Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Chrome Slowness and Multiple windows


  • This topic is locked This topic is locked

#16
vanaya2002

vanaya2002

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-10-2014
Ran by Schreier house (administrator) on SCHREIERHOUS-PC on 26-10-2014 11:24:56
Running from C:\Users\Schreier house\Desktop\Antivirus Tools
Loaded Profile: Schreier house (Available profiles: Schreier house)
Platform: Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
(Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\WINDOWS\System32\msiexec.exe
(Microsoft Corporation) C:\Users\Schreier house\AppData\Local\Temp\ose00000.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1045800 2008-03-28] (Synaptics, Inc.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [472776 2007-03-01] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WAWifiMessage] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [317128 2007-01-10] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [71176 2007-06-05] (Hewlett-Packard)
HKLM\...\Run: [QlbCtrl] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [159744 2007-05-07] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Monitor] => C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe [106496 2013-11-27] (LeapFrog Enterprises, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2876184603-1598956397-765050242-1006\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKU\S-1-5-21-2876184603-1598956397-765050242-1006\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2876184603-1598956397-765050242-1006\...\MountPoints2: {70337269-4ef0-11e3-9ec1-001b38e9f89d} - H:\start.exe
HKU\S-1-5-21-2876184603-1598956397-765050242-1006\...\MountPoints2: {dc7bb3e4-327e-11e1-a83d-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-2876184603-1598956397-765050242-1006\...\MountPoints2: {f0efaca9-e1a5-11e2-92c1-001b38e9f89d} - G:\LGAutoRun.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
BHO: HP Print Clips -> {053F9267-DC04-4294-A72C-58F732D338C0} -> C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-01-15]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Schreier house\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Schreier house\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-25]
CHR Extension: (Google Wallet) - C:\Users\Schreier house\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [61440 2007-06-05] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LeapFrog Connect Device Service; C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe [7393280 2013-11-27] (LeapFrog Enterprises, Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
S3 stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-11-01] (MicroVision Development, Inc.) [File not signed]
S2 34677ac8; "C:\Windows\system32\rundll32.exe" "c:\progra~2\smartweb\SmartWebSvc.dll",service

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 HdAudAddService; C:\Windows\System32\drivers\CHDART.sys [159232 2007-02-21] (Conexant Systems Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36528 2006-07-24] (Sonic Solutions) [File not signed]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [43520 2012-04-25] (Apple, Inc.) [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
U1 eabfiltr; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 11:24 - 2014-10-26 11:25 - 00000000 ____D () C:\FRST
2014-10-26 11:16 - 2012-06-02 17:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-26 11:16 - 2012-06-02 17:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-26 11:16 - 2012-06-02 17:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-26 11:16 - 2012-06-02 17:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-26 11:15 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-26 11:15 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-26 10:56 - 2014-10-26 10:56 - 00001006 _____ () C:\Users\Schreier house\Desktop\JRT.txt
2014-10-26 10:54 - 2014-10-26 10:54 - 00000000 ____D () C:\Windows\ERUNT
2014-10-26 10:53 - 2014-10-26 10:53 - 00005485 _____ () C:\Users\Schreier house\Desktop\AdwCleaner[S0].txt
2014-10-26 10:34 - 2014-10-26 10:34 - 12364288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-10-26 10:34 - 2014-10-26 10:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-26 10:34 - 2014-10-26 10:34 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-26 10:34 - 2014-10-26 10:34 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-10-26 10:34 - 2014-10-26 10:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-10-26 10:34 - 2014-10-26 10:34 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-10-26 10:34 - 2014-10-26 10:34 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-26 10:34 - 2014-10-26 10:34 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-10-26 10:34 - 2014-10-26 10:34 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-26 10:34 - 2014-10-26 10:34 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-26 10:34 - 2014-10-26 10:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-10-26 10:34 - 2014-10-26 10:34 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-10-26 10:34 - 2014-10-26 10:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-26 10:34 - 2014-10-26 10:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-26 10:30 - 2014-10-26 10:30 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 01554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00797184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-10-26 10:30 - 2014-10-26 10:30 - 00638336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-10-26 10:30 - 2014-10-26 10:30 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-10-26 10:30 - 2014-10-26 10:30 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-10-26 10:30 - 2014-10-26 10:30 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-10-26 10:28 - 2014-10-26 10:28 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-10-26 10:28 - 2014-10-26 10:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-10-26 10:28 - 2014-10-26 10:28 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-10-26 10:28 - 2014-10-26 10:28 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-10-26 10:28 - 2014-10-26 10:28 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2014-10-26 10:28 - 2014-10-26 10:28 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-10-26 10:28 - 2014-10-26 10:28 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-10-26 10:26 - 2014-10-26 10:50 - 00000000 ____D () C:\AdwCleaner
2014-10-26 10:09 - 2014-10-26 10:10 - 00000000 ____D () C:\Windows\system32\vi-VN
2014-10-26 10:09 - 2014-10-26 10:10 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-10-26 10:09 - 2014-10-26 10:10 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-10-26 10:02 - 2014-10-26 10:02 - 00000000 ____D () C:\Windows\system32\SPReview
2014-10-26 09:43 - 2009-04-10 23:28 - 00928768 _____ (Microsoft Corporation) C:\Windows\system32\scavenge.dll
2014-10-26 09:42 - 2009-04-10 23:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe
2014-10-26 09:41 - 2009-04-10 23:32 - 01083880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-10-26 09:41 - 2009-04-10 23:32 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-10-26 09:41 - 2009-04-10 23:32 - 00177640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys
2014-10-26 09:41 - 2009-04-10 23:32 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-10-26 09:41 - 2009-04-10 23:32 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2014-10-26 09:41 - 2009-04-10 23:32 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-10-26 09:41 - 2009-04-10 23:32 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-26 09:41 - 2009-04-10 23:32 - 00054248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-10-26 09:41 - 2009-04-10 23:32 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-10-26 09:41 - 2009-04-10 23:32 - 00050664 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2014-10-26 09:41 - 2009-04-10 23:32 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2014-10-26 09:41 - 2009-04-10 23:32 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys
2014-10-26 09:41 - 2009-04-10 23:32 - 00014312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2014-10-26 09:41 - 2009-04-10 23:28 - 02153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 02134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 01823744 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 01591296 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 01459200 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 01107968 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2014-10-26 09:41 - 2009-04-10 23:28 - 00612864 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-10-26 09:41 - 2009-04-10 23:28 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00550400 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\IasMigReader.exe
2014-10-26 09:41 - 2009-04-10 23:28 - 00454144 _____ (Microsoft) C:\Windows\system32\IasMigPlugin.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-10-26 09:41 - 2009-04-10 23:28 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\devmgr.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\RelMon.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2014-10-26 09:41 - 2009-04-10 23:28 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-10-26 09:41 - 2009-04-10 23:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\offfilt.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-10-26 09:41 - 2009-04-10 23:28 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\pnpsetup.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\fundisc.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\nlhtml.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00117248 _____ () C:\Windows\system32\EhStorAuthn.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\EhStorShell.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-10-26 09:41 - 2009-04-10 23:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\EhStorPwdMgr.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\gpprnext.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shadow.exe
2014-10-26 09:41 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-10-26 09:41 - 2009-04-10 23:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll
2014-10-26 09:41 - 2009-04-10 23:27 - 02926592 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 02092544 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2014-10-26 09:41 - 2009-04-10 23:27 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-10-26 09:41 - 2009-04-10 23:27 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-10-26 09:41 - 2009-04-10 23:27 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00062976 _____ () C:\Windows\system32\PrintBrmUi.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2014-10-26 09:41 - 2009-04-10 23:27 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2014-10-26 09:41 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2014-10-26 09:41 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2014-10-26 09:41 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2014-10-26 09:41 - 2009-04-10 23:23 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2014-10-26 09:41 - 2009-04-10 23:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2014-10-26 09:41 - 2009-04-10 22:03 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2014-10-26 09:41 - 2009-04-10 22:03 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2014-10-26 09:41 - 2009-04-10 21:52 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2014-10-26 09:41 - 2009-04-10 21:51 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-26 09:41 - 2009-04-10 21:48 - 00344698 _____ () C:\Windows\system32\eaphost.tmf
2014-10-26 09:41 - 2009-04-10 21:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys
2014-10-26 09:41 - 2009-04-10 21:46 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2014-10-26 09:41 - 2009-04-10 21:46 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-10-26 09:41 - 2009-04-10 21:45 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2014-10-26 09:41 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2014-10-26 09:41 - 2009-04-10 21:43 - 00442788 _____ () C:\Windows\system32\dot3.tmf
2014-10-26 09:41 - 2009-04-10 21:43 - 00392170 _____ () C:\Windows\system32\onex.tmf
2014-10-26 09:41 - 2009-04-10 21:43 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-10-26 09:41 - 2009-04-10 21:42 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-10-26 09:41 - 2009-04-10 21:42 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-10-26 09:41 - 2009-04-10 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-10-26 09:41 - 2009-04-10 21:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-10-26 09:41 - 2009-04-10 21:39 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-10-26 09:41 - 2009-04-10 21:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys
2014-10-26 09:41 - 2009-04-10 21:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-10-26 09:41 - 2009-04-10 21:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2014-10-26 09:41 - 2009-04-10 21:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-26 09:41 - 2009-04-10 21:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2014-10-26 09:41 - 2009-02-19 17:20 - 00009212 _____ () C:\Windows\system32\RacUR.xml
2014-10-26 09:41 - 2009-02-18 11:43 - 00000153 _____ () C:\Windows\system32\RacUREx.xml
2014-10-26 09:41 - 2009-02-18 11:39 - 00779136 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-10-26 09:41 - 2009-02-18 11:39 - 00102816 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-26 09:40 - 2009-04-10 23:33 - 00614376 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-26 09:40 - 2009-04-10 23:32 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-10-26 09:40 - 2009-04-10 23:32 - 00438744 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-10-26 09:40 - 2009-04-10 23:32 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-10-26 09:40 - 2009-04-10 23:32 - 00245736 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2014-10-26 09:40 - 2009-04-10 23:32 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-10-26 09:40 - 2009-04-10 23:32 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2014-10-26 09:40 - 2009-04-10 23:32 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-10-26 09:40 - 2009-04-10 23:32 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2014-10-26 09:40 - 2009-04-10 23:32 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2014-10-26 09:40 - 2009-04-10 23:32 - 00027112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2014-10-26 09:40 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-10-26 09:40 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2014-10-26 09:40 - 2009-04-10 23:32 - 00017896 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-10-26 09:40 - 2009-04-10 23:32 - 00017384 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 06103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 03174400 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 03072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 02515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 02225664 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 02167808 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 02012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01856512 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01788416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\chsbrkr.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01502720 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01480704 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01342464 _____ (Microsoft Corporation) C:\Windows\system32\brcpl.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01324032 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01086464 _____ (Microsoft Corporation) C:\Windows\system32\NetProjW.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-10-26 09:40 - 2009-04-10 23:28 - 00679936 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00670720 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00491008 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-10-26 09:40 - 2009-04-10 23:28 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\brcplsiw.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\msvcp60.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2014-10-26 09:40 - 2009-04-10 23:28 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-10-26 09:40 - 2009-04-10 23:28 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\adsldpc.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\appmgmts.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2014-10-26 09:40 - 2009-04-10 23:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mstlsapi.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\mmci.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\l2nacp.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msstrc.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\networkitemfactory.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\msscb.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msimtf.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\ifmon.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\NcdProp.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mmcico.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2014-10-26 09:40 - 2009-04-10 23:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll
2014-10-26 09:40 - 2009-04-10 23:27 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 01122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2014-10-26 09:40 - 2009-04-10 23:27 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2014-10-26 09:40 - 2009-04-10 23:27 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2014-10-26 09:40 - 2009-04-10 23:27 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2014-10-26 09:40 - 2009-04-10 23:27 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2014-10-26 09:40 - 2009-04-10 23:27 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-10-26 09:40 - 2009-04-10 23:27 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingWizard.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv
2014-10-26 09:40 - 2009-04-10 23:27 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2014-10-26 09:40 - 2009-04-10 23:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2014-10-26 09:40 - 2009-04-10 23:23 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2014-10-26 09:40 - 2009-04-10 23:22 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2014-10-26 09:40 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2014-10-26 09:40 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2014-10-26 09:40 - 2009-04-10 22:42 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-10-26 09:40 - 2009-04-10 21:46 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2014-10-26 09:40 - 2009-04-10 21:45 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2014-10-26 09:40 - 2009-04-10 21:39 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2014-10-26 09:40 - 2009-04-10 21:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2014-10-26 09:40 - 2009-04-10 21:38 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-10-26 09:40 - 2009-04-10 21:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2014-10-26 09:40 - 2009-04-10 21:27 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2014-10-26 09:40 - 2009-04-10 21:14 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2014-10-26 09:40 - 2009-04-10 21:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-10-26 09:40 - 2009-04-10 21:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-10-26 09:40 - 2009-03-29 21:42 - 00155456 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-26 09:40 - 2009-03-29 21:42 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-26 09:40 - 2009-02-18 11:38 - 00619864 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-10-26 09:40 - 2009-02-18 11:38 - 00099680 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-10-26 09:40 - 2009-02-18 11:38 - 00035168 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2014-10-26 09:40 - 2009-02-18 11:38 - 00009048 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-10-26 09:39 - 2009-04-10 23:33 - 00986600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-26 09:39 - 2009-04-10 23:33 - 00926184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-26 09:39 - 2009-04-10 23:33 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2014-10-26 09:39 - 2009-04-10 23:32 - 00226280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-10-26 09:39 - 2009-04-10 23:32 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys
2014-10-26 09:39 - 2009-04-10 23:28 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 02205184 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2014-10-26 09:39 - 2009-04-10 23:28 - 01533440 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 01514496 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 01382912 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2014-10-26 09:39 - 2009-04-10 23:28 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\wercon.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 01081344 _____ (Microsoft Corporation) C:\Windows\system32\SLCExt.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 01055232 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00968192 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz2.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00657408 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2014-10-26 09:39 - 2009-04-10 23:28 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00507904 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\WscEapPr.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\SnippingTool.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\wscntfy.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\sperror.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\spoolss.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\softkbd.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\wshext.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00083456 _____ (Microsoft) C:\Windows\system32\SMBHelperClass.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\xmlfilter.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Storprop.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\TSTheme.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\whealogr.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\wsepno.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\uxsms.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2014-10-26 09:39 - 2009-04-10 23:28 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\version.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\winrnr.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\spcmsg.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-10-26 09:39 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\spwinsat.dll
2014-10-26 09:39 - 2009-04-10 23:27 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2014-10-26 09:39 - 2009-04-10 23:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2014-10-26 09:39 - 2009-04-10 23:27 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2014-10-26 09:39 - 2009-04-10 23:27 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-10-26 09:39 - 2009-04-10 23:27 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2014-10-26 09:39 - 2009-04-10 23:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2014-10-26 09:39 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-10-26 09:39 - 2009-04-10 23:27 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2014-10-26 09:39 - 2009-04-10 23:27 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2014-10-26 09:39 - 2009-04-10 23:23 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2014-10-26 09:39 - 2009-04-10 21:46 - 00208966 _____ () C:\Windows\system32\WFP.TMF
2014-10-26 09:39 - 2009-04-10 21:46 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-10-26 09:39 - 2009-04-10 21:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys
2014-10-26 09:39 - 2009-04-10 21:43 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-10-26 09:39 - 2009-04-10 21:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-10-26 09:39 - 2009-04-10 21:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-10-26 09:39 - 2009-04-10 21:42 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2014-10-26 09:39 - 2009-04-10 21:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-10-26 09:39 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2014-10-26 09:39 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2014-10-26 09:39 - 2009-04-10 21:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2014-10-26 09:39 - 2009-04-10 21:14 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2014-10-26 09:39 - 2009-04-10 19:52 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys
2014-10-26 09:39 - 2009-04-10 18:59 - 00107612 _____ () C:\Windows\system32\StructuredQuerySchema.bin
2014-10-26 09:39 - 2009-04-10 18:54 - 03662128 _____ () C:\Windows\system32\locale.nls
2014-10-26 09:39 - 2009-03-06 18:11 - 00130008 _____ () C:\Windows\system32\systemsf.ebd
2014-10-26 09:39 - 2009-02-19 17:20 - 00009239 _____ () C:\Windows\system32\spcinstrumentation.man
2014-10-26 09:39 - 2009-02-18 11:39 - 00092918 _____ () C:\Windows\system32\slmgr.vbs
2014-10-26 09:39 - 2009-02-18 11:39 - 00035680 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-10-26 09:38 - 2009-04-10 23:32 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2014-10-26 09:38 - 2009-04-10 23:28 - 01152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2014-10-26 09:38 - 2009-04-10 23:28 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-10-26 09:38 - 2009-04-10 23:28 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-26 09:38 - 2009-04-10 23:28 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\thawbrkr.dll
2014-10-26 09:38 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-10-26 08:48 - 2014-10-26 08:48 - 00000000 ____D () C:\Windows\CheckSur
2014-10-26 01:53 - 2014-10-26 02:39 - 151879843 _____ () C:\Users\Schreier house\Downloads\Windows6.0-KB947821-v34-x86.msu
2014-10-26 00:55 - 2014-10-26 00:55 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-10-25 20:28 - 2014-10-25 23:59 - 365230920 _____ (Microsoft Corporation) C:\Users\Schreier house\Downloads\Windows6.0-KB948465-X86.exe
2014-10-25 19:04 - 2014-10-26 10:34 - 00007985 _____ () C:\Windows\IE9_main.log
2014-10-25 10:39 - 2014-10-25 10:39 - 00000000 ____D () C:\_OTL
2014-10-24 22:31 - 2014-10-24 22:31 - 00000000 ____D () C:\Users\Schreier house\AppData\Local\Seven Zip
2014-10-24 22:29 - 2014-10-26 11:24 - 00000000 ____D () C:\Users\Schreier house\Desktop\Antivirus Tools
2014-10-24 14:19 - 2014-10-25 20:15 - 00050812 _____ () C:\Users\Schreier house\Desktop\OTL.Txt
2014-10-23 22:04 - 2014-10-23 22:04 - 00602112 _____ (OldTimer Tools) C:\Users\Schreier house\Desktop\OTL.exe
2014-10-23 21:42 - 2014-10-23 21:42 - 00000000 ____D () C:\Users\Schreier house\AppData\Roaming\VSRevoGroup
2014-10-23 21:40 - 2014-10-23 21:40 - 00000000 ____D () C:\Users\Schreier house\Desktop\backups
2014-10-23 21:12 - 2014-10-23 21:54 - 00006493 _____ () C:\Users\Schreier house\Desktop\hijackthis.log
2014-10-23 21:07 - 2014-10-23 21:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Schreier house\Desktop\HijackThis.exe
2014-10-23 20:43 - 2014-10-23 20:43 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-10-23 20:01 - 2014-10-23 20:01 - 00057266 _____ () C:\Users\Schreier house\Desktop\before OTL.Txt
2014-10-23 20:01 - 2014-10-23 20:01 - 00039176 _____ () C:\Users\Schreier house\Desktop\before Extras.Txt
2014-10-23 18:04 - 2014-10-23 18:04 - 00162987 _____ () C:\Users\Schreier house\AppData\Local\ars.cache
2014-10-23 18:04 - 2014-10-23 18:04 - 00085691 _____ () C:\Users\Schreier house\AppData\Local\census.cache
2014-10-23 17:59 - 2014-10-23 17:59 - 00000010 _____ () C:\Users\Schreier house\AppData\Local\sponge.last.runtime.cache
2014-10-22 22:36 - 2014-10-26 11:22 - 00000000 ____D () C:\Users\Schreier house\AppData\Roaming\TeamViewer
2014-10-22 22:36 - 2014-10-26 11:22 - 00000000 ____D () C:\Program Files\TeamViewer
2014-10-22 22:09 - 2014-10-22 22:09 - 00000036 _____ () C:\Users\Schreier house\AppData\Local\housecall.guid.cache
2014-10-22 20:45 - 2014-10-22 21:55 - 00007567 _____ () C:\Users\Schreier house\Desktop\VirusFound.txt
2014-10-22 06:41 - 2014-10-22 06:41 - 00000000 ____D () C:\Program Files\Common Files\Windows Live
2014-10-22 06:37 - 2014-10-22 06:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-22 06:36 - 2014-10-22 06:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-22 06:35 - 2009-06-03 18:56 - 00675152 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2014-10-21 22:53 - 2014-10-21 22:53 - 00002154 _____ () C:\Windows\epplauncher.mif
2014-10-21 22:52 - 2014-10-21 22:52 - 00001826 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-10-21 22:51 - 2014-10-22 21:23 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-21 22:51 - 2014-10-21 22:52 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-10-21 22:51 - 2014-10-21 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-21 22:51 - 2014-10-21 22:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-21 22:51 - 2014-10-21 22:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-21 22:51 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-21 22:51 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-21 22:51 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-21 22:51 - 2010-04-05 15:00 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-10-21 22:02 - 2014-10-21 22:04 - 01107984 _____ (Malwarebytes Corporation ) C:\Users\Schreier house\Downloads\Unconfirmed 350776.crdownload
2014-10-21 21:20 - 2014-10-21 21:20 - 00000000 _____ () C:\Windows\system32\jupdate-1.7.0_71-b14.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 11:21 - 2012-06-14 19:38 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-26 11:17 - 2011-12-29 21:47 - 01817676 _____ () C:\Windows\WindowsUpdate.log
2014-10-26 11:17 - 2006-11-02 05:33 - 00715876 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-26 11:16 - 2006-11-02 06:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-26 11:13 - 2012-06-14 19:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-26 11:11 - 2012-06-14 19:37 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-26 11:10 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-26 11:10 - 2006-11-02 07:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-26 11:10 - 2006-11-02 07:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-26 11:09 - 2006-11-09 16:07 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-10-26 11:09 - 2006-11-02 08:01 - 00032532 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-26 11:08 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\rescache
2014-10-26 10:52 - 2006-11-02 08:00 - 00025366 _____ () C:\Windows\PFRO.log
2014-10-26 10:38 - 2013-10-06 10:43 - 00000949 _____ () C:\Users\Schreier house\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-26 10:35 - 2006-11-02 06:18 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-10-26 10:34 - 2006-11-02 01:32 - 00008798 _____ () C:\Windows\system32\icrav03.rat
2014-10-26 10:34 - 2006-11-02 01:32 - 00001988 _____ () C:\Windows\system32\ticrf.rat
2014-10-26 10:24 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-26 10:19 - 2011-12-29 22:06 - 00000915 _____ () C:\Users\Schreier house\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-10-26 10:14 - 2006-11-02 07:47 - 00376632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-26 10:10 - 2006-11-02 07:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-10-26 10:10 - 2006-11-02 07:37 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-10-26 10:10 - 2006-11-02 07:37 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2014-10-26 10:10 - 2006-11-02 07:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-26 10:10 - 2006-11-02 07:37 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-26 10:10 - 2006-11-02 07:37 - 00000000 ____D () C:\Program Files\Windows Collaboration
2014-10-26 10:10 - 2006-11-02 07:37 - 00000000 ____D () C:\Program Files\Windows Calendar
2014-10-26 10:10 - 2006-11-02 07:37 - 00000000 ____D () C:\Program Files\Movie Maker
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\th-TH
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\SLUI
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\it-IT
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\he-IL
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\et-EE
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\el-GR
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\IME
2014-10-26 10:10 - 2006-11-02 06:18 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-26 10:07 - 2006-11-02 07:52 - 00077013 _____ () C:\Windows\setupact.log
2014-10-25 20:26 - 2012-01-15 18:28 - 00001356 _____ () C:\Users\Schreier house\AppData\Local\d3d9caps.dat
2014-10-25 10:36 - 2013-07-27 10:29 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-24 22:53 - 2007-11-05 00:26 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-10-24 22:52 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\registration
2014-10-24 22:43 - 2011-12-29 22:07 - 00100112 _____ () C:\Users\Schreier house\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-24 22:12 - 2007-11-05 00:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-24 22:11 - 2006-11-02 07:37 - 00000000 ____D () C:\Windows\ShellNew
2014-10-24 22:05 - 2006-11-02 05:23 - 00000163 _____ () C:\Windows\win.ini
2014-10-22 21:57 - 2014-02-17 21:12 - 00000000 ____D () C:\ProgramData\SmartWeb
2014-10-22 21:57 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\Help
2014-10-22 21:17 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-10-22 15:04 - 2013-11-06 16:21 - 00000000 ____D () C:\ProgramData\c29beca13fb9a5a9
2014-10-22 06:40 - 2011-12-29 22:00 - 00000000 ____D () C:\Users\Schreier house
2014-10-22 06:37 - 2007-11-04 23:39 - 00000000 ____D () C:\Program Files\CONEXANT
2014-10-22 03:05 - 2013-08-21 20:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-21 21:56 - 2012-06-14 19:36 - 00000000 ____D () C:\Program Files\Google
2014-10-21 21:27 - 2012-06-14 19:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-21 21:27 - 2012-06-14 19:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-21 21:26 - 2013-11-15 10:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-21 21:20 - 2007-11-05 00:48 - 00000000 ____D () C:\Program Files\Java
2014-10-21 20:49 - 2012-06-14 19:37 - 00000000 ____D () C:\Users\Schreier house\AppData\Local\Google
2014-10-21 20:49 - 2012-06-14 19:36 - 00000000 ____D () C:\ProgramData\Google
2014-10-21 20:42 - 2013-12-26 19:41 - 00000000 ____D () C:\Users\Schreier house\AppData\Roaming\HpUpdate
2014-10-03 10:03 - 2006-11-02 05:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Some content of TEMP:
====================
C:\Users\Schreier house\AppData\Local\Temp\ose00000.exe
C:\Users\Schreier house\AppData\Local\Temp\Quarantine.exe
C:\Users\Schreier house\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-26 11:17

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-10-2014
Ran by Schreier house at 2014-10-26 11:28:25
Running from C:\Users\Schreier house\Desktop\Antivirus Tools
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A80000000002}) (Version: 8.0.0 - Adobe Systems Incorporated)
AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden
Application Installer 4.00.B13 (HKLM\...\{70CEFEBA-F757-4DBE-8A21-027C326137CE}) (Version: 4.00.B13 - Hewlett-Packard Company)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.25.4 - Broadcom Corporation)
BufferChm (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.36.7.61 - Conexant)
Copy (Version: 90.0.146.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Destination Component (Version: 090.000.091.086 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 90.0.205.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (Version: 90.0.236.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (Version: 90.0.222.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (Version: 90.0.222.000 - Hewlett-Packard) Hidden
ESU for Microsoft Vista (HKLM\...\{29FA9E38-7A6D-475E-8C15-15EE8BA9639E}) (Version: 1.0.19.1 - Hewlett-Packard)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
F4100_doccd (Version: 90.0.222.000 - Hewlett-Packard) Hidden
F4100_Help (Version: 90.0.222.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version:  - )
HP Active Support Library (Version: 2.0.13.1 - Hewlett-Packard) Hidden
HP Active Support Library 32 bit components (Version: 2.1.0 - Hewlett-Packard) Hidden
HP Backup and Recovery Manager Installer (HKLM\...\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}) (Version: 3.0.17 - Hewlett-Packard Company)
HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 5.3.0.2325 - Hewlett-Packard)
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Deskjet All-In-One Software 9.0 (HKLM\...\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}) (Version: 9.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.01.0005 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{BBE5C83E-4DC5-494F-8A23-3AAE242E94C2}) (Version: 5.3.0.2325 - Hewlett-Packard)
HP Help and Support (HKLM\...\{584B0895-8EF3-4175-8E80-1B68BFA04636}) (Version: 1.2.2 - Hewlett-Packard)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP Notebook Accessories Product Tour (HKLM\...\{521F72F4-FFE4-4959-AA88-EED06125211F}) (Version: 13.0.0 - Hewlett-Packard)
HP Photosmart Essential 2.01 (HKLM\...\HP Photosmart Essential) (Version: 2.01 - HP)
HP Photosmart Essential2.01 (Version: 1.01.0000 - Hewlett-Packard) Hidden
HP Quick Launch Buttons 6.30 A3 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.30 A3 - Hewlett-Packard)
HP Smart Web Printing (HKLM\...\{415CDA53-9100-476F-A7B2-476691E117C7}) (Version: 2.15.7.0 - Hewlett-Packard)
HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
HP Total Care Advisor (HKLM\...\{9FE8E277-EBFC-4A5E-BD70-6F9B7F32AF0E}) (Version: 1.1.19 - Hewlett-Packard)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HP User Guides 0077 (HKLM\...\{B51C3024-333B-4FB6-B1EC-49ECE2DE6056}) (Version: 1.02.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{D32067CD-7409-4792-BFA0-1469BCD8F0C8}) (Version: 3.00 F1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 90.0.146.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Hewlett Packard Development Company L.P.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
InterVideo DVD Check (HKLM\...\{5D97A4A7-C274-4B63-86D9-07A33435F505}) (Version:  - )
InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden
InterVideo WinDVD (HKLM\...\{3912A629-0020-0005-3131-2FBA74D4DF0A}) (Version:  - )
InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.1166 - InterVideo Inc.)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LeapFrog Connect (HKLM\...\UPCShell) (Version: 5.2.4.18506 - LeapFrog)
LeapFrog Connect (Version: 5.2.4.18506 - LeapFrog) Hidden
LeapFrog LeapPad Explorer Plugin (Version: 5.2.1.18456 - LeapFrog) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2416447) (HKLM\...\M2416447) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
PCFriendly (HKLM\...\PCFriendly) (Version:  - )
PSSWCORE (Version: 2.01.0000 - Hewlett-Packard) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio)
Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Roxio)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 9.0.0.0 - Hewlett-Packard) Hidden
SolutionCenter (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden
Status (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.0.7.0 - Synaptics)
Toolbox (Version: 90.0.146.000 - Hewlett-Packard) Hidden
TrayApp (Version: 90.0.146.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 9.0.0 - Hewlett-Packard) Hidden
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM\...\LeapPadExplorerPlugin) (Version:  - LeapFrog)
VideoToolkit01 (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Vista Default Settings (HKLM\...\{2C86D799-6203-4BE4-8175-126D69742F2F}) (Version: 1.00 A1 - Hewlett-Packard)
WebReg (Version: 90.0.146.000 - Hewlett-Packard) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

26-10-2014 06:21:32 Windows Vista™ Service Pack 2
26-10-2014 06:31:08 Windows Update
26-10-2014 13:48:30 Windows Update
26-10-2014 14:37:00 Windows Vista™ Service Pack 2
26-10-2014 15:27:47 Windows Modules Installer
26-10-2014 16:14:47 Revo Uninstaller's restore point - Microsoft Office 2003 Web Components
26-10-2014 16:15:24 Windows Update
26-10-2014 16:20:45 Revo Uninstaller's restore point - TeamViewer 9

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:23 - 2014-10-25 20:03 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A41A4B7-3142-479A-8718-BAAEF2E28217} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-21] (Adobe Systems Incorporated)
Task: {0CAB7B68-718C-40E0-B83B-89DDF7007DC8} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {109F011A-58DD-4356-B0DE-C20B8355B835} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2012-01-08] ()
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {4DAA47EE-F3A3-4682-B6B3-97DB53B36B61} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {5F889BCE-6FB2-46FF-B370-BF4C9DBAB946} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-06-05] (Hewlett-Packard)
Task: {9884CE8E-3CF4-4445-BE60-751644DBFC88} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {D3B0A04B-BB83-4722-8956-802D803DE306} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-14] (Google Inc.)
Task: {DB557235-0E12-43D8-BDD2-C06B5C47B828} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-14] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2007-08-24 07:28 - 2007-08-24 07:28 - 00249856 _____ () C:\Windows\system32\igfxTMM.dll
2007-11-05 00:49 - 2007-05-16 13:12 - 00671744 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-2876184603-1598956397-765050242-500 - Administrator - Disabled)
Guest (S-1-5-21-2876184603-1598956397-765050242-501 - Limited - Disabled)
Schreier house (S-1-5-21-2876184603-1598956397-765050242-1006 - Administrator - Enabled) => C:\Users\Schreier house

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/26/2014 11:20:45 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3c8c0b0e-977e-40a3-87d7-c5ba0283f192}

Error: (10/26/2014 11:14:45 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3c8c0b0e-977e-40a3-87d7-c5ba0283f192}

System errors:
=============
Error: (10/26/2014 11:17:22 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state

Error: (10/26/2014 11:17:22 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state

Error: (10/26/2014 11:17:22 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update AuxResourcesLP from package WindowsUpdateClient-SelfUpdate-Aux-Package(Language Pack) into Staged(Staged) state

Error: (10/26/2014 11:17:22 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Language Pack) into Install Requested(Install Requested) state

Error: (10/26/2014 11:17:22 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP from package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP(Feature Pack) into Staged(Staged) state

Error: (10/26/2014 11:17:22 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP (Feature Pack) into Install Requested(Install Requested) state

Error: (10/26/2014 11:17:22 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state

Error: (10/26/2014 11:17:22 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into Staged(Staged) state

Error: (10/26/2014 11:17:22 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package (Update) into Install Requested(Install Requested) state

Error: (10/26/2014 11:17:22 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update AuxComp from package WindowsUpdateClient-SelfUpdate-Aux-Package(Update) into Staged(Staged) state

Microsoft Office Sessions:
=========================
Error: (10/26/2014 11:20:45 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3c8c0b0e-977e-40a3-87d7-c5ba0283f192}

Error: (10/26/2014 11:14:45 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3c8c0b0e-977e-40a3-87d7-c5ba0283f192}

CodeIntegrity Errors:
===================================
  Date: 2014-10-26 11:28:08.405
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-26 11:28:08.265
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-26 11:28:08.140
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-26 11:28:08.015
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-26 11:28:07.688
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-26 11:28:07.579
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-26 11:28:07.454
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-26 11:28:07.298
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-26 09:36:40.359
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-26 09:36:40.250
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™ Duo CPU T2400 @ 1.83GHz
Percentage of memory in use: 77%
Total physical RAM: 2038.66 MB
Available physical RAM: 464.55 MB
Total Pagefile: 4310.64 MB
Available Pagefile: 2659.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1926.33 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:140.53 GB) (Free:91.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:6.96 GB) (Free:0.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (OS_TOOLS) (Fixed) (Total:1.55 GB) (Free:1.32 GB) NTFS
Drive f: (DJ_AIO_NonNetwor) (CDROM) (Total:0.31 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 41744173)
Partition 1: (Active) - (Size=140.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

Advertisements


#17
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hello,

A few left over items to address.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
 
start
HKLM\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
C:\Users\Schreier house\AppData\Local\Temp\ose00000.exe
C:\Users\Schreier house\AppData\Local\Temp\Quarantine.exe
C:\Users\Schreier house\AppData\Local\Temp\sqlite3.dll
HKU\S-1-5-21-2876184603-1598956397-765050242-1006\...\MountPoints2: {70337269-4ef0-11e3-9ec1-001b38e9f89d} - H:\start.exe
HKU\S-1-5-21-2876184603-1598956397-765050242-1006\...\MountPoints2: {dc7bb3e4-327e-11e1-a83d-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-2876184603-1598956397-765050242-1006\...\MountPoints2: {f0efaca9-e1a5-11e2-92c1-001b38e9f89d} - G:\LGAutoRun.exe

reboot:
emptytemp:
end
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

In your next reply post the:
  • (Fixlog.txt)
Thanks
Joe :)
  • 0

#18
vanaya2002

vanaya2002

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-10-2014
Ran by Schreier house at 2014-10-26 12:23:12 Run:1
Running from C:\Users\Schreier house\Desktop\Antivirus Tools
Loaded Profile: Schreier house (Available profiles: Schreier house)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
 
start
HKLM\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
C:\Users\Schreier house\AppData\Local\Temp\ose00000.exe
C:\Users\Schreier house\AppData\Local\Temp\Quarantine.exe
C:\Users\Schreier house\AppData\Local\Temp\sqlite3.dll
HKU\S-1-5-21-2876184603-1598956397-765050242-1006\...\MountPoints2: {70337269-4ef0-11e3-9ec1-001b38e9f89d} - H:\start.exe
HKU\S-1-5-21-2876184603-1598956397-765050242-1006\...\MountPoints2: {dc7bb3e4-327e-11e1-a83d-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-2876184603-1598956397-765050242-1006\...\MountPoints2: {f0efaca9-e1a5-11e2-92c1-001b38e9f89d} - G:\LGAutoRun.exe

reboot:
emptytemp:
end
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
blbdrive => Service deleted successfully.
C:\Users\Schreier house\AppData\Local\Temp\ose00000.exe => Moved successfully.
C:\Users\Schreier house\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Schreier house\AppData\Local\Temp\sqlite3.dll => Moved successfully.
"HKU\S-1-5-21-2876184603-1598956397-765050242-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{70337269-4ef0-11e3-9ec1-001b38e9f89d}" => Key deleted successfully.
"HKCR\CLSID\{70337269-4ef0-11e3-9ec1-001b38e9f89d}" => Key not found.
"HKU\S-1-5-21-2876184603-1598956397-765050242-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc7bb3e4-327e-11e1-a83d-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{dc7bb3e4-327e-11e1-a83d-806e6f6e6963}" => Key not found.
"HKU\S-1-5-21-2876184603-1598956397-765050242-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0efaca9-e1a5-11e2-92c1-001b38e9f89d}" => Key deleted successfully.
"HKCR\CLSID\{f0efaca9-e1a5-11e2-92c1-001b38e9f89d}" => Key not found.
EmptyTemp: => Removed 127 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====


  • 0

#19
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Lets run a scan with Malwarebytes, you may need this program once you hand it over to your daughter, when she comes to you and says, somethings poping up on my computer run a Malwarebytes scan and let it remove what it finds.


Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop

Post that log

Thanks
Joe :)
  • 0

#20
vanaya2002

vanaya2002

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Internet is still slow. Mbam to about 30 minutes to download.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/26/2014
Scan Time: 3:37:15 PM
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.10.26.07
Rootkit Database: v2014.10.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Schreier house

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 279758
Time Elapsed: 24 min, 25 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)


  • 0

#21
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Since the Laptop was given to you

I would uninstall these programs next, unless you installed them and want them. This will free up space and a few are running at start up
  • LeapFrog LeapPad Explorer Plugin
  • LeapFrog Connect
  • Roxio Creator Tools
  • Roxio Creator data
  • Roxio Express Labeler 3
  • Adobe Reader 8
  • Roxio Creator Basic v9
  • Samsung Kies
  • PCFriendly
  • Thanks
    Joe :)

    Let me know when that is done.


  • 0

#22
vanaya2002

vanaya2002

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Done. I have also installed about 123 security updates after SP2.


  • 0

#23
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Great !

Moving right along..

Next

Download Security Check by screen317 from Here or Here
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Joe
  • 0

#24
vanaya2002

vanaya2002

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

 Results of screen317's Security Check version 0.99.89 
 Windows Vista Service Pack 2 x86 (UAC is enabled) 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Microsoft Security Essentials  
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java version out of Date!
 Google Chrome 38.0.2125.104 
 Google Chrome 38.0.2125.111 
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1 %
````````````````````End of Log``````````````````````
 


  • 0

#25
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Your Java is out of date:

Note
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.
I would uninstall it from the programs an Features menu too.

If you need it, I can provide a download link for you.

Thanks
Joe :)
  • 0

Advertisements


#26
vanaya2002

vanaya2002

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Many apologies for the inactivity. I was called out of town.

I have updated Java. anything else??


  • 0

#27
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hello,

I'd like to run a final on line scan called ESET. This scan could take quite a while, it also may find files that we already have taken care of. Post the scan results I'll check we will remove anything that is necessary to remove and then we will clean up or remove all the tools had you download.

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go >>HERE<< then click on: ESET1st.jpg

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the ESETexe.jpg icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: ESETsave.jpg
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic.
  • Now click on: EOLS4.gif
    (Selecting Uninstall application on close if you so wish)
Thanks
Joe :)
  • 0

#28
vanaya2002

vanaya2002

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

i don't think the log is correct

 

[email protected] as CAB hook log:
OnlineScanner.ocx - registred OK

 

this is what it found

 

C:\Users\Schreier house\Downloads\DTLite4491-0356.exe Win32/OpenCandy potentially unsafe application
 


  • 0

#29
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hello,

We don't need to worry so much about that, it's in your downloads folder C:\Users\Schreier house\Downloads\DTLite4491-0356.exe

You can clear all that out if you want by clearing the downloads folder

If there are no issues we can remove our tools that we used by following the exercise below:

Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report.
    Paste it for my review.
Thanks
Joe :)
  • 0

#30
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP