly\Downloads\Addition.txt
2014-02-22 23:45 - 2014-02-23 17:30 - 00027155 _____ () C:\Users\Kimberly\Desktop\FRST.txt
2014-02-22 23:45 - 2014-02-23 17:30 - 00000000 ____D () C:\FRST
2014-02-22 23:44 - 2014-02-23 13:49 - 02155520 _____ (Farbar) C:\Users\Kimberly\Desktop\FRST64.exe
2014-02-22 23:23 - 2014-02-22 23:23 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\Kimberly\Downloads\tdsskiller.exe
2014-02-22 23:12 - 2013-10-29 20:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-02-22 23:12 - 2013-10-29 20:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-02-22 23:12 - 2013-07-04 06:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-02-22 23:12 - 2013-07-04 05:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-02-22 23:11 - 2013-07-08 23:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-02-22 23:11 - 2013-07-08 22:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-02-22 23:11 - 2013-02-15 00:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-22 23:11 - 2013-02-15 00:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-22 23:11 - 2013-02-15 00:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-02-22 23:11 - 2013-02-14 22:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-22 23:11 - 2013-02-14 22:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-02-22 23:11 - 2013-02-14 21:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-22 23:11 - 2012-10-09 12:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-02-22 23:11 - 2012-10-09 12:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-02-22 23:11 - 2012-10-09 11:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-02-22 23:11 - 2012-10-09 11:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-02-22 23:10 - 2013-12-31 17:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-22 23:10 - 2013-12-31 17:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-22 23:10 - 2013-12-05 20:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-22 23:10 - 2013-12-05 20:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-22 23:10 - 2013-12-05 20:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-22 23:10 - 2013-12-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-22 23:10 - 2013-11-11 20:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-02-22 23:10 - 2013-11-11 20:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-02-22 23:10 - 2013-10-18 20:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-02-22 23:10 - 2013-10-18 19:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-02-22 23:10 - 2013-10-05 14:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-02-22 23:10 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-02-22 23:10 - 2013-07-08 23:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-02-22 23:10 - 2013-07-08 23:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-02-22 23:10 - 2013-07-08 22:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-02-22 23:10 - 2013-07-08 22:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-02-22 23:10 - 2013-04-12 08:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-02-22 23:10 - 2013-03-18 23:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-02-22 23:10 - 2013-03-18 23:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-02-22 23:10 - 2013-02-27 00:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-02-22 23:10 - 2013-02-26 23:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-02-22 23:09 - 2013-12-03 20:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-22 23:09 - 2013-12-03 20:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-22 23:09 - 2013-12-03 20:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-22 23:09 - 2013-12-03 20:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-22 23:09 - 2013-12-03 20:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-22 23:09 - 2013-12-03 20:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-22 23:09 - 2013-12-03 20:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-22 23:09 - 2013-12-03 20:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-22 23:09 - 2013-12-03 20:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-22 23:09 - 2013-12-03 20:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-22 23:09 - 2013-12-03 20:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-22 23:09 - 2013-12-03 20:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-22 23:09 - 2013-12-03 20:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-22 23:09 - 2013-12-03 20:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-22 23:09 - 2013-12-03 19:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-22 23:09 - 2013-12-03 19:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-22 23:09 - 2013-12-03 19:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-22 23:09 - 2013-12-03 19:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-22 23:09 - 2013-11-26 19:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-02-22 23:09 - 2013-11-26 19:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-02-22 23:09 - 2013-11-26 19:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-02-22 23:09 - 2013-11-26 19:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-02-22 23:09 - 2013-11-26 19:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-02-22 23:09 - 2013-11-26 19:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-02-22 23:09 - 2013-11-26 19:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-02-22 23:09 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-02-22 23:09 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-02-22 23:09 - 2013-10-03 20:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-02-22 23:09 - 2013-10-03 20:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-02-22 23:09 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

dakiteha · Feb 23, 2014

2014-02-22 23:09 - 2013-10-03 19:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-02-22 23:09 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-02-22 23:09 - 2013-10-03 19:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-02-22 23:09 - 2013-09-27 19:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-02-22 23:09 - 2013-09-24 20:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-02-22 23:09 - 2013-09-24 20:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-02-22 23:09 - 2013-09-24 20:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-02-22 23:09 - 2013-09-24 20:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-02-22 23:09 - 2013-09-24 20:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-02-22 23:09 - 2013-09-24 20:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-02-22 23:09 - 2013-09-24 20:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-02-22 23:09 - 2013-09-24 20:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-02-22 23:09 - 2013-09-24 19:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-02-22 23:09 - 2013-09-24 19:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-02-22 23:09 - 2013-09-24 19:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-02-22 23:09 - 2013-09-24 19:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-02-22 23:09 - 2013-09-24 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-02-22 23:09 - 2013-08-04 20:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-02-22 23:09 - 2013-08-01 20:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-02-22 23:09 - 2013-08-01 19:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-02-22 23:09 - 2013-07-04 06:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-02-22 23:09 - 2013-06-05 23:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-02-22 23:09 - 2013-06-05 23:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-02-22 23:09 - 2013-06-05 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-02-22 23:09 - 2013-06-05 23:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-02-22 23:09 - 2013-06-05 22:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-02-22 23:09 - 2013-06-05 22:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-02-22 23:09 - 2013-06-05 22:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-02-22 23:09 - 2013-06-05 21:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-02-22 23:09 - 2013-06-05 21:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-02-22 23:09 - 2013-06-05 21:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-02-22 23:09 - 2013-04-25 17:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-02-22 23:09 - 2013-03-31 16:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-02-22 23:09 - 2012-08-22 12:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-02-22 23:09 - 2012-07-04 14:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-02-22 23:08 - 2013-08-01 20:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-02-22 23:08 - 2013-08-01 20:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-02-22 23:08 - 2013-08-01 20:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-02-22 23:08 - 2013-08-01 20:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-02-22 23:08 - 2013-08-01 20:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-02-22 23:08 - 2013-08-01 20:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-02-22 23:08 - 2013-08-01 20:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-02-22 23:08 - 2013-08-01 20:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-02-22 23:08 - 2013-08-01 19:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-02-22 23:08 - 2013-08-01 19:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-02-22 23:08 - 2013-08-01 19:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-02-22 23:08 - 2013-08-01 19:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 19:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-02-22 23:08 - 2013-08-01 18:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-02-22 23:08 - 2013-08-01 18:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-02-22 23:08 - 2013-08-01 18:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-02-22 23:08 - 2013-08-01 18:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-02-22 23:08 - 2013-08-01 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-02-22 23:08 - 2013-08-01 18:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 18:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 18:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-02-22 23:08 - 2013-08-01 18:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-02-22 23:08 - 2013-07-25 03:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-02-22 23:08 - 2013-07-25 02:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-02-22 23:08 - 2013-07-12 04:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-02-22 23:08 - 2013-07-12 04:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-02-22 23:08 - 2013-07-08 23:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-02-22 23:08 - 2013-07-08 22:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-02-22 23:08 - 2013-07-02 22:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-22 23:08 - 2013-07-02 22:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-02-22 23:08 - 2013-06-25 16:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-02-22 23:08 - 2013-02-11 22:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-02-22 23:08 - 2012-11-28 16:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-02-22 23:08 - 2012-11-28 16:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-02-22 23:08 - 2012-11-28 16:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-02-22 23:08 - 2012-10-31 23:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-02-22 23:08 - 2012-10-31 22:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-02-22 23:08 - 2012-10-03 11:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-02-22 23:08 - 2012-10-03 11:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-02-22 23:08 - 2012-10-03 11:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-02-22 23:08 - 2012-10-03 11:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-02-22 23:08 - 2012-10-03 11:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-02-22 23:08 - 2012-10-03 11:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-02-22 23:08 - 2012-10-03 10:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-02-22 23:08 - 2012-10-03 10:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-02-22 23:08 - 2012-10-03 10:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-02-22 23:08 - 2012-10-03 10:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-02-22 23:08 - 2012-01-13 01:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-02-22 23:07 - 2013-09-07 20:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-02-22 23:07 - 2013-09-07 20:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-02-22 23:07 - 2013-07-04 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-02-22 23:07 - 2013-07-04 06:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-02-22 23:07 - 2013-07-04 05:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-02-22 23:07 - 2013-07-04 05:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-02-22 23:07 - 2013-07-04 04:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-02-22 23:07 - 2013-06-14 22:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-02-22 23:07 - 2013-06-04 00:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-02-22 23:07 - 2013-06-03 22:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-02-22 23:07 - 2012-12-07 07:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-02-22 23:07 - 2012-12-07 07:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-02-22 23:07 - 2012-12-07 06:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-02-22 23:07 - 2012-12-07 06:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-02-22 23:07 - 2012-12-07 05:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-02-22 23:07 - 2012-12-07 05:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-02-22 23:07 - 2012-12-07 05:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-02-22 23:07 - 2012-12-07 05:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-02-22 23:07 - 2012-12-07 05:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-02-22 23:07 - 2012-12-07 05:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-02-22 23:07 - 2012-12-07 05:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-02-22 23:07 - 2012-12-07 05:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-02-22 23:07 - 2012-12-07 04:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-02-22 23:07 - 2012-11-21 23:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-02-22 23:07 - 2012-11-21 22:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-02-22 23:07 - 2012-11-01 23:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-02-22 23:07 - 2012-11-01 23:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-02-22 23:07 - 2012-08-21 15:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-02-22 23:06 - 2013-11-26 05:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-02-22 23:06 - 2013-09-07 20:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-22 23:06 - 2012-08-10 18:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-02-22 23:06 - 2012-08-10 17:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-02-22 23:05 - 2014-02-22 23:05 - 00003105 _____ () C:\Users\Kimberly\Desktop\RKreport[0]_D_02222014_230550.txt
2014-02-22 23:05 - 2013-10-02 20:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-02-22 23:05 - 2013-10-02 20:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-02-22 23:05 - 2013-07-25 20:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-02-22 23:05 - 2013-07-25 20:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-02-22 23:05 - 2013-07-25 19:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-02-22 23:05 - 2013-07-25 19:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-02-22 23:05 - 2013-07-20 04:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-22 23:05 - 2013-07-20 04:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-02-22 23:05 - 2013-05-09 23:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-02-22 23:05 - 2013-05-09 21:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-02-22 23:05 - 2013-04-25 23:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-02-22 23:05 - 2013-04-25 22:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-02-22 23:05 - 2013-01-24 00:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-02-22 23:05 - 2013-01-03 00:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-02-22 23:05 - 2012-11-22 21:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-02-22 23:05 - 2012-09-25 16:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-02-22 23:05 - 2012-09-25 16:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-02-22 23:05 - 2012-07-04 16:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-02-22 23:05 - 2012-07-04 16:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-02-22 23:05 - 2012-07-04 16:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-02-22 23:05 - 2012-07-04 15:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-02-22 23:05 - 2012-07-04 15:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-02-22 23:05 - 2012-05-05 02:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-02-22 23:05 - 2012-05-05 01:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-02-22 23:04 - 2014-02-22 23:04 - 00003185 _____ () C:\Users\Kimberly\Desktop\RKreport[0]_S_02222014_230433.txt
2014-02-22 23:04 - 2013-10-11 20:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-02-22 23:04 - 2013-10-11 20:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-02-22 23:04 - 2013-10-11 20:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-02-22 23:04 - 2013-10-11 20:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-02-22 23:04 - 2013-10-11 19:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-02-22 23:04 - 2013-10-11 19:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-02-22 23:04 - 2013-10-11 19:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-02-22 23:04 - 2013-10-11 19:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-02-22 23:04 - 2013-08-01 06:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-02-22 23:04 - 2013-05-12 23:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-02-22 23:04 - 2013-05-12 21:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-02-22 23:04 - 2013-05-12 21:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-02-22 23:04 - 2013-05-12 21:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-02-22 23:04 - 2013-04-10 00:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-02-22 23:04 - 2012-05-13 23:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-02-22 23:04 - 2011-02-03 05:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-02-22 23:03 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-02-22 23:03 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-02-22 23:03 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-02-22 23:03 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-02-22 23:03 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-02-22 22:34 - 2013-08-27 19:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-02-22 21:36 - 2014-02-22 22:15 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-22 21:35 - 2014-02-22 22:47 - 00000000 ____D () C:\Users\Kimberly\Desktop\mbar
2014-02-22 21:35 - 2014-02-22 21:35 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Kimberly\Downloads\mbar-1.07.0.1009.exe
2014-02-22 21:00 - 2014-02-22 23:05 - 00000000 ____D () C:\Users\Kimberly\Desktop\RK_Quarantine
2014-02-22 21:00 - 2014-02-22 21:00 - 03817984 _____ () C:\Users\Kimberly\Downloads\RogueKiller.exe
2014-02-22 20:57 - 2014-02-22 20:57 - 00558888 _____ (Fusion Install ) C:\Users\Kimberly\Downloads\Setup.exe
2014-02-22 19:28 - 2014-02-22 19:28 - 00077772 _____ () C:\Users\Kimberly\Desktop\MBAM2.txt
2014-02-22 19:04 - 2014-02-22 19:04 - 00024295 _____ () C:\Users\Kimberly\Desktop\dds.txt
2014-02-22 19:04 - 2014-02-22 19:04 - 00011255 _____ () C:\Users\Kimberly\Desktop\attach.txt
2014-02-22 19:01 - 2014-02-22 19:01 - 00688992 ____R (Swearware) C:\Users\Kimberly\Downloads\dds.com
2014-02-22 18:17 - 2014-02-22 18:17 - 00001503 _____ () C:\Users\Kimberly\Desktop\aswMBR.txt
2014-02-22 17:39 - 2014-02-22 17:39 - 04745728 _____ (AVAST Software) C:\Users\Kimberly\Downloads\aswMBR.exe
2014-02-22 15:18 - 2014-02-22 15:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 14:42 - 2014-02-22 20:42 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-22 14:20 - 2014-02-22 14:20 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\Users\Kimberly\AppData\Roaming\Malwarebytes
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-22 14:20 - 2014-02-22 14:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-22 14:20 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-22 14:17 - 2014-02-22 14:17 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kimberly\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-22 14:11 - 2014-02-22 14:11 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-07 21:34 - 2014-02-07 21:36 - 00000000 ____D () C:\Users\Kimberly\AppData\Local\HP
2014-02-07 21:34 - 2014-02-07 21:34 - 00002200 _____ () C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2014-02-07 21:34 - 2014-02-07 21:34 - 00001152 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8600.lnk
2014-02-07 21:34 - 2014-02-07 21:34 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-02-07 21:34 - 2014-02-07 21:34 - 00000000 ____D () C:\ProgramData\HP
2014-02-07 21:34 - 2014-02-07 21:34 - 00000000 ____D () C:\Program Files\HP
2014-02-07 21:34 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5912.dll
2014-02-07 21:33 - 2014-02-07 21:33 - 31455000 _____ () C:\Users\Kimberly\Downloads\OJ8600_Basicx64_1315.exe
2014-02-05 19:26 - 2014-02-05 19:26 - 00002177 _____ () C:\Users\Kimberly\Desktop\HP Support Assistant.lnk
2014-02-05 19:18 - 2014-02-05 19:18 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}

Solved Trojan.agent svchost.exe

Posts: 58 +0

Posts: 58 +0

Posts: 58 +0

Posts: 56,041 +516

Posts: 58 +0

Posts: 58 +0

Posts: 58 +0

Posts: 58 +0

Posts: 56,041 +516

Posts: 58 +0

Posts: 58 +0

Posts: 58 +0

Posts: 56,041 +516

Attachments

Posts: 58 +0

Posts: 58 +0

Posts: 58 +0

Posts: 58 +0

Posts: 58 +0

Posts: 56,041 +516

Attachments

Posts: 58 +0

Posts: 56,041 +516

Posts: 58 +0

Posts: 58 +0

Posts: 58 +0

Posts: 58 +0

Similar threads