Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Internet lagging badly on infected laptop but works fine on other lapt

Started by skyzorz , Dec 14 2014 11:19 PM

  • This topic is locked This topic is locked

#1
skyzorz
Posted 14 December 2014 - 11:19 PM

skyzorz

    New Member

  • Member
  • Pip
  • 5 posts

Hi I have experienced very laggy internet speed on my laptop around a week ago and I have ran virus scans last I remembered there were around 7 Trojans found on my laptop. Removed them but the lag still persists and also tried going into safe mode to remove them but it actually shut down my laptop when the antivirus detected it . I reinstalled to Windows 8 but I can access the internet now but it's still laggy and I have a download speed of like 100kbps/sec and I can't even watch any youtube videos. Can someone help me ?

 

Just did an OTL scan

 

OTL logfile created on: 12/15/2014 1:20:23 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Cee-emmzorznation\Downloads
64bit- Enterprise Edition  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17183)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.80 Gb Total Physical Memory | 3.53 Gb Available Physical Memory | 60.76% Memory free
9.80 Gb Paging File | 7.34 Gb Available in Paging File | 74.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 202.69 Gb Total Space | 163.80 Gb Free Space | 80.81% Space Free | Partition Type: NTFS
Drive D: | 255.97 Gb Total Space | 248.03 Gb Free Space | 96.90% Space Free | Partition Type: NTFS
Drive E: | 0.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: CM | User Name: Cee-emmzorznation | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/12/15 13:11:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cee-emmzorznation\Downloads\OTL.com
PRC - [2014/12/12 17:10:32 | 001,818,736 | ---- | M] () -- C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
PRC - [2014/12/12 17:10:31 | 000,707,184 | ---- | M] () -- C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
PRC - [2014/11/19 04:23:36 | 001,519,808 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
PRC - [2014/11/19 04:23:34 | 001,940,160 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014/11/19 04:23:34 | 000,833,728 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/12/12 17:10:32 | 001,818,736 | ---- | M] () -- C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
MOD - [2014/11/19 04:23:50 | 002,227,904 | ---- | M] () -- C:\Program Files (x86)\Steam\video.dll
MOD - [2014/11/19 04:23:34 | 000,690,880 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/11/12 02:48:12 | 001,171,456 | ---- | M] () -- C:\Program Files (x86)\Steam\libavcodec-56.dll
MOD - [2014/11/12 02:48:12 | 000,485,888 | ---- | M] () -- C:\Program Files (x86)\Steam\libswscale-3.dll
MOD - [2014/11/12 02:48:12 | 000,442,368 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-54.dll
MOD - [2014/11/12 02:48:12 | 000,403,968 | ---- | M] () -- C:\Program Files (x86)\Steam\libavformat-56.dll
MOD - [2014/11/12 02:48:12 | 000,332,800 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-2.dll
MOD - [2014/11/12 02:48:04 | 034,589,888 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014/11/12 02:48:02 | 000,837,824 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
MOD - [2014/11/12 02:47:56 | 000,774,656 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2012/10/08 11:42:56 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/05/30 07:02:28 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/02/02 16:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/01/29 09:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2012/07/26 12:46:56 | 002,366,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/07/26 11:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/26 11:08:04 | 001,968,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012/07/26 11:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 11:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/26 11:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 11:07:30 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2012/07/26 11:07:27 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012/07/26 11:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 11:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 11:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 11:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 11:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 11:05:38 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/07/26 11:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 11:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/26 11:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 11:05:11 | 000,174,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/07/26 11:05:08 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/07/26 11:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 11:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2012/07/26 08:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 08:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 08:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 08:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 08:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/26 08:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2014/12/12 17:10:31 | 000,707,184 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe -- (QHActiveDefense)
SRV - [2014/11/19 04:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/10/08 11:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/07/26 11:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/26 11:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/12/12 17:10:31 | 000,312,400 | ---- | M] (Qihu 360 Software Co., Ltd.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\360fsflt.sys -- (360FsFlt)
DRV:64bit: - [2014/12/12 17:10:31 | 000,305,736 | ---- | M] (360.cn) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\360Box64.sys -- (360Box64)
DRV:64bit: - [2014/12/12 17:10:31 | 000,180,816 | ---- | M] (Qihu 360 Software Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BAPIDRV64.SYS -- (BAPIDRV)
DRV:64bit: - [2014/12/12 17:10:31 | 000,100,424 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\360AntiHacker64.sys -- (360AntiHacker)
DRV:64bit: - [2014/12/12 17:10:31 | 000,077,896 | ---- | M] (360.cn) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\360AvFlt.sys -- (360AvFlt)
DRV:64bit: - [2014/12/12 17:10:31 | 000,040,520 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\360Camera64.sys -- (360Camera)
DRV:64bit: - [2013/10/10 19:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/07/02 09:41:47 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/07/02 09:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/02 09:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/02/02 15:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/01/29 09:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/01/29 07:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2012/11/27 11:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/20 12:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/10/08 11:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012/09/14 23:09:10 | 012,311,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/07/26 13:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 13:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 13:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 13:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 13:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 13:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 13:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2012/07/26 13:00:55 | 000,120,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/07/26 13:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2012/07/26 13:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 13:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 13:00:55 | 000,028,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/07/26 13:00:54 | 000,056,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/07/26 13:00:52 | 003,295,984 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/07/26 13:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 13:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 13:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 13:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 13:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 13:00:49 | 000,539,376 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/07/26 13:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 13:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 13:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 13:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 12:59:35 | 000,193,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2012/07/26 12:59:35 | 000,148,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2012/07/26 12:59:32 | 000,055,024 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/07/26 12:58:00 | 000,068,848 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2012/07/26 12:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 12:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 12:50:20 | 000,053,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2012/07/26 11:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 11:17:38 | 000,027,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/07/26 10:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 10:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 10:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 10:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 10:27:58 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/07/26 10:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 10:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 10:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 10:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 10:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 10:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 10:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 10:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 10:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 10:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 10:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 10:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 10:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 10:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid)
DRV:64bit: - [2012/07/26 10:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2012/07/26 10:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 10:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2012/07/26 10:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2012/07/26 10:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 10:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 10:23:42 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2012/07/26 10:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/06/02 22:31:56 | 000,589,824 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/06/02 22:31:33 | 005,139,968 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BCMWL63A.SYS -- (BCM43XX)
DRV:64bit: - [2011/12/20 01:26:12 | 000,014,848 | ---- | M] (LXD Development, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GKS16Fltr.sys -- (SgamingkbFltr)
DRV:64bit: - [2009/09/17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (HECIx64)
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
O1 HOSTS File: ([2012/07/26 13:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QHSafeTray] C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe (Qihu Software Co. Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F15AD11-1A6A-4CA9-9A81-EA3A0CE467DD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) -  File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/12/15 12:17:27 | 000,000,000 | ---D | C] -- C:\Users\Cee-emmzorznation\AppData\Local\ElevatedDiagnostics
[2014/12/14 18:18:20 | 000,000,000 | ---D | C] -- C:\7b91df376a142b0b983c120a
[2014/12/14 18:18:13 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/12/14 17:52:09 | 000,000,000 | ---D | C] -- C:\Users\Cee-emmzorznation\AppData\Local\Diagnostics
[2014/12/14 17:18:02 | 000,000,000 | ---D | C] -- C:\Windows\tasks\360Disabled
[2014/12/14 17:17:58 | 000,000,000 | ---D | C] -- C:\Users\Cee-emmzorznation\AppData\Roaming\360safe
[2014/12/14 17:17:52 | 000,023,752 | ---- | C] (360安全中心) -- C:\Windows\SysNative\drivers\efimon.sys
[2014/12/14 17:17:51 | 000,077,896 | ---- | C] (360.cn) -- C:\Windows\SysNative\drivers\360AvFlt.sys
[2014/12/14 17:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\360safe
[2014/12/14 17:17:34 | 000,312,400 | ---- | C] (Qihu 360 Software Co., Ltd.) -- C:\Windows\SysNative\drivers\360fsflt.sys
[2014/12/14 17:17:29 | 000,040,520 | ---- | C] (360.cn) -- C:\Windows\SysNative\drivers\360Camera64.sys
[2014/12/14 17:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
[2014/12/14 17:17:28 | 000,180,816 | ---- | C] (Qihu 360 Software Co., Ltd.) -- C:\Windows\SysNative\drivers\BAPIDRV64.SYS
[2014/12/14 17:17:28 | 000,100,424 | ---- | C] (360.cn) -- C:\Windows\SysNative\drivers\360AntiHacker64.sys
[2014/12/14 17:17:24 | 000,305,736 | ---- | C] (360.cn) -- C:\Windows\SysNative\drivers\360Box64.sys
[2014/12/14 17:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\360
[2014/12/14 14:09:51 | 000,714,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/12/14 14:09:51 | 000,106,440 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/12/14 13:55:26 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/12/14 13:52:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/12/14 13:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/12/14 13:42:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2014/12/14 13:42:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2014/12/14 13:42:30 | 003,293,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014/12/14 13:42:30 | 000,866,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2014/12/14 13:42:30 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014/12/14 13:42:30 | 000,055,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2014/12/14 13:42:29 | 006,200,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014/12/14 13:42:29 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014/12/14 13:42:29 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014/12/14 13:41:44 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/12/14 13:41:44 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/12/14 13:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/12/14 13:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/12/14 13:40:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/12/14 12:27:17 | 000,000,000 | ---D | C] -- C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2014/12/14 12:22:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014/12/14 12:19:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/12/14 12:19:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/12/14 12:19:04 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/12/14 12:19:04 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/12/14 12:19:04 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/12/14 12:19:04 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/12/14 12:19:03 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/12/14 12:19:03 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/12/14 12:19:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/12/14 12:19:01 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/12/14 12:19:00 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/12/14 12:19:00 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/12/14 12:19:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/12/14 12:18:59 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/12/14 12:18:59 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/12/14 12:18:58 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/12/14 12:18:57 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/12/14 12:18:57 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/12/14 12:18:56 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/12/14 12:18:44 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/12/14 12:18:44 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/12/14 12:18:44 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/12/14 12:09:40 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100_clr0400.dll
[2014/12/14 12:09:37 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100_clr0400.dll
[2014/12/14 11:48:31 | 002,062,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/12/14 11:48:31 | 001,711,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/12/14 11:39:41 | 013,643,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2014/12/14 11:39:31 | 010,792,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2014/12/14 11:39:28 | 005,977,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/12/14 11:39:25 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/12/14 11:39:24 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\duser.dll
[2014/12/14 11:39:24 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlroamextension.dll
[2014/12/14 11:39:23 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2014/12/14 11:39:20 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WWanAPI.dll
[2014/12/14 11:39:20 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netprofmsvc.dll
[2014/12/14 11:39:20 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.Connectivity.dll
[2014/12/14 11:39:19 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll
[2014/12/14 11:39:19 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlroamextension.dll
[2014/12/14 11:39:19 | 000,329,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/12/14 11:39:19 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hotspotauth.dll
[2014/12/14 11:39:19 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2014/12/14 11:39:19 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.Connectivity.dll
[2014/12/14 11:39:19 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskkill.exe
[2014/12/14 11:39:19 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys
[2014/12/14 11:39:18 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2014/12/14 11:39:18 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WWanAPI.dll
[2014/12/14 11:39:18 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll
[2014/12/14 11:39:18 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpshell.exe
[2014/12/14 11:39:18 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mbsmsapi.dll
[2014/12/14 11:39:18 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mbsmsapi.dll
[2014/12/14 11:39:18 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2014/12/14 11:39:18 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tasklist.exe
[2014/12/14 11:39:18 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskkill.exe
[2014/12/14 11:39:18 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2014/12/14 11:39:18 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidi2c.sys
[2014/12/14 11:39:17 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tasklist.exe
[2014/12/14 11:39:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlmproxy.dll
[2014/12/14 11:39:13 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthhfHid.sys
[2014/12/14 11:39:13 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BtaMPM.sys
[2014/12/14 11:39:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlmsprep.dll
[2014/12/14 11:38:35 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2014/12/14 11:38:35 | 002,382,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2014/12/14 11:37:36 | 001,281,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/12/14 11:37:35 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/12/14 11:37:35 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll
[2014/12/14 11:37:31 | 000,961,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2014/12/14 11:37:31 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SHCore.dll
[2014/12/14 11:37:30 | 001,043,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2014/12/14 11:37:29 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SHCore.dll
[2014/12/14 11:37:27 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptsslp.dll
[2014/12/14 11:37:27 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptsslp.dll
[2014/12/14 11:37:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\workerdd.dll
[2014/12/14 11:37:11 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2014/12/14 11:37:04 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2014/12/14 11:37:00 | 002,842,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014/12/14 11:36:59 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014/12/14 11:36:49 | 001,557,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/12/14 11:36:49 | 001,440,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/12/14 11:36:47 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2014/12/14 11:36:47 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2014/12/14 11:36:42 | 000,693,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/12/14 11:36:42 | 000,628,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationUI.exe
[2014/12/14 11:36:42 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/12/14 11:36:42 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
[2014/12/14 11:36:41 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll
[2014/12/14 11:36:41 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/12/14 11:36:41 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/12/14 11:35:46 | 001,890,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014/12/14 11:35:16 | 006,987,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/12/14 11:35:13 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/12/14 11:35:13 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/12/14 11:35:13 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/12/14 11:35:13 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/12/14 11:35:12 | 000,096,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2014/12/14 11:34:58 | 001,300,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/12/14 11:34:42 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resetengmig.dll
[2014/12/14 11:34:42 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2014/12/14 11:34:42 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2014/12/14 11:34:41 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll
[2014/12/14 11:34:41 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysreset.exe
[2014/12/14 11:34:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014/12/14 11:34:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014/12/14 11:34:09 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/12/14 11:34:08 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/12/14 11:33:57 | 000,652,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014/12/14 11:33:56 | 001,257,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/12/14 11:33:56 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/12/14 11:33:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2014/12/14 11:32:29 | 000,585,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014/12/14 11:32:29 | 000,510,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014/12/14 11:32:27 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2014/12/14 11:32:27 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2014/12/14 11:32:23 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/12/14 11:32:23 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/12/14 11:32:16 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014/12/14 11:32:14 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/12/14 11:32:14 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014/12/14 11:32:09 | 000,054,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2014/12/14 11:31:52 | 000,498,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/12/14 11:31:52 | 000,021,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/12/14 11:31:44 | 001,312,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/12/14 11:31:31 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2014/12/14 11:31:31 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2014/12/14 11:31:31 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2014/12/14 11:31:19 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/12/14 11:31:18 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apprepapi.dll
[2014/12/14 11:31:18 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apprepsync.dll
[2014/12/14 11:31:18 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apprepapi.dll
[2014/12/14 11:31:17 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apprepsync.dll
[2014/12/14 11:31:13 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2014/12/14 11:30:51 | 000,447,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2014/12/14 11:30:51 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS
[2014/12/14 11:30:51 | 000,213,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UCX01000.SYS
[2014/12/14 11:30:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/12/14 11:30:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/12/14 11:30:12 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014/12/14 11:30:12 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014/12/14 11:30:12 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnathlp.dll
[2014/12/14 11:30:12 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnathlp.dll
[2014/12/14 11:30:12 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnsvr.exe
[2014/12/14 11:30:12 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnsvr.exe
[2014/12/14 11:30:12 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhupnp.dll
[2014/12/14 11:30:12 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhpast.dll
[2014/12/14 11:30:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhupnp.dll
[2014/12/14 11:30:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhpast.dll
[2014/12/14 11:30:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnlobby.dll
[2014/12/14 11:30:12 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll
[2014/12/14 11:30:12 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnlobby.dll
[2014/12/14 11:30:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll
[2014/12/14 11:30:10 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/12/14 11:30:10 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014/12/14 11:30:09 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014/12/14 11:30:09 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2014/12/14 11:30:09 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2014/12/14 11:30:09 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014/12/14 11:30:09 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014/12/14 11:30:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2014/12/14 11:30:09 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2014/12/14 11:30:08 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/12/14 11:30:07 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/12/14 11:30:04 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014/12/14 11:30:03 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SysFxUI.dll
[2014/12/14 11:30:03 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014/12/14 11:30:02 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2014/12/14 11:30:02 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2014/12/14 11:30:01 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgentc.exe
[2014/12/14 11:30:01 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe
[2014/12/14 11:29:58 | 000,583,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/12/14 11:29:51 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFMediaEngine.dll
[2014/12/14 11:29:51 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFMediaEngine.dll
[2014/12/14 11:29:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcadm.dll
[2014/12/14 11:29:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcalua.exe
[2014/12/14 11:29:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaevts.dll
[2014/12/14 11:28:31 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/12/14 11:28:30 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2014/12/14 11:28:30 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014/12/14 11:28:30 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2014/12/14 11:28:30 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014/12/14 11:28:30 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014/12/14 11:28:30 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014/12/14 11:28:30 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014/12/14 11:28:24 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/12/14 11:28:24 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/12/14 11:28:21 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/12/14 11:28:20 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/12/14 11:28:16 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/12/14 11:28:16 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/12/14 10:59:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014/12/14 10:59:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/12/14 10:59:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2014/12/14 10:41:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/12/14 10:41:53 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/12/14 10:41:53 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/12/14 10:41:53 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/12/14 10:41:51 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/12/14 10:41:51 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/12/14 10:41:50 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wushareduxresources.dll
[2014/12/14 10:41:49 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/12/14 10:41:49 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/12/14 10:41:49 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuaext.dll
[2014/12/14 10:41:48 | 001,623,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/12/14 10:41:48 | 000,773,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/12/14 10:41:48 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/12/14 10:41:41 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/12/14 10:41:41 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/12/14 10:41:41 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/12/14 10:41:41 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/12/14 10:37:30 | 000,000,000 | ---D | C] -- C:\Users\Cee-emmzorznation\AppData\Roaming\Macromedia
[2014/12/14 05:56:53 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/12/13 22:24:30 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/12/13 22:24:30 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/12/13 22:24:29 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\Searches
[2014/12/13 22:24:29 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\Contacts
[2014/12/13 22:24:29 | 000,000,000 | -H-D | C] -- C:\Users\Cee-emmzorznation\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/12/13 22:24:25 | 000,000,000 | ---D | C] -- C:\Users\Cee-emmzorznation\AppData\Roaming\Adobe
[2014/12/13 22:23:36 | 000,000,000 | ---D | C] -- C:\Users\Cee-emmzorznation\AppData\Local\VirtualStore
[2014/12/13 22:23:26 | 000,000,000 | ---D | C] -- C:\Users\Cee-emmzorznation\AppData\Local\Packages
[2014/12/13 22:23:25 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
[2014/12/13 22:23:14 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/12/13 22:23:05 | 000,000,000 | --SD | C] -- C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft
[2014/12/13 22:23:05 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\Videos
[2014/12/13 22:23:05 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/12/13 22:23:05 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\Saved Games
[2014/12/13 22:23:05 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\Pictures
[2014/12/13 22:23:05 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\Music
[2014/12/13 22:23:05 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\Links
[2014/12/13 22:23:05 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\Favorites
[2014/12/13 22:23:05 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\Downloads
[2014/12/13 22:23:05 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\Documents
[2014/12/13 22:23:05 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\Desktop
[2014/12/13 22:23:05 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/12/13 22:23:05 | 000,000,000 | R--D | C] -- C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\AppData\Local\Temporary Internet Files
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\Templates
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\Start Menu
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\SendTo
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\Recent
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\PrintHood
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\NetHood
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\Documents\My Videos
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\Documents\My Pictures
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\Documents\My Music
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\My Documents
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\Local Settings
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\AppData\Local\History
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\Cookies
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\Application Data
[2014/12/13 22:23:05 | 000,000,000 | -HSD | C] -- C:\Users\Cee-emmzorznation\AppData\Local\Application Data
[2014/12/13 22:23:05 | 000,000,000 | -H-D | C] -- C:\Users\Cee-emmzorznation\AppData
[2014/12/13 22:23:05 | 000,000,000 | ---D | C] -- C:\Users\Cee-emmzorznation\AppData\Local\Temp
[2014/12/13 22:23:05 | 000,000,000 | ---D | C] -- C:\Users\Cee-emmzorznation\AppData\Local\Microsoft
[2014/12/13 22:23:05 | 000,000,000 | ---D | C] -- C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/12/13 22:22:29 | 000,000,000 | ---D | C] -- C:\Windows\CSC
 
========== Files - Modified Within 30 Days ==========
 
[2014/12/15 12:37:49 | 000,000,036 | ---- | M] () -- C:\Users\Cee-emmzorznation\AppData\Local\housecall.guid.cache
[2014/12/15 12:18:20 | 000,803,370 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/12/15 12:18:20 | 000,688,404 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/12/15 12:18:20 | 000,129,058 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/12/15 11:59:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/12/15 11:57:52 | 000,281,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/12/15 11:57:33 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/12/15 11:57:24 | 688,275,455 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/14 17:17:31 | 000,001,153 | ---- | M] () -- C:\Users\Cee-emmzorznation\Desktop\360 Total Security.lnk
[2014/12/14 12:27:17 | 000,000,219 | ---- | M] () -- C:\Users\Cee-emmzorznation\Desktop\Dota 2.url
[2014/12/14 10:59:14 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/12/14 06:01:46 | 000,000,759 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/12/14 06:01:46 | 000,000,759 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/12/13 22:27:42 | 000,001,428 | ---- | M] () -- C:\Users\Cee-emmzorznation\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/12/12 17:10:31 | 000,312,400 | ---- | M] (Qihu 360 Software Co., Ltd.) -- C:\Windows\SysNative\drivers\360fsflt.sys
[2014/12/12 17:10:31 | 000,305,736 | ---- | M] (360.cn) -- C:\Windows\SysNative\drivers\360Box64.sys
[2014/12/12 17:10:31 | 000,180,816 | ---- | M] (Qihu 360 Software Co., Ltd.) -- C:\Windows\SysNative\drivers\BAPIDRV64.SYS
[2014/12/12 17:10:31 | 000,100,424 | ---- | M] (360.cn) -- C:\Windows\SysNative\drivers\360AntiHacker64.sys
[2014/12/12 17:10:31 | 000,077,896 | ---- | M] (360.cn) -- C:\Windows\SysNative\drivers\360AvFlt.sys
[2014/12/12 17:10:31 | 000,040,520 | ---- | M] (360.cn) -- C:\Windows\SysNative\drivers\360Camera64.sys
[2014/12/12 17:10:31 | 000,023,752 | ---- | M] (360安全中心) -- C:\Windows\SysNative\drivers\efimon.sys
[2014/11/27 05:11:29 | 000,714,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/11/27 05:11:29 | 000,106,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/21 16:38:21 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/11/21 16:37:51 | 000,915,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/11/21 16:37:51 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/11/21 16:36:49 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/11/21 16:36:48 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/11/21 16:36:45 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/11/21 16:36:24 | 003,959,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/11/21 16:36:23 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/11/21 16:36:17 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/11/21 16:36:17 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/11/21 16:36:17 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/11/21 16:36:02 | 000,451,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/11/21 16:36:02 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/11/21 16:35:42 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/11/21 15:17:44 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/11/21 15:17:02 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/11/21 15:17:00 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/11/21 15:16:46 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/11/21 15:16:42 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/11/21 15:16:42 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/11/21 15:16:42 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/11/21 15:16:16 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
 
========== Files Created - No Company Name ==========
 
[2014/12/15 12:37:49 | 000,000,036 | ---- | C] () -- C:\Users\Cee-emmzorznation\AppData\Local\housecall.guid.cache
[2014/12/15 11:57:36 | 000,281,624 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/12/14 17:17:31 | 000,001,153 | ---- | C] () -- C:\Users\Cee-emmzorznation\Desktop\360 Total Security.lnk
[2014/12/14 13:42:29 | 003,536,817 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/12/14 12:27:17 | 000,000,219 | ---- | C] () -- C:\Users\Cee-emmzorznation\Desktop\Dota 2.url
[2014/12/14 10:59:14 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/12/14 05:56:02 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014/12/13 22:27:42 | 000,001,428 | ---- | C] () -- C:\Users\Cee-emmzorznation\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/12/13 22:24:24 | 000,001,434 | ---- | C] () -- C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/12/13 22:23:05 | 000,000,352 | ---- | C] () -- C:\Users\Cee-emmzorznation\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/12/13 22:23:05 | 000,000,334 | ---- | C] () -- C:\Users\Cee-emmzorznation\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/07/26 11:07:16 | 019,779,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/07/26 11:19:59 | 017,559,552 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 11:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 11:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 11:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >


Edited by skyzorz, 14 December 2014 - 11:25 PM.

  • 0

Advertisements

#2
Naathim
Posted 15 December 2014 - 01:18 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)


I'd like to use a different scanner, also please don't change anything it the settings unless I specifically tell you to.

FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > Windows 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
  • 0

#3
skyzorz
Posted 15 December 2014 - 01:30 AM

skyzorz

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Hi thank you for helping me .

Here are the scan results

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Cee-emmzorznation (administrator) on CM on 15-12-2014 15:28:06
Running from C:\Users\Cee-emmzorznation\Downloads
Loaded Profile: Cee-emmzorznation (Available profiles: Cee-emmzorznation & UpdatusUser)
Platform: Windows 8 Enterprise (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [270960 2014-12-12] (Qihu Software Co. Limited)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [707184 2014-12-12] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2014-12-12] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2014-12-12] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2014-12-12] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2014-12-12] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [312400 2014-12-12] (Qihu 360 Software Co., Ltd.)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2014-12-12] (Qihu 360 Software Co., Ltd.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R3 SgamingkbFltr; C:\Windows\system32\drivers\GKS16Fltr.sys [14848 2011-12-20] (LXD Development, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 15:28 - 2014-12-15 15:28 - 00005061 _____ () C:\Users\Cee-emmzorznation\Downloads\FRST.txt
2014-12-15 15:27 - 2014-12-15 15:27 - 00001208 _____ () C:\Users\Cee-emmzorznation\Desktop\FRST64 - Shortcut.lnk
2014-12-15 15:26 - 2014-12-15 15:28 - 00000000 ____D () C:\FRST
2014-12-15 15:22 - 2014-12-15 15:26 - 02119168 _____ (Farbar) C:\Users\Cee-emmzorznation\Downloads\FRST64.exe
2014-12-15 15:00 - 2014-12-15 15:00 - 00000117 _____ () C:\Windows\system32\netcfg-10997234.txt
2014-12-15 15:00 - 2014-12-15 15:00 - 00000117 _____ () C:\Windows\system32\netcfg-10986000.txt
2014-12-15 14:43 - 2014-12-15 14:43 - 00000117 _____ () C:\Windows\system32\netcfg-9963562.txt
2014-12-15 14:43 - 2014-12-15 14:43 - 00000117 _____ () C:\Windows\system32\netcfg-9960859.txt
2014-12-15 13:11 - 2014-12-15 13:11 - 00602112 _____ (OldTimer Tools) C:\Users\Cee-emmzorznation\Downloads\OTL.com
2014-12-15 12:37 - 2014-12-15 12:37 - 00000036 _____ () C:\Users\Cee-emmzorznation\AppData\Local\housecall.guid.cache
2014-12-15 12:27 - 2014-12-15 12:37 - 02476596 _____ (Trend Micro Inc.) C:\Users\Cee-emmzorznation\Downloads\HousecallLauncher64.exe
2014-12-15 12:14 - 2014-12-15 12:14 - 00000117 _____ () C:\Windows\system32\netcfg-1017828.txt
2014-12-15 12:14 - 2014-12-15 12:14 - 00000117 _____ () C:\Windows\system32\netcfg-1015500.txt
2014-12-15 12:11 - 2014-12-15 12:11 - 00000117 _____ () C:\Windows\system32\netcfg-859140.txt
2014-12-15 12:11 - 2014-12-15 12:11 - 00000117 _____ () C:\Windows\system32\netcfg-850062.txt
2014-12-15 12:11 - 2014-12-15 12:11 - 00000117 _____ () C:\Windows\system32\netcfg-831625.txt
2014-12-15 12:11 - 2014-12-15 12:11 - 00000117 _____ () C:\Windows\system32\netcfg-825171.txt
2014-12-15 12:09 - 2014-12-15 12:09 - 00000117 _____ () C:\Windows\system32\netcfg-705453.txt
2014-12-15 12:08 - 2014-12-15 12:08 - 00000117 _____ () C:\Windows\system32\netcfg-701000.txt
2014-12-15 12:07 - 2014-12-15 12:07 - 00000117 _____ () C:\Windows\system32\netcfg-631718.txt
2014-12-15 12:07 - 2014-12-15 12:07 - 00000117 _____ () C:\Windows\system32\netcfg-607000.txt
2014-12-15 12:06 - 2014-12-15 12:06 - 00000117 _____ () C:\Windows\system32\netcfg-580718.txt
2014-12-15 12:06 - 2014-12-15 12:06 - 00000117 _____ () C:\Windows\system32\netcfg-564046.txt
2014-12-15 11:58 - 2014-12-15 11:58 - 00000117 _____ () C:\Windows\system32\netcfg-62687.txt
2014-12-15 11:57 - 2014-12-15 11:57 - 00281624 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-15 11:43 - 2014-12-15 11:43 - 00000117 _____ () C:\Windows\system32\netcfg-443953.txt
2014-12-15 11:37 - 2014-12-15 11:37 - 00000117 _____ () C:\Windows\system32\netcfg-75640.txt
2014-12-15 11:35 - 2014-12-15 11:35 - 00000117 _____ () C:\Windows\system32\netcfg-62034312.txt
2014-12-15 11:07 - 2014-12-15 11:07 - 00000117 _____ () C:\Windows\system32\netcfg-60350843.txt
2014-12-15 11:07 - 2014-12-15 11:07 - 00000117 _____ () C:\Windows\system32\netcfg-60350171.txt
2014-12-14 20:23 - 2014-12-14 20:23 - 00000117 _____ () C:\Windows\system32\netcfg-7307718.txt
2014-12-14 18:20 - 2014-12-14 18:20 - 00000117 _____ () C:\Windows\system32\netcfg-15182843.txt
2014-12-14 18:18 - 2014-12-14 18:18 - 00000117 _____ () C:\Windows\system32\netcfg-15037781.txt
2014-12-14 18:18 - 2014-12-14 18:18 - 00000117 _____ () C:\Windows\system32\netcfg-15025343.txt
2014-12-14 18:18 - 2014-12-14 18:18 - 00000117 _____ () C:\Windows\system32\netcfg-15012437.txt
2014-12-14 18:18 - 2014-12-14 18:18 - 00000117 _____ () C:\Windows\system32\netcfg-15009375.txt
2014-12-14 18:18 - 2014-12-14 18:18 - 00000000 ____D () C:\7b91df376a142b0b983c120a
2014-12-14 18:18 - 2013-12-09 08:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-14 18:18 - 2013-12-09 07:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-14 18:17 - 2014-12-14 18:17 - 00000117 _____ () C:\Windows\system32\netcfg-14996750.txt
2014-12-14 18:17 - 2014-12-14 18:17 - 00000117 _____ () C:\Windows\system32\netcfg-14996656.txt
2014-12-14 18:13 - 2014-12-14 18:13 - 00000117 _____ () C:\Windows\system32\netcfg-14712343.txt
2014-12-14 18:12 - 2014-12-14 18:12 - 00001139 _____ () C:\Windows\system32\netcfg-14696484.txt
2014-12-14 18:12 - 2014-12-14 18:12 - 00000117 _____ () C:\Windows\system32\netcfg-14696921.txt
2014-12-14 18:12 - 2013-07-06 06:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-12-14 18:12 - 2013-07-06 06:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-12-14 18:07 - 2014-12-14 18:07 - 00000117 _____ () C:\Windows\system32\netcfg-14397265.txt
2014-12-14 18:07 - 2014-12-14 18:07 - 00000117 _____ () C:\Windows\system32\netcfg-14370718.txt
2014-12-14 17:18 - 2014-12-14 17:18 - 00000000 ____D () C:\Windows\Tasks\360Disabled
2014-12-14 17:17 - 2014-12-14 18:03 - 00000000 ____D () C:\Users\Cee-emmzorznation\AppData\Roaming\360safe
2014-12-14 17:17 - 2014-12-14 18:03 - 00000000 ____D () C:\ProgramData\360safe
2014-12-14 17:17 - 2014-12-14 17:17 - 00001153 _____ () C:\Users\Cee-emmzorznation\Desktop\360 Total Security.lnk
2014-12-14 17:17 - 2014-12-14 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2014-12-14 17:17 - 2014-12-14 17:17 - 00000000 ____D () C:\Program Files (x86)\360
2014-12-14 17:17 - 2014-12-12 17:10 - 00312400 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360fsflt.sys
2014-12-14 17:17 - 2014-12-12 17:10 - 00305736 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
2014-12-14 17:17 - 2014-12-12 17:10 - 00180816 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\BAPIDRV64.SYS
2014-12-14 17:17 - 2014-12-12 17:10 - 00100424 _____ (360.cn) C:\Windows\system32\Drivers\360AntiHacker64.sys
2014-12-14 17:17 - 2014-12-12 17:10 - 00077896 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2014-12-14 17:17 - 2014-12-12 17:10 - 00040520 _____ (360.cn) C:\Windows\system32\Drivers\360Camera64.sys
2014-12-14 17:17 - 2014-12-12 17:10 - 00023752 _____ (360安全中心) C:\Windows\system32\Drivers\efimon.sys
2014-12-14 17:15 - 2014-12-14 17:15 - 00000117 _____ () C:\Windows\system32\netcfg-11256171.txt
2014-12-14 17:15 - 2014-12-14 17:15 - 00000117 _____ () C:\Windows\system32\netcfg-11256125.txt
2014-12-14 17:15 - 2014-12-14 17:15 - 00000117 _____ () C:\Windows\system32\netcfg-11243671.txt
2014-12-14 17:15 - 2014-12-14 17:15 - 00000117 _____ () C:\Windows\system32\netcfg-11243312.txt
2014-12-14 17:03 - 2014-12-14 17:03 - 00000117 _____ () C:\Windows\system32\netcfg-10547750.txt
2014-12-14 17:03 - 2014-12-14 17:03 - 00000117 _____ () C:\Windows\system32\netcfg-10509828.txt
2014-12-14 14:28 - 2014-12-14 17:16 - 33199432 _____ () C:\Users\Cee-emmzorznation\Downloads\360TS_Setup_5.2.0.1080.exe
2014-12-14 14:09 - 2014-12-14 14:09 - 00000136 _____ () C:\Windows\system32\netcfg-110609.txt
2014-12-14 14:09 - 2014-12-14 14:09 - 00000134 _____ () C:\Windows\system32\netcfg-110390.txt
2014-12-14 14:09 - 2014-12-14 14:09 - 00000134 _____ () C:\Windows\system32\netcfg-108171.txt
2014-12-14 14:09 - 2014-12-14 14:09 - 00000117 _____ () C:\Windows\system32\netcfg-75718.txt
2014-12-14 14:09 - 2014-11-27 05:11 - 00714184 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-14 14:09 - 2014-11-27 05:11 - 00106440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-14 14:07 - 2014-12-14 14:07 - 00000117 _____ () C:\Windows\system32\netcfg-12070890.txt
2014-12-14 13:55 - 2014-12-14 17:21 - 00000000 ____D () C:\Windows\Panther
2014-12-14 13:52 - 2014-12-14 13:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-14 13:52 - 2014-11-27 16:40 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-14 13:42 - 2014-12-14 14:10 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-12-14 13:42 - 2014-12-14 14:10 - 00000000 ____D () C:\Windows\system32\NV
2014-12-14 13:42 - 2014-12-14 13:42 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-12-14 13:42 - 2014-12-14 13:42 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-14 13:42 - 2012-10-03 03:51 - 06200680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-12-14 13:42 - 2012-10-03 03:51 - 03536817 _____ () C:\Windows\system32\nvcoproc.bin
2014-12-14 13:42 - 2012-10-03 03:51 - 03293544 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-12-14 13:42 - 2012-10-03 03:50 - 02557800 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-12-14 13:42 - 2012-10-03 03:50 - 00891240 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-12-14 13:42 - 2012-10-03 03:50 - 00866664 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-12-14 13:42 - 2012-10-03 03:50 - 00118120 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-12-14 13:42 - 2012-10-03 03:50 - 00063336 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-12-14 13:42 - 2012-10-03 03:50 - 00055144 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-12-14 13:42 - 2012-07-26 16:13 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-14 13:42 - 2012-07-26 16:13 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-14 13:42 - 2012-07-26 16:13 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-14 13:42 - 2012-07-26 16:13 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-14 13:41 - 2012-10-08 11:42 - 00060776 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-12-14 13:41 - 2012-10-08 11:42 - 00052584 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-12-14 13:40 - 2014-12-14 13:42 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-14 13:40 - 2014-12-14 13:42 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-14 13:40 - 2014-12-14 13:40 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-14 13:31 - 2014-10-30 19:25 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-14 13:22 - 2014-12-14 13:22 - 00000117 _____ () C:\Windows\system32\netcfg-9359500.txt
2014-12-14 13:21 - 2014-12-14 13:21 - 00000117 _____ () C:\Windows\system32\netcfg-9339265.txt
2014-12-14 12:27 - 2014-12-14 12:27 - 00000219 _____ () C:\Users\Cee-emmzorznation\Desktop\Dota 2.url
2014-12-14 12:27 - 2014-12-14 12:27 - 00000000 ____D () C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-14 12:22 - 2014-12-14 12:22 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-12-14 12:19 - 2014-11-21 16:38 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-14 12:19 - 2014-11-21 16:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-14 12:19 - 2014-11-21 16:37 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-14 12:19 - 2014-11-21 16:37 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-12-14 12:19 - 2014-11-21 16:37 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-12-14 12:19 - 2014-11-21 16:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-14 12:19 - 2014-11-21 16:36 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-14 12:19 - 2014-11-21 16:36 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-14 12:19 - 2014-11-21 16:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-14 12:19 - 2014-11-21 16:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-14 12:19 - 2014-11-21 16:36 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-14 12:19 - 2014-11-21 15:17 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-14 12:19 - 2014-11-21 15:17 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-14 12:19 - 2014-11-21 15:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-14 12:19 - 2014-11-21 15:17 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-12-14 12:19 - 2014-11-21 15:16 - 13758976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-14 12:19 - 2014-11-21 15:16 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-14 12:19 - 2014-11-21 15:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-14 12:19 - 2014-11-21 15:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-14 12:19 - 2014-11-21 15:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-14 12:19 - 2014-11-21 15:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-14 12:19 - 2014-11-21 15:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-14 12:19 - 2014-11-21 15:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-14 12:19 - 2014-11-21 15:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-14 12:19 - 2014-11-21 15:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-14 12:19 - 2014-11-21 12:30 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-12-14 12:18 - 2014-11-21 16:36 - 19283456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-14 12:18 - 2014-11-21 16:36 - 15400960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-14 12:18 - 2014-11-21 16:36 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-14 12:18 - 2014-11-21 16:36 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-14 12:18 - 2014-11-21 16:36 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-14 12:18 - 2014-11-21 16:36 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-14 12:18 - 2014-11-21 16:36 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-14 12:18 - 2014-11-21 16:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-14 12:18 - 2014-11-21 16:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-14 12:18 - 2014-11-21 16:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-14 12:18 - 2014-11-21 15:17 - 14364672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-14 12:18 - 2014-11-21 15:17 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-14 12:18 - 2014-11-21 15:16 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-14 12:18 - 2014-11-21 15:16 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-14 12:18 - 2014-11-21 15:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-14 12:18 - 2014-11-21 15:16 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-14 12:18 - 2014-11-21 14:54 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-14 12:09 - 2012-08-31 08:53 - 00017888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2014-12-14 12:09 - 2012-08-31 08:52 - 00017888 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2014-12-14 11:48 - 2013-08-23 15:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-12-14 11:48 - 2013-08-23 09:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-12-14 11:39 - 2013-02-02 19:19 - 00329960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-12-14 11:39 - 2013-02-02 19:19 - 00061672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2014-12-14 11:39 - 2013-02-02 18:54 - 01933544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-12-14 11:39 - 2013-02-02 18:28 - 00993512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-12-14 11:39 - 2013-02-02 16:40 - 10792448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-12-14 11:39 - 2013-02-02 16:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2014-12-14 11:39 - 2013-02-02 16:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2014-12-14 11:39 - 2013-02-02 16:40 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-12-14 11:39 - 2013-02-02 16:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2014-12-14 11:39 - 2013-02-02 16:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-12-14 11:39 - 2013-02-02 16:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2014-12-14 11:39 - 2013-02-02 16:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2014-12-14 11:39 - 2013-02-02 16:39 - 05090816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-14 11:39 - 2013-02-02 16:39 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2014-12-14 11:39 - 2013-02-02 16:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2014-12-14 11:39 - 2013-02-02 16:39 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-12-14 11:39 - 2013-02-02 16:39 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2014-12-14 11:39 - 2013-02-02 16:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2014-12-14 11:39 - 2013-02-02 16:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2014-12-14 11:39 - 2013-02-02 16:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2014-12-14 11:39 - 2013-02-02 16:24 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2014-12-14 11:39 - 2013-02-02 16:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2014-12-14 11:39 - 2013-02-02 16:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2014-12-14 11:39 - 2013-02-02 16:23 - 13643264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-12-14 11:39 - 2013-02-02 16:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-12-14 11:39 - 2013-02-02 16:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll
2014-12-14 11:39 - 2013-02-02 16:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2014-12-14 11:39 - 2013-02-02 16:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2014-12-14 11:39 - 2013-02-02 16:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-12-14 11:39 - 2013-02-02 16:23 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-12-14 11:39 - 2013-02-02 16:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2014-12-14 11:39 - 2013-02-02 16:22 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-12-14 11:39 - 2013-02-02 16:21 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-14 11:39 - 2013-02-02 16:21 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2014-12-14 11:39 - 2013-02-02 16:21 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-12-14 11:39 - 2013-02-02 16:21 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2014-12-14 11:39 - 2013-02-02 16:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2014-12-14 11:39 - 2013-02-02 16:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll
2014-12-14 11:39 - 2013-02-02 15:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-12-14 11:39 - 2013-02-02 15:25 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2014-12-14 11:39 - 2012-11-27 11:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2014-12-14 11:39 - 2012-11-27 11:55 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys
2014-12-14 11:39 - 2012-11-20 12:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys
2014-12-14 11:39 - 2012-09-20 14:32 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-12-14 11:39 - 2012-09-20 14:32 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-12-14 11:38 - 2013-03-22 11:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-12-14 11:38 - 2013-03-22 06:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-12-14 11:37 - 2014-09-25 11:15 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-12-14 11:37 - 2014-09-25 07:30 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-12-14 11:37 - 2014-09-25 07:29 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-14 11:37 - 2014-09-25 07:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-12-14 11:37 - 2014-09-25 07:01 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-12-14 11:37 - 2014-09-25 07:01 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-14 11:37 - 2014-09-25 07:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-12-14 11:37 - 2014-09-25 07:00 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-12-14 11:37 - 2014-05-30 07:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-12-14 11:37 - 2014-04-12 17:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-12-14 11:37 - 2014-04-12 17:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-12-14 11:37 - 2014-04-12 17:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-12-14 11:37 - 2014-04-12 17:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-12-14 11:37 - 2014-04-12 17:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-14 11:37 - 2014-04-12 17:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-12-14 11:37 - 2014-04-12 17:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-12-14 11:37 - 2014-04-12 15:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-12-14 11:37 - 2014-04-12 15:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-12-14 11:37 - 2014-04-12 15:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-12-14 11:37 - 2014-04-12 15:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-12-14 11:37 - 2014-04-12 15:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-12-14 11:37 - 2014-04-12 15:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-12-14 11:37 - 2014-04-12 14:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-12-14 11:37 - 2014-03-04 07:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-12-14 11:37 - 2013-05-04 14:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-12-14 11:37 - 2013-01-29 09:57 - 00035232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-12-14 11:37 - 2013-01-29 07:08 - 00230904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-12-14 11:36 - 2014-06-18 07:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-12-14 11:36 - 2014-06-18 07:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-12-14 11:36 - 2014-04-19 17:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-12-14 11:36 - 2014-04-19 16:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-12-14 11:36 - 2014-04-19 16:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-14 11:36 - 2014-04-19 14:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-12-14 11:36 - 2014-04-19 14:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-14 11:36 - 2014-01-31 08:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-12-14 11:36 - 2013-08-16 13:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-12-14 11:36 - 2013-05-04 12:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-12-14 11:36 - 2013-04-03 07:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-12-14 11:36 - 2013-04-03 07:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-12-14 11:35 - 2014-10-30 15:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-14 11:35 - 2014-10-30 13:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-14 11:35 - 2013-10-10 19:53 - 00096600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-12-14 11:35 - 2013-10-10 17:21 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-12-14 11:35 - 2013-10-10 17:20 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-12-14 11:35 - 2013-06-11 03:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-12-14 11:35 - 2013-06-11 03:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-12-14 11:35 - 2013-06-11 03:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-12-14 11:35 - 2013-06-11 03:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-12-14 11:35 - 2013-04-11 14:40 - 06987528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-12-14 11:34 - 2014-10-18 16:44 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-14 11:34 - 2014-10-18 15:05 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-12-14 11:34 - 2014-08-23 14:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-14 11:34 - 2014-07-16 07:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-12-14 11:34 - 2014-07-12 10:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-12-14 11:34 - 2013-04-12 06:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-12-14 11:34 - 2013-04-12 06:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-12-14 11:34 - 2013-03-02 16:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-12-14 11:34 - 2013-03-02 10:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-12-14 11:34 - 2012-12-15 12:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-12-14 11:34 - 2012-11-03 13:26 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\sysreset.exe
2014-12-14 11:34 - 2012-11-03 13:25 - 00945152 _____ (Microsoft Corporation) C:\Windows\system32\resetengmig.dll
2014-12-14 11:34 - 2012-11-01 12:41 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-12-14 11:34 - 2012-11-01 12:40 - 02361344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-12-14 11:34 - 2012-11-01 12:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-12-14 11:34 - 2012-11-01 12:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-12-14 11:33 - 2014-02-06 07:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-12-14 11:33 - 2014-02-06 07:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-12-14 11:33 - 2014-02-06 07:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-12-14 11:33 - 2014-02-06 07:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-12-14 11:33 - 2013-07-06 08:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-12-14 11:33 - 2013-07-04 10:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-12-14 11:33 - 2013-02-12 08:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-12-14 11:32 - 2014-09-03 10:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-12-14 11:32 - 2014-09-03 10:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-12-14 11:32 - 2014-08-01 07:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-12-14 11:32 - 2014-06-13 09:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-12-14 11:32 - 2014-06-13 09:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-12-14 11:32 - 2013-10-19 13:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-12-14 11:32 - 2013-10-19 12:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-12-14 11:32 - 2013-07-02 06:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2014-12-14 11:32 - 2013-06-29 11:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-12-14 11:32 - 2013-06-29 11:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-12-14 11:32 - 2013-06-22 13:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-12-14 11:32 - 2013-06-22 13:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-12-14 11:32 - 2013-05-04 12:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-12-14 11:32 - 2013-01-10 09:40 - 00303848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-12-14 11:32 - 2012-10-10 15:04 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-12-14 11:32 - 2012-10-10 14:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-12-14 11:31 - 2014-06-20 07:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-12-14 11:31 - 2014-06-20 06:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-12-14 11:31 - 2014-06-03 06:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-12-14 11:31 - 2013-07-13 14:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-12-14 11:31 - 2013-07-13 14:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-12-14 11:31 - 2013-07-13 14:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2014-12-14 11:31 - 2013-07-13 14:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2014-12-14 11:31 - 2013-07-13 12:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-12-14 11:31 - 2013-07-13 12:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2014-12-14 11:31 - 2013-07-13 12:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2014-12-14 11:31 - 2013-07-01 09:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-12-14 11:31 - 2013-07-01 09:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-12-14 11:31 - 2013-07-01 09:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-12-14 11:31 - 2013-07-01 09:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-12-14 11:31 - 2013-06-29 11:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-12-14 11:31 - 2013-06-29 11:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-12-14 11:31 - 2013-04-24 07:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-12-14 11:31 - 2013-04-24 07:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-12-14 11:31 - 2013-04-24 06:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-12-14 11:31 - 2013-04-24 06:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-12-14 11:31 - 2013-02-06 06:31 - 00622080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-12-14 11:31 - 2013-02-06 06:29 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-12-14 11:31 - 2013-02-06 06:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-12-14 11:31 - 2013-02-06 06:28 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-12-14 11:31 - 2012-11-20 12:56 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-12-14 11:30 - 2014-08-22 07:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-12-14 11:30 - 2014-08-22 07:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-12-14 11:30 - 2014-06-06 22:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-12-14 11:30 - 2014-06-06 18:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-12-14 11:30 - 2014-05-30 06:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-12-14 11:30 - 2014-04-03 19:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-12-14 11:30 - 2013-09-28 11:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-12-14 11:30 - 2013-07-02 09:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-12-14 11:30 - 2013-07-02 09:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-12-14 11:30 - 2013-07-02 09:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2014-12-14 11:30 - 2013-05-27 07:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-12-14 11:30 - 2013-05-27 06:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-12-14 11:30 - 2013-05-25 11:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-12-14 11:30 - 2013-05-25 10:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-12-14 11:30 - 2013-03-02 17:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-12-14 11:30 - 2013-02-02 13:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-12-14 11:30 - 2013-02-02 13:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-12-14 11:30 - 2012-11-08 12:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-12-14 11:30 - 2012-11-08 12:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-12-14 11:30 - 2012-11-08 12:20 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-12-14 11:30 - 2012-11-08 12:20 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-12-14 11:30 - 2012-11-08 12:02 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-12-14 11:30 - 2012-11-08 12:01 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-12-14 11:30 - 2012-11-03 13:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2014-12-14 11:30 - 2012-11-03 13:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2014-12-14 11:30 - 2012-11-03 13:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-12-14 11:30 - 2012-11-03 13:24 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-12-14 11:30 - 2012-11-03 13:24 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2014-12-14 11:30 - 2012-11-03 13:24 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2014-12-14 11:30 - 2012-11-03 13:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2014-12-14 11:30 - 2012-11-03 13:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2014-12-14 11:30 - 2012-11-03 13:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2014-12-14 11:30 - 2012-11-03 13:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2014-12-14 11:30 - 2012-11-03 13:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2014-12-14 11:30 - 2012-11-03 13:04 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2014-12-14 11:30 - 2012-11-03 13:00 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2014-12-14 11:30 - 2012-11-03 13:00 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2014-12-14 11:30 - 2012-11-01 12:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-12-14 11:30 - 2012-11-01 12:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-12-14 11:30 - 2012-10-24 11:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2014-12-14 11:30 - 2012-10-24 10:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2014-12-14 11:30 - 2012-10-11 13:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-12-14 11:30 - 2012-10-11 13:19 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2014-12-14 11:30 - 2012-10-11 13:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-12-14 11:29 - 2013-12-05 07:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-12-14 11:29 - 2013-12-05 07:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-12-14 11:29 - 2013-03-15 08:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-12-14 11:29 - 2013-03-02 16:22 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-12-14 11:29 - 2013-03-02 10:44 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-12-14 11:29 - 2012-12-13 12:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-14 11:29 - 2012-12-13 11:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-14 11:29 - 2012-10-24 11:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2014-12-14 11:29 - 2012-10-24 11:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-12-14 11:29 - 2012-10-24 11:24 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2014-12-14 11:29 - 2012-10-24 11:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2014-12-14 11:28 - 2014-10-23 20:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-12-14 11:28 - 2014-10-23 19:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-12-14 11:28 - 2013-11-23 14:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-12-14 11:28 - 2013-11-23 13:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-12-14 11:28 - 2013-11-01 13:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-12-14 11:28 - 2013-11-01 11:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-12-14 11:28 - 2013-10-10 17:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-12-14 11:28 - 2013-10-10 17:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2014-12-14 11:28 - 2013-10-10 17:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-12-14 11:28 - 2013-10-10 17:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-12-14 11:28 - 2013-10-10 17:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-12-14 11:28 - 2013-10-10 17:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-12-14 11:28 - 2013-10-10 17:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-12-14 11:28 - 2013-04-27 13:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-12-14 10:59 - 2014-12-15 12:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-14 10:59 - 2014-12-14 10:59 - 00000967 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-12-14 10:59 - 2014-12-14 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-14 10:58 - 2014-12-14 10:59 - 01142392 _____ () C:\Users\Cee-emmzorznation\Downloads\SteamSetup.exe
2014-12-14 10:47 - 2014-12-14 10:47 - 00000117 _____ () C:\Windows\system32\netcfg-57046.txt
2014-12-14 10:45 - 2014-12-14 10:45 - 00000117 _____ () C:\Windows\system32\netcfg-44925390.txt
2014-12-14 10:41 - 2014-05-20 10:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-14 10:41 - 2014-05-20 07:45 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-12-14 10:41 - 2014-05-20 07:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-12-14 10:41 - 2014-05-20 07:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-14 10:41 - 2014-05-20 07:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-14 10:41 - 2014-05-20 07:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-12-14 10:41 - 2014-05-20 07:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-12-14 10:41 - 2014-05-20 07:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-12-14 10:41 - 2014-05-20 07:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-12-14 10:41 - 2014-05-15 06:43 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-14 10:41 - 2014-05-15 06:43 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-14 10:41 - 2014-05-15 06:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-12-14 10:41 - 2014-05-15 06:42 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-12-14 10:41 - 2013-08-16 13:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-12-14 10:41 - 2013-08-16 13:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-12-14 10:41 - 2013-08-16 06:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-12-14 10:41 - 2012-11-06 12:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-12-14 10:41 - 2012-11-06 12:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wushareduxresources.dll
2014-12-14 10:37 - 2014-12-14 10:37 - 00000000 ____D () C:\Users\Cee-emmzorznation\AppData\Roaming\Macromedia
2014-12-14 10:35 - 2014-12-14 10:35 - 00000117 _____ () C:\Windows\system32\netcfg-44292703.txt
2014-12-14 10:35 - 2014-12-14 10:35 - 00000117 _____ () C:\Windows\system32\netcfg-44289625.txt
2014-12-14 10:35 - 2014-12-14 10:35 - 00000117 _____ () C:\Windows\system32\netcfg-44283203.txt
2014-12-14 06:21 - 2014-12-13 22:21 - 00000117 _____ () C:\Windows\system32\netcfg-274421.txt
2014-12-14 06:20 - 2014-12-14 06:20 - 00001139 _____ () C:\Windows\system32\netcfg-223328.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00001136 _____ () C:\Windows\system32\netcfg-93125.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00001135 _____ () C:\Windows\system32\netcfg-81109.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00001102 _____ () C:\Windows\system32\netcfg-132703.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00000197 _____ () C:\Windows\system32\netcfg-93921.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00000185 _____ () C:\Windows\system32\netcfg-91375.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00000164 _____ () C:\Windows\system32\netcfg-87687.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00000163 _____ () C:\Windows\system32\netcfg-132093.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00000161 _____ () C:\Windows\system32\netcfg-91000.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00000160 _____ () C:\Windows\system32\netcfg-90343.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00000160 _____ () C:\Windows\system32\netcfg-89421.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00000160 _____ () C:\Windows\system32\netcfg-80187.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00000159 _____ () C:\Windows\system32\netcfg-88640.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00000157 _____ () C:\Windows\system32\netcfg-89859.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00000157 _____ () C:\Windows\system32\netcfg-78718.txt
2014-12-14 05:57 - 2014-12-14 05:57 - 00000150 _____ () C:\Windows\system32\netcfg-88250.txt
2014-12-14 05:55 - 2014-12-14 18:21 - 00001850 _____ () C:\Windows\PFRO.log
2014-12-13 22:57 - 2014-12-13 22:57 - 00000117 _____ () C:\Windows\system32\netcfg-2428750.txt
2014-12-13 22:32 - 2014-12-15 12:55 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4243020141-3326442137-2834149427-1001
2014-12-13 22:24 - 2014-12-13 22:24 - 00001434 _____ () C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-13 22:24 - 2014-12-13 22:24 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-12-13 22:24 - 2014-12-13 22:24 - 00000000 ____D () C:\Users\Cee-emmzorznation\AppData\Roaming\Adobe
2014-12-13 22:23 - 2014-12-15 15:06 - 01548622 _____ () C:\Windows\WindowsUpdate.log
2014-12-13 22:23 - 2014-12-14 13:29 - 00000000 ____D () C:\Users\Cee-emmzorznation
2014-12-13 22:23 - 2014-12-13 22:24 - 00000000 ____D () C:\Users\Cee-emmzorznation\AppData\Local\Packages
2014-12-13 22:23 - 2014-12-13 22:24 - 00000000 ____D () C:\ProgramData\PRICache
2014-12-13 22:23 - 2014-12-13 22:23 - 00000020 ___SH () C:\Users\Cee-emmzorznation\ntuser.ini
2014-12-13 22:23 - 2014-12-13 22:23 - 00000000 ____D () C:\Users\Cee-emmzorznation\AppData\Local\VirtualStore
2014-12-13 22:23 - 2012-07-26 16:13 - 00000000 ___RD () C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-13 22:23 - 2012-07-26 16:13 - 00000000 ___RD () C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-13 22:23 - 2012-07-26 16:13 - 00000000 ___RD () C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-13 22:23 - 2012-07-26 16:13 - 00000000 ____D () C:\Users\Cee-emmzorznation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-13 22:22 - 2014-12-13 22:22 - 00000000 ____D () C:\Windows\CSC
2014-12-13 22:21 - 2014-12-13 22:21 - 00000117 _____ () C:\Windows\system32\netcfg-277515.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 15:02 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\system32\sru
2014-12-15 13:18 - 2012-07-26 15:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-15 12:18 - 2012-07-26 15:28 - 00803370 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-15 12:17 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-15 11:58 - 2012-07-26 15:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-15 11:43 - 2012-07-26 13:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-14 17:23 - 2012-07-26 16:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-14 17:23 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-12-14 14:46 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\rescache
2014-12-14 14:09 - 2012-07-26 13:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-14 14:04 - 2012-07-26 16:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-14 14:04 - 2012-07-26 16:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-14 14:04 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\WinStore
2014-12-14 14:04 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-14 14:04 - 2012-07-26 15:53 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-14 14:03 - 2012-07-26 16:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-14 14:03 - 2012-07-26 16:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-14 14:03 - 2012-07-26 16:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-14 14:03 - 2012-07-26 16:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-14 14:02 - 2012-07-26 13:38 - 00000000 ____D () C:\Windows\system32\oobe
2014-12-14 13:55 - 2012-07-26 16:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-12-14 13:42 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\Help
2014-12-14 13:30 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-12-14 10:41 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\system32\restore
2014-12-14 06:18 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\system32\Recovery
2014-12-13 22:23 - 2012-07-26 16:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-12-02 20:47 - 2011-06-07 15:10 - 00000000 __SHD () C:\Recovery
2014-12-02 19:00 - 2013-11-23 09:58 - 00000000 __SHD () C:\$360Section

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-14 05:56

==================== End Of Log ============================


  • 0

#4
skyzorz
Posted 15 December 2014 - 01:30 AM

skyzorz

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014 01
Ran by Cee-emmzorznation at 2014-12-15 15:28:58
Running from C:\Users\Cee-emmzorznation\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 5.2.0.1080 - 360 Security Center)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
NVIDIA Graphics Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

14-12-2014 05:29:54 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 13:26 - 2012-07-26 13:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {69B746F7-D039-4F36-8D85-EFCD03369455} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-11-27] (Microsoft Corporation)

==================== Loaded Modules (whitelisted) =============

2014-12-14 17:17 - 2014-12-12 17:10 - 00707184 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
2014-12-14 17:17 - 2014-12-12 17:10 - 00259152 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2012-07-26 15:57 - 2012-07-26 15:54 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-09-14 22:40 - 2012-09-14 22:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-14 17:17 - 2014-12-12 17:10 - 01818736 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2012-10-08 11:42 - 2012-10-08 11:42 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-12-14 12:10 - 2014-11-12 02:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-14 12:10 - 2014-11-12 02:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-14 12:10 - 2014-11-12 02:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-14 12:11 - 2014-11-12 02:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-14 12:11 - 2014-11-19 04:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-14 12:10 - 2014-11-12 02:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-14 12:10 - 2014-11-12 02:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-12-14 12:10 - 2014-11-19 04:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-12-14 12:10 - 2014-11-12 02:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-12-14 12:10 - 2014-11-12 02:48 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-4243020141-3326442137-2834149427-500 - Administrator - Disabled)
Cee-emmzorznation (S-1-5-21-4243020141-3326442137-2834149427-1001 - Administrator - Enabled) => C:\Users\Cee-emmzorznation
Guest (S-1-5-21-4243020141-3326442137-2834149427-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4243020141-3326442137-2834149427-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-4243020141-3326442137-2834149427-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/15/2014 03:00:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 03:00:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007267C
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 02:43:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 01:43:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 00:14:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 00:11:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 00:11:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 00:11:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 00:09:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 00:07:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

System errors:
=============
Error: (12/15/2014 03:14:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

Error: (12/15/2014 03:06:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.6.
The computer with the IP address 192.168.1.3 did not allow the name to be claimed by
this computer.

Error: (12/15/2014 03:01:08 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.6.
The computer with the IP address 192.168.1.3 did not allow the name to be claimed by
this computer.

Error: (12/15/2014 02:54:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

Error: (12/15/2014 00:57:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Update for Windows 8 for x64-based Systems (KB2795944).

Error: (12/15/2014 00:57:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Update for Microsoft Camera Codec Pack for Windows 8 for x64-based Systems (KB2779444).

Error: (12/15/2014 00:57:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Update for Windows 8 for x64-based Systems (KB2871389).

Error: (12/15/2014 00:57:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Security Update for Microsoft .NET Framework 4.5 and 4.5.1 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2894855).

Error: (12/15/2014 00:57:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Security Update for Windows 8 for x64-based Systems (KB2926765).

Error: (12/15/2014 00:57:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Update for Microsoft .NET Framework 4.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2805227).

Microsoft Office Sessions:
=========================
Error: (12/15/2014 03:00:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 03:00:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0x8007267CRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 02:43:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 01:43:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 00:14:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 00:11:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 00:11:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 00:11:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 00:09:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/15/2014 00:07:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0x8007007BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=458e1bec-837a-45f6-b9d5-925ed5d299de;NotificationInterval=1440;Trigger=NetworkAvailable

==================== Memory info ===========================

Processor: Intel® Core™ i5 CPU M 480 @ 2.67GHz
Percentage of memory in use: 48%
Total physical RAM: 5940.49 MB
Available physical RAM: 3083.17 MB
Total Pagefile: 10036.49 MB
Available Pagefile: 6856.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:202.69 GB) (Free:163.98 GB) NTFS
Drive d: (Data) (Fixed) (Total:255.97 GB) (Free:248.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4BD0EC43)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=202.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=256 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=7 GB) - (Type=27)

==================== End Of Log ============================

Percentage of memory in use: 48%
Total physical RAM: 5940.49 MB
Available physical RAM: 3083.17 MB
Total Pagefile: 10036.49 MB
Available Pagefile: 6856.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:202.69 GB) (Free:163.98 GB) NTFS
Drive d: (Data) (Fixed) (Total:255.97 GB) (Free:248.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4BD0EC43)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=202.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=256 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=7 GB) - (Type=27)

==================== End Of Log ============================


Edited by skyzorz, 15 December 2014 - 01:31 AM.

  • 0

#5
Naathim
Posted 15 December 2014 - 01:54 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

There are some errors pointing here:

  • Press the WindowsKey.png + R on your keyboard at the same time.
  • A Run window should appear in the lower left corner.
  • Please type in (or paste) the following: slui.exe and press Enter.

Post me the screenshot of the presented window.
 


  • 0

#6
skyzorz
Posted 15 December 2014 - 02:12 AM

skyzorz

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Hi my windows is not activated

 

http://imageshack.co...6274/M4Nbzo.png


  • 0

#7
Naathim
Posted 15 December 2014 - 02:14 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

...and because of that I am not able to help you any further.

 

If your Windows will be activated, please feel free to come back here and I'll be more that glad to continue assisting you :)


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP