Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware issue causing iexplore.exe *32 to hog memory


  • Please log in to reply

#1
Donkey Oatey

Donkey Oatey

    New Member

  • Member
  • Pip
  • 1 posts

I apologize if I haven't placed this in the correct forum, and from searching your site I can see that my issue is not an isolated one. However, I have to assume that the logs from the tools I see used in situations similar to mine would be different for my machine.

 

The issue I'm having is that when I open internet explorer and then open task manager I see two instances of internet explorer listed in the processes tab. One is titled iexplore.exe and is using around 16K memory, the other is titled iexplore.exe *32 and it begins to immediately ramp up memory usage to sometimes as high as 400k. I ran both OTL and FRST64 and will post the results below. Any help or direction would be greatly appreciated. Thank you.

 

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-09-2015
Ran by Tannis (administrator) on TANNIS-LAPTOP (14-09-2015 21:46:11)
Running from C:\Users\Tannis\Desktop
Loaded Profiles: Tannis (Available Profiles: Tannis)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Windows\System32\GFNEXSrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
(Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\klwtblfs.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Greatis Software) C:\Program Files (x86)\UnHackMe\Unhackme.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2011-01-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1519016 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-12-20] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-05-05] (DivX, LLC)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1387894416-2210841779-722457227-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-07-30] (SUPERAntiSpyware)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk * Partizan

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{19F00931-BE4A-4CC3-93B2-6921B3BCD982}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{588B29DC-8816-4A08-83C6-15526DE51A28}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1387894416-2210841779-722457227-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.toshiba.com/g/
HKU\S-1-5-21-1387894416-2210841779-722457227-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.toshiba.com/g/
SearchScopes: HKLM -> DefaultScope {8C55C50E-D2BA-4391-B2C5-1061540131E6} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {8C55C50E-D2BA-4391-B2C5-1061540131E6} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM-x32 -> DefaultScope {4D517AB7-AD2C-4F6D-9E25-F01E122388D4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {4D517AB7-AD2C-4F6D-9E25-F01E122388D4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKU\S-1-5-21-1387894416-2210841779-722457227-1000 -> DefaultScope {8C55C50E-D2BA-4391-B2C5-1061540131E6} URL =
SearchScopes: HKU\S-1-5-21-1387894416-2210841779-722457227-1000 -> {4D517AB7-AD2C-4F6D-9E25-F01E122388D4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF_enUS472
SearchScopes: HKU\S-1-5-21-1387894416-2210841779-722457227-1000 -> {576BFB64-8506-4564-93C0-F268F07FB684} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKU\S-1-5-21-1387894416-2210841779-722457227-1000 -> {8C55C50E-D2BA-4391-B2C5-1061540131E6} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-20] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-20] (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-03-28] (Sun Microsystems, Inc.)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (<TOSHIBA>)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-1387894416-2210841779-722457227-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1387894416-2210841779-722457227-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-05-14] (DivX, LLC)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1387894416-2210841779-722457227-1000: LWAPlugin15.8 -> C:\Users\Tannis\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Tannis\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-29]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected]
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013-03-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013-03-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013-03-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-06-10]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\urladvisor.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\virtkbd.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.googl...dnajaicnklhfplh
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\ab.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] ()
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S4 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe [135608 2012-04-27] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [126392 2011-02-03] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [91008 2014-05-20] (Kaspersky Lab ZAO) [File not signed]
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628320 2014-05-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177864 2015-02-17] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2014-08-03] (Greatis Software)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-14 21:43 - 2015-09-14 21:46 - 00025563 _____ C:\Users\Tannis\Desktop\FRST.txt
2015-09-14 21:42 - 2015-09-14 21:46 - 00000000 ____D C:\FRST
2015-09-14 21:40 - 2015-09-14 21:40 - 02190848 _____ (Farbar) C:\Users\Tannis\Desktop\FRST64.exe
2015-09-14 18:43 - 2015-09-14 18:43 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-14 18:42 - 2015-09-14 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-14 18:42 - 2015-09-14 18:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-14 18:42 - 2015-09-14 18:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-14 18:42 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-09-14 18:42 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-09-14 18:42 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-09-14 18:22 - 2015-09-14 18:22 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-14 17:24 - 2015-09-14 17:24 - 00001819 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-09-14 17:24 - 2015-09-14 17:24 - 00000000 ____D C:\Users\Tannis\AppData\Roaming\SUPERAntiSpyware.com
2015-09-14 17:24 - 2015-09-14 17:24 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-09-14 17:24 - 2015-09-14 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-09-14 17:24 - 2015-09-14 17:24 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-09-10 12:50 - 2015-09-10 12:51 - 01348608 _____ C:\Users\Tannis\Documents\HTH raffle.pub
2015-09-10 11:30 - 2015-09-10 11:30 - 15213683 _____ C:\Users\Tannis\Downloads\Help the Hooch 30.mp4
2015-09-10 11:29 - 2015-09-10 11:29 - 05337015 _____ C:\Users\Tannis\Downloads\Help the Hooch 10.mp4
2015-09-03 20:59 - 2015-09-03 22:43 - 01348608 _____ C:\Users\Tannis\Desktop\HTH raffle.pub
2015-08-20 06:25 - 2015-08-10 21:20 - 25191936 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-20 06:25 - 2015-08-10 21:14 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-08-20 06:25 - 2015-08-10 20:33 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-08-20 06:25 - 2015-08-10 20:20 - 19871232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-14 21:44 - 2011-07-22 02:57 - 01185549 _____ C:\windows\WindowsUpdate.log
2015-09-14 21:37 - 2009-07-14 00:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-14 21:37 - 2009-07-14 00:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-14 21:31 - 2012-03-21 00:38 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-14 21:29 - 2012-07-13 06:02 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-09-14 21:27 - 2014-08-03 10:13 - 00000248 _____ C:\windows\SysWOW64\PARTIZAN.TXT
2015-09-14 21:27 - 2013-04-06 23:11 - 00018288 _____ C:\windows\setupact.log
2015-09-14 21:27 - 2013-04-06 23:10 - 00229474 _____ C:\windows\PFRO.log
2015-09-14 21:27 - 2011-07-22 03:29 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-14 21:27 - 2009-07-14 01:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-09-14 20:55 - 2011-07-22 03:29 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-14 20:54 - 2015-03-09 10:54 - 00000725 _____ C:\windows\Tasks\EPSON WF-3620 Series Invitation {54972EBC-3E3F-43FC-A59A-33B6DEBB9169}.job
2015-09-14 20:54 - 2009-07-14 01:32 - 00000000 ____D C:\windows\system32\FxsTmp
2015-09-14 20:53 - 2015-03-09 10:53 - 00000911 _____ C:\windows\Tasks\EPSON WF-3620 Series Update {54972EBC-3E3F-43FC-A59A-33B6DEBB9169}.job
2015-09-08 23:28 - 2012-02-27 22:20 - 00000000 ____D C:\Users\Tannis\AppData\Local\CrashDumps
2015-09-06 00:15 - 2015-02-25 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-09-06 00:15 - 2015-02-25 18:39 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2015-09-06 00:15 - 2015-02-25 18:31 - 00000000 ____D C:\Program Files (x86)\Epson
2015-09-06 00:15 - 2011-03-28 03:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-29 08:50 - 2011-07-22 03:29 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-29 08:50 - 2011-07-22 03:29 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-22 12:20 - 2014-07-25 20:13 - 00000000 ____D C:\Users\Tannis\Desktop\Tannis Phone

==================== Files in the root of some directories =======

2014-11-11 22:33 - 2015-07-26 10:26 - 0007605 _____ () C:\Users\Tannis\AppData\Local\Resmon.ResmonCfg
2012-03-21 00:39 - 2012-03-21 00:39 - 0017408 _____ () C:\Users\Tannis\AppData\Local\WebpageIcons.db
2012-04-29 07:39 - 2015-06-29 22:40 - 0005589 _____ () C:\ProgramData\hpzinstall.log
2012-02-22 21:33 - 2014-05-08 19:41 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

Some files in TEMP:
====================
C:\Users\Tannis\AppData\Local\Temp\ose00000.exe
C:\Users\Tannis\AppData\Local\Temp\_isC59F.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-11 00:28

==================== End of FRST.txt ============================

 

ADDITION.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-09-2015
Ran by Tannis (2015-09-14 21:49:43)
Running from C:\Users\Tannis\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-22 23:39:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1387894416-2210841779-722457227-500 - Administrator - Disabled)
Guest (S-1-5-21-1387894416-2210841779-722457227-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1387894416-2210841779-722457227-1005 - Limited - Enabled)
Tannis (S-1-5-21-1387894416-2210841779-722457227-1000 - Administrator - Enabled) => C:\Users\Tannis

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2.1.2.3 (HKLM-x32\...\Setup_is1) (Version:  - )
4500_G510nz_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon Links (HKLM-x32\...\{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}) (Version: 2.02 - TOSHIBA Corporation)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (x32 Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.110 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.70 - DivX, LLC)
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.53.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.30.00 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EPSON WF-3620 Series Printer Uninstall (HKLM\...\EPSON WF-3620 Series) (Version:  - SEIKO EPSON Corporation)
Epson WF-3620 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-3620 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free DWG Viewer 6.3 (HKLM-x32\...\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}) (Version: 6.3 - IGC)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
GoToMeeting 5.5.0.1132 (HKU\S-1-5-21-1387894416-2210841779-722457227-1000\...\GoToMeeting) (Version: 5.5.0.1132 - CitrixOnline)
HP Color LaserJet 3600 (02/27/2007 61.063.461.41) (HKLM\...\hpc3600w) (Version: 02/27/2007 61.063.461.41 - HP)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
InterVideo WinDVD BD for TOSHIBA (HKLM-x32\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0.20.153 - InterVideo Inc.)
InterVideo WinDVD BD for TOSHIBA (x32 Version: 8.0.20.153 - InterVideo Inc.) Hidden
Java™ 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Anti-Virus 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
[email protected] 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM\...\{D8228565-6CD7-40EF-B2EA-C7C95183EDEB}) (Version: 15.8.8308.577 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Open PLS in Windows Media Player 2.3.0 (HKLM-x32\...\{F868C16D-75F8-4EE8-BCBF-422D0833415D}_is1) (Version: 2.3 - Jon Galloway)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6289 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Regi (Version: 1.00.0000 - InterVideo Inc.) Hidden
RegRun Reanimator (HKLM-x32\...\UnHackMe Update - Greatis Reanimator_is1) (Version:  - Greatis Software, LLC.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
ShopAtHome.com Helper (HKU\S-1-5-21-1387894416-2210841779-722457227-1000\...\ShopAtHome.com Helper) (Version: 7.2.2.2 - ShopAtHome.com) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Software Updater (HKLM-x32\...\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474}) (Version: 4.3.6 - SEIKO EPSON CORPORATION)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1204 - SUPERAntiSpyware.com)
Sweet Home 3D version 1.5.1 (HKLM-x32\...\Sweet Home 3D_is1) (Version:  - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}) (Version: 2.2.6775 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.6 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.23.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{2FD5D2C5-A7A1-4065-89BA-90542BF7CCD3}) (Version: 2.00.0010 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.7 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.10.26 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.86.2 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.6.1 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.25 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.4.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.0 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.52 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.7 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\{119826A8-4EF6-4BE5-A88B-D2D81FA7CEE2}) (Version: 2.00.0006 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.4.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.0.13 - TOSHIBA Corporation)
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{CA5CF466-CAE3-4D99-8BB4-C80F4AC55028}) (Version: 1.0.2 - TOSHIBA CORPORATION)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
UnHackMe 7.60 release (HKLM-x32\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.2 - WebM Project)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1387894416-2210841779-722457227-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tannis\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-1387894416-2210841779-722457227-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1132\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points =========================

20-08-2015 06:22:34 Windows Update
23-08-2015 20:42:46 Windows Update
27-08-2015 06:55:59 Windows Update
30-08-2015 07:58:06 Windows Update
02-09-2015 14:43:02 Windows Update
06-09-2015 00:12:24 Installed Epson Event Manager
14-09-2015 00:57:23 Scheduled Checkpoint
14-09-2015 18:24:22 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08CDE2BE-C8F0-46D4-B055-451581B165EF} - System32\Tasks\{FCD5E4F5-FB68-4FD9-8577-95AFE4668D06} => pcalua.exe -a "C:\Users\Tannis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DT5IVVC4\OJ4500vG510n-z_Full_13_en.exe" -d C:\Users\Tannis\Desktop
Task: {0D2E270C-1297-47C9-9803-F51AF2DCEBE7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {25FA758D-D9A0-44FD-8903-B02EBAD6C651} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2014-12-29] (Greatis Software)
Task: {3693F174-F0C5-4205-B2DC-0745925AAAA4} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {3917BCF4-50F2-47E0-852A-07DA2D23C71F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {3AE14894-4287-4B06-8FB3-DA6B6A9FE509} - System32\Tasks\EPSON WF-3620 Series Invitation {54972EBC-3E3F-43FC-A59A-33B6DEBB9169} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {922CB09A-34B0-4E67-B5A0-5C570ECA2E4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {AE09181C-AC39-47B9-87A8-6BFA6D009766} - System32\Tasks\EPSON WF-3620 Series Update {54972EBC-3E3F-43FC-A59A-33B6DEBB9169} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {AF5C3CD5-146D-4BC3-BD41-5C1D2F49C1EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4CE6A6E-71A7-4298-911F-5F4A8FBF4E84} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {D7E4B32D-FD0E-4819-8D1D-AFEF0F0FC8C1} - System32\Tasks\{03AA3329-0C62-490F-BE2B-F3CB04D8635D} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall ULTIMATER /dll OSETUP.DLL
Task: {FD286100-1932-4C9C-9E1C-F8442BD159E2} - System32\Tasks\{62153FC4-CCC7-43B7-A403-C9E8A18E97C3} => pcalua.exe -a "C:\Users\Tannis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LDOS2E2U\clj3600hbwinxp64ia.exe" -d C:\Users\Tannis\Desktop

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\EPSON WF-3620 Series Invitation {54972EBC-3E3F-43FC-A59A-33B6DEBB9169}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\windows\Tasks\EPSON WF-3620 Series Update {54972EBC-3E3F-43FC-A59A-33B6DEBB9169}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE:/EXE:{54972EBC-3E3F-43FC-A59A-33B6DEBB9169} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2011-07-22 02:51 - 2010-09-09 20:26 - 00162824 _____ () C:\Windows\System32\GFNEXSrv.exe
2011-04-04 22:18 - 2011-04-04 22:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-18 20:18 - 2010-11-18 20:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2010-12-15 18:19 - 2010-12-15 18:19 - 00124320 _____ () C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
2014-01-10 01:26 - 2014-01-10 01:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2010-12-08 18:42 - 2010-12-08 18:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2012-08-17 21:39 - 2013-03-16 02:13 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\kpcengine.2.2.dll
2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll
2014-01-10 01:28 - 2014-01-10 01:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2009-07-13 17:03 - 2009-07-13 21:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1387894416-2210841779-722457227-1000\...\calibresys.com -> hxxps://calportal.calibresys.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1387894416-2210841779-722457227-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tannis\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0CACB0EE-BB4D-4134-8CE1-73919490528B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4E44CD93-2E68-4A6D-B43A-73E8731514C0}] => (Allow) LPort=2869
FirewallRules: [{2FAA2C9A-03A5-4E4F-B510-559E0E9F6375}] => (Allow) LPort=1900
FirewallRules: [{59A6B4DD-D6C8-43FD-B94E-85972B5454A8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{530DD31A-F7C4-455B-8B86-3FEBF1689542}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{1959068E-B4F0-4242-B2B8-C1865167BD9C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{1D502996-29AD-47A9-A8D0-725C0D7C688F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E661D647-8869-4C09-87C0-5A225B2B9894}] => (Allow) C:\Users\Tannis\AppData\Local\Temp\HP\OJ4500vG510n-z_Full_13_en\setup\hpznui40.exe
FirewallRules: [{4B4FCEA1-37FB-47EC-B21E-97C046F61825}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{053AD053-9005-4AA2-9A4F-1BD4CF579F58}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{2E059DC7-F6BC-49C4-BA4F-2B4E9CE7D91D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{607FBF39-F7F4-4255-88E9-06578151175B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{CE4FB7A2-3CE1-4943-B14B-C765D51C58BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{BE320D56-8B39-4AA3-9B31-8F2AEC44A232}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{67C2DE12-F879-47B2-967F-60ACD94E6063}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{AC76F2DB-1D14-422F-A2EE-010CD431E413}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{F3A3B3C6-A0AA-4DEC-B1C9-0EA11E1E54A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{05830A9A-8FC1-4A26-AA40-C52207E3F4B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{4503A2E3-8697-4EF9-AE5B-9469A32231FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{CEF8178F-CE5C-4302-A2DF-F81C57AADF5E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{DB84039A-9F5B-40CA-A55F-A3F93C97310C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5E825759-CF09-4918-AB5A-E9CFE351EB07}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{DE0B626A-BFFB-44AE-9E4D-80D01B52E392}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{F0E7CEF1-C536-42BB-B1FE-8AEAB9E9DFCA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{942EA076-A6DD-458F-B587-5EEFBAF656F6}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{49C8DFB1-C1B4-4D7A-AB0D-356434E0B5CC}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{5BCBA5C3-6B28-44EA-88FE-D7BF5D399A95}C:\users\tannis\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\tannis\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{7913333A-C22F-4244-9F7A-7B2C841D5545}C:\users\tannis\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\tannis\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{2A8135D9-CB91-44FD-8029-B92B44085253}C:\users\tannis\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tannis\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F4AAF5C6-0C71-467B-A354-3A7637A2BB86}C:\users\tannis\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tannis\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{57E3F77B-4502-4C6F-B3F0-8328C832410B}C:\users\tannis\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tannis\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FD4F4385-4ECF-4D6C-A433-D0854307C886}C:\users\tannis\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tannis\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7472780F-8716-4957-87C7-939AD4AC6B07}] => (Allow) C:\Users\Tannis\AppData\Local\Temp\hpdiu2\HPDIU\HPDIUNetwork.exe
FirewallRules: [{DDBCBD2E-605E-42ED-96BE-4E66C2C2001F}] => (Allow) C:\Users\Tannis\AppData\Local\Temp\hpdiu2\HPDIU\HPDIUNetwork.exe
FirewallRules: [TCP Query User{01440B25-7F6F-4D8C-B118-3A8712455706}C:\users\tannis\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\tannis\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [UDP Query User{E324BDDB-FDD5-4630-91DC-BAD9D2B8DAF7}C:\users\tannis\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\tannis\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [{AEB31741-B5CB-485D-8604-D242A9BA1BB0}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{95CD2455-EF22-4B6E-BEDE-2E3C287893F6}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{1FE78EB3-47D2-4453-83B8-CF6A90A5D769}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{2EFCB50E-3280-4237-9B65-8CBBAB3AEE37}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{1DB0A136-F203-4F0D-B273-033B83F2D42E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{D585202E-DE66-4532-86D4-1EB6A198AD1C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{BDDDFC28-041F-437B-AEC2-2E15BADA5FBE}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{B0241AAC-ECEC-4DEF-98E7-4C2576756CE5}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{D55D60D3-53E1-4372-AFFD-C5E032A9F7AE}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{1C4AC6CB-D48C-4949-AEEC-0499BA0142EC}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

==================== Faulty Device Manager Devices =============

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet 3600
Description: HP Color LaserJet 3600
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet 3600
Description: HP Color LaserJet 3600
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet 3600
Description: HP Color LaserJet 3600
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet 3600
Description: HP Color LaserJet 3600
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/14/2015 09:45:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 14.9.2015.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 182c

Start Time: 01d0ef57d005299a

Termination Time: 0

Application Path: C:\Users\Tannis\Desktop\FRST64.exe

Report Id: 4ee19dbd-5b4b-11e5-bca4-386077088a59

Error: (09/14/2015 09:28:55 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (09/14/2015 09:27:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/14/2015 06:20:58 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (09/14/2015 06:20:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/14/2015 05:17:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17937 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 13cc

Start Time: 01d0ef26008d76b7

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (09/13/2015 04:46:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17937 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b3c

Start Time: 01d0ee5e6780954c

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (09/08/2015 11:28:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17937, time stamp: 0x55a7f8da
Faulting module name: TosQEP.dll_unloaded, version: 0.0.0.0, time stamp: 0x4d5a5904
Exception code: 0xc0000005
Fault offset: 0x7e6b0846
Faulting process id: 0x14e0
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (09/06/2015 07:36:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17937 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1e8c

Start Time: 01d0e77c8a704a59

Termination Time: 700

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 8cf1fbb6-548b-11e5-bdc7-386077088a59

Error: (09/03/2015 07:40:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17937, time stamp: 0x55a7f8da
Faulting module name: ntdll.dll, version: 6.1.7601.23136, time stamp: 0x55a69cec
Exception code: 0xc0000005
Fault offset: 0x0002dfb6
Faulting process id: 0xa90
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

System errors:
=============
Error: (09/14/2015 09:28:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/14/2015 09:27:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126

Error: (09/14/2015 06:36:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.

Error: (09/14/2015 06:21:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/14/2015 06:20:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126

Error: (09/14/2015 06:18:12 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (09/13/2015 09:56:19 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (09/13/2015 09:56:19 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (09/13/2015 03:59:29 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.

Error: (09/11/2015 08:18:31 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Microsoft Office:
=========================

CodeIntegrity:
===================================
  Date: 2014-10-15 23:26:11.251
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-15 23:26:11.251
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-15 23:26:11.251
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-15 23:26:11.235
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-15 23:26:11.235
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-15 23:26:11.220
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-12 01:00:44.882
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-12 01:00:44.882
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-12 01:00:44.882
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-12 01:00:44.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™ i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 50%
Total physical RAM: 4007.98 MB
Available physical RAM: 1971.35 MB
Total Virtual: 8014.14 MB
Available Virtual: 6074.93 MB

==================== Drives ================================

Drive c: (TI106130W0F) (Fixed) (Total:580.94 GB) (Free:459.2 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Chord Buddy Instructional1) (CDROM) (Total:3.91 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: E62CE38D)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=580.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.8 GB) - (Type=17)

==================== End of Addition.txt ============================

 

OTL

 

OTL logfile created on: 9/14/2015 10:37:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tannis\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.91 Gb Total Physical Memory | 2.15 Gb Available Physical Memory | 55.04% Memory free
7.83 Gb Paging File | 5.56 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 580.94 Gb Total Space | 459.19 Gb Free Space | 79.04% Space Free | Partition Type: NTFS
Drive D: | 3.91 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: TANNIS-LAPTOP | User Name: Tannis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/09/14 22:36:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tannis\Downloads\OTL.com
PRC - [2015/07/23 16:58:54 | 001,065,968 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/01/20 01:00:00 | 000,863,776 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
PRC - [2015/01/20 01:00:00 | 000,650,784 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
PRC - [2014/12/29 13:45:50 | 000,592,656 | ---- | M] (Greatis Software) -- C:\Program Files (x86)\UnHackMe\hackmon.exe
PRC - [2014/01/10 01:26:44 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013/10/10 03:44:15 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
PRC - [2012/04/27 20:11:15 | 000,135,608 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe
PRC - [2011/02/03 15:50:10 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
PRC - [2010/12/20 21:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 21:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/05/20 19:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/02/20 10:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
 
 
========== Modules (All) ==========
 
MOD - [2015/09/14 22:36:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tannis\Downloads\OTL.com
MOD - [2015/09/09 17:36:50 | 001,331,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\params.ppl
MOD - [2015/09/09 17:36:45 | 004,918,072 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avpgui.ppl
MOD - [2015/09/09 17:36:45 | 000,848,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avpmain.dll
MOD - [2015/08/12 03:29:21 | 017,570,504 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_18_0_0_232.ocx
MOD - [2015/08/10 20:20:03 | 019,871,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2015/07/30 13:57:30 | 001,251,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2015/07/30 13:55:56 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2015/07/30 13:46:54 | 001,625,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18946_none_72d45ee78666ea32\GdiPlus.dll
MOD - [2015/07/23 16:58:54 | 001,065,968 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
MOD - [2015/07/20 20:12:30 | 000,815,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2015/07/16 15:45:20 | 002,279,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2015/07/16 15:41:09 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2015/07/16 15:12:39 | 004,520,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2015/07/16 15:10:38 | 012,856,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2015/07/16 15:05:15 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmlmedia.dll
MOD - [2015/07/16 14:42:02 | 001,951,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2015/07/16 14:40:59 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2015/07/16 14:38:34 | 001,310,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2015/07/16 14:37:01 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
MOD - [2015/07/16 14:34:03 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2015/07/15 13:51:07 | 001,311,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2015/07/15 13:49:53 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2015/07/15 13:49:51 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2015/07/15 13:49:51 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2015/07/15 13:49:48 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2015/07/15 13:49:38 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2015/07/15 13:49:38 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2015/07/15 13:48:29 | 000,665,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2015/07/15 13:48:29 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2015/07/15 13:48:28 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2015/07/15 13:48:28 | 000,275,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2015/07/14 22:55:45 | 001,390,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2015/07/14 22:55:45 | 001,241,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2015/07/10 13:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2015/07/04 13:48:36 | 001,414,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2015/06/17 13:37:03 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2015/05/25 14:06:51 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2015/05/25 14:01:39 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2015/04/27 15:05:58 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2015/04/27 15:04:37 | 001,174,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2015/04/27 15:04:37 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2015/04/24 13:56:58 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
MOD - [2015/04/24 13:54:13 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
MOD - [2015/03/04 00:10:53 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2015/02/17 11:46:09 | 002,165,864 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\basegui.ppl
MOD - [2015/02/17 11:46:02 | 000,840,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\product_metainfo.dll
MOD - [2015/02/17 11:46:00 | 000,467,048 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\kltbar.dll
MOD - [2015/02/02 23:12:42 | 001,230,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2015/02/02 23:12:22 | 003,209,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2015/02/02 23:12:22 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2015/02/02 23:12:14 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2015/02/02 23:12:12 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2015/01/29 10:04:54 | 000,004,096 | ---- | M] (Seiko Epson Corporation) -- C:\Program Files (x86)\EPSON Software\Event Manager\ESPSUTL.dll
MOD - [2015/01/20 01:00:00 | 000,863,776 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
MOD - [2015/01/20 01:00:00 | 000,786,432 | ---- | M] (SEIKO EPSON) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENCM.dll
MOD - [2015/01/20 01:00:00 | 000,650,784 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
MOD - [2015/01/20 01:00:00 | 000,536,576 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\fufaxtif.dll
MOD - [2015/01/20 01:00:00 | 000,438,272 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCSR.dll
MOD - [2015/01/20 01:00:00 | 000,421,888 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUIMGCDC.dll
MOD - [2015/01/20 01:00:00 | 000,385,024 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXLDB.dll
MOD - [2015/01/20 01:00:00 | 000,339,968 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUPRBDEV.dll
MOD - [2015/01/20 01:00:00 | 000,327,680 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUSVCCLT.dll
MOD - [2015/01/20 01:00:00 | 000,299,008 | ---- | M] (SEIKO EPSON) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENUTIL.dll
MOD - [2015/01/20 01:00:00 | 000,286,720 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUSNMPUT.dll
MOD - [2015/01/20 01:00:00 | 000,282,624 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCFG.dll
MOD - [2015/01/20 01:00:00 | 000,278,528 | ---- | M] (SEIKO EPSON) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENNW.dll
MOD - [2015/01/20 01:00:00 | 000,274,432 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FULEPP.dll
MOD - [2015/01/20 01:00:00 | 000,253,952 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUVERDLG.dll
MOD - [2015/01/20 01:00:00 | 000,212,992 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUADRFIL.dll
MOD - [2015/01/20 01:00:00 | 000,135,168 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDRVUTL.dll
MOD - [2015/01/20 01:00:00 | 000,095,744 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\EbpD4Fax.dll
MOD - [2015/01/20 01:00:00 | 000,077,824 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUSTMMSG.dll
MOD - [2015/01/20 01:00:00 | 000,069,632 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDEVCOM.dll
MOD - [2015/01/20 01:00:00 | 000,065,536 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUUSBHLP.dll
MOD - [2015/01/19 12:00:00 | 000,241,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Resource\FUFAXRCV.dll
MOD - [2015/01/19 12:00:00 | 000,110,592 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Resource\FUFAXSTM.dll
MOD - [2015/01/19 12:00:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Resource\FUFAXCFGRes.dll
MOD - [2015/01/19 12:00:00 | 000,081,920 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Resource\FUCMNMSG.dll
MOD - [2015/01/19 12:00:00 | 000,077,824 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Resource\FUPRBDEVRes.dll
MOD - [2015/01/19 12:00:00 | 000,022,016 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\Resource\FULEPPRes.dll
MOD - [2015/01/16 22:30:42 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2014/12/29 13:45:50 | 000,592,656 | ---- | M] (Greatis Software) -- C:\Program Files (x86)\UnHackMe\hackmon.exe
MOD - [2014/12/05 23:50:19 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2014/11/27 11:38:00 | 000,238,576 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll
MOD - [2014/11/25 23:32:05 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2014/07/16 21:40:03 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2014/05/20 18:55:43 | 000,287,904 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\plugins_meta.dll
MOD - [2014/04/24 22:06:17 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2014/01/10 01:28:18 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2014/01/10 01:26:44 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2013/12/14 10:28:05 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll
MOD - [2013/12/11 08:45:58 | 000,487,104 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
MOD - [2013/12/11 08:45:49 | 000,227,008 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\prremote.dll
MOD - [2013/11/26 04:16:50 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2013/10/18 21:36:59 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2013/10/11 22:01:25 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2013/10/10 03:44:15 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
MOD - [2013/10/10 03:44:15 | 000,083,648 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ushata.dll
MOD - [2013/10/10 03:44:13 | 000,369,344 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\prloader.dll
MOD - [2013/09/07 22:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2013/08/01 16:05:50 | 000,112,128 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\Event Manager\EPNSM.dll
MOD - [2013/07/25 21:55:59 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2013/04/25 19:30:32 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll
MOD - [2013/04/23 21:05:47 | 000,238,272 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ucp_meta.dll
MOD - [2013/03/16 02:13:32 | 000,041,328 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\thpimpl.ppl
MOD - [2013/03/16 02:13:31 | 000,045,576 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\pxstub.ppl
MOD - [2013/03/16 02:13:17 | 000,288,696 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\parental_control_gui.dll
MOD - [2013/03/16 02:13:16 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\msvcr100.dll
MOD - [2013/03/16 02:13:15 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\msvcp100.dll
MOD - [2013/03/16 02:13:11 | 000,609,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\key_value_storage.dll
MOD - [2013/03/06 08:37:48 | 000,562,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
MOD - [2013/02/28 15:23:44 | 000,066,112 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_comcl.dll
MOD - [2013/02/28 15:23:42 | 000,029,248 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_com.dll
MOD - [2013/02/28 15:23:38 | 000,280,640 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_cl.dll
MOD - [2013/02/28 15:23:28 | 000,042,048 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_lm.dll
MOD - [2013/02/28 15:23:22 | 000,038,976 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_da.dll
MOD - [2013/02/28 15:23:18 | 000,039,488 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_comhp.dll
MOD - [2013/01/13 17:17:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MOD - [2013/01/13 17:17:02 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
MOD - [2013/01/13 17:16:42 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
MOD - [2013/01/13 17:12:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
MOD - [2013/01/13 17:11:21 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
MOD - [2013/01/13 17:11:08 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
MOD - [2013/01/13 17:11:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MOD - [2013/01/13 17:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
MOD - [2013/01/13 17:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
MOD - [2013/01/13 16:20:31 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2013/01/13 15:54:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10level9.dll
MOD - [2013/01/13 15:53:58 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2013/01/13 15:53:14 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAnimation.dll
MOD - [2012/12/13 13:41:46 | 000,079,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL
MOD - [2012/12/07 08:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2012/10/09 13:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2012/08/17 21:41:46 | 000,038,840 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\winreg.ppl
MOD - [2012/08/17 21:41:36 | 000,028,600 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\prutil.ppl
MOD - [2012/08/17 21:41:34 | 000,013,752 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\stdcomp.ppl
MOD - [2012/08/17 21:41:32 | 000,019,384 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\prseqio.ppl
MOD - [2012/08/17 21:41:28 | 000,110,008 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\nfio.ppl
MOD - [2012/08/17 21:41:28 | 000,088,504 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\propmap.ppl
MOD - [2012/08/17 21:41:26 | 000,027,064 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\uniarc.ppl
MOD - [2012/08/17 21:41:20 | 000,032,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\minizip.ppl
MOD - [2012/08/17 21:41:16 | 000,018,360 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\hashmd5.ppl
MOD - [2012/08/17 21:41:14 | 000,021,432 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\fsdrvplg.ppl
MOD - [2012/08/17 21:41:02 | 000,029,624 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\deflate.ppl
MOD - [2012/08/17 21:40:14 | 000,253,368 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\updater_meta.dll
MOD - [2012/08/17 21:40:14 | 000,189,368 | ---- | M] (Digia Plc) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\imageformats\qjpeg4.dll
MOD - [2012/08/17 21:40:12 | 000,036,792 | ---- | M] (Digia Plc) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\imageformats\qico4.dll
MOD - [2012/08/17 21:40:10 | 001,296,824 | ---- | M] (Digia Plc) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\qtscript4.dll
MOD - [2012/08/17 21:40:10 | 000,034,232 | ---- | M] (Digia Plc) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\imageformats\qgif4.dll
MOD - [2012/08/17 21:40:06 | 002,051,512 | ---- | M] (Digia Plc) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\qtnetwork4.dll
MOD - [2012/08/17 21:40:04 | 007,269,816 | ---- | M] (Digia Plc) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\qtgui4.dll
MOD - [2012/08/17 21:40:02 | 000,395,192 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\storage.dll
MOD - [2012/08/17 21:39:58 | 002,289,080 | ---- | M] (Digia Plc) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\qtdeclarative4.dll
MOD - [2012/08/17 21:39:56 | 002,321,336 | ---- | M] (Digia Plc) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\qtcore4.dll
MOD - [2012/08/17 21:39:56 | 000,207,800 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\remote_eka_prague_loader.dll
MOD - [2012/08/17 21:39:50 | 000,611,768 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\service.dll
MOD - [2012/08/17 21:39:46 | 000,182,200 | ---- | M] (Digia Plc) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\qtsql4.dll
MOD - [2012/08/17 21:39:40 | 000,085,944 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\memmon.dll
MOD - [2012/08/17 21:39:34 | 000,297,400 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ksn_meta.dll
MOD - [2012/08/17 21:39:28 | 000,657,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\localization_manager.dll
MOD - [2012/08/17 21:39:28 | 000,191,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\klwtblc.dll
MOD - [2012/08/17 21:39:24 | 000,963,000 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\icuuc40.dll
MOD - [2012/08/17 21:39:24 | 000,183,224 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\klifpp_meta.dll
MOD - [2012/08/17 21:39:18 | 002,962,360 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\icudt40.dll
MOD - [2012/08/17 21:39:12 | 000,254,392 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\eka_meta.dll
MOD - [2012/08/17 21:39:10 | 000,097,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\instrumental_meta.dll
MOD - [2012/08/17 21:39:08 | 000,147,896 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\dumpwriter.dll
MOD - [2012/08/17 21:39:02 | 000,097,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\fssync.dll
MOD - [2012/08/17 21:38:58 | 000,126,904 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\content_filtering_meta.dll
MOD - [2012/08/17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll
MOD - [2012/08/17 21:38:54 | 000,013,240 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avpinit.dll
MOD - [2012/08/17 21:38:48 | 000,362,936 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\app_core_meta.dll
MOD - [2012/08/17 21:38:46 | 000,036,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avpservice.dll
MOD - [2012/08/17 21:38:44 | 001,108,408 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\app_core_legacy.dll
MOD - [2012/08/17 21:38:42 | 000,256,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\am_meta.dll
MOD - [2012/08/17 21:38:40 | 000,434,616 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ac_meta.dll
MOD - [2012/07/04 17:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2012/02/27 22:19:42 | 000,053,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
MOD - [2012/02/27 22:19:39 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2012/02/27 22:19:35 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012/02/27 22:19:35 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012/02/27 22:19:33 | 000,159,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
MOD - [2012/02/24 22:00:25 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2012/02/24 22:00:25 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2011/12/16 03:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011/11/17 01:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011/08/27 00:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011/06/16 00:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011/05/24 06:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011/05/24 06:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011/04/04 23:02:16 | 005,697,024 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igdumd32.dll
MOD - [2011/04/04 22:57:04 | 000,575,488 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igdumdx32.dll
MOD - [2011/04/04 22:51:40 | 006,067,712 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igd10umd32.dll
MOD - [2011/03/28 03:06:01 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Java\jre6\bin\msvcr71.dll
MOD - [2011/03/28 03:06:01 | 000,041,760 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
MOD - [2011/03/03 01:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011/02/03 15:50:12 | 000,085,880 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccVrTrst.dll
MOD - [2011/02/03 15:50:10 | 000,134,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvc.dll
MOD - [2011/02/03 15:50:10 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
MOD - [2011/02/03 15:50:09 | 000,644,984 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccL90U.dll
MOD - [2011/02/03 15:50:09 | 000,381,304 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccJobMgr.dll
MOD - [2011/02/03 15:50:09 | 000,152,440 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccIPC.dll
MOD - [2010/11/20 23:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010/11/20 23:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010/11/20 23:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010/11/20 23:24:28 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2010/11/20 23:24:27 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WinSCard.dll
MOD - [2010/11/20 23:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010/11/20 23:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010/11/20 23:24:23 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010/11/20 23:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010/11/20 23:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010/11/20 23:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010/11/20 23:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010/11/20 23:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010/11/20 23:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010/11/20 23:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010/11/20 23:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010/11/20 23:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010/11/20 23:24:09 | 002,522,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbgeng.dll
MOD - [2010/11/20 23:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010/11/20 23:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010/11/20 23:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010/11/20 23:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010/11/20 23:24:08 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\t2embed.dll
MOD - [2010/11/20 23:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010/11/20 23:24:02 | 000,864,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll
MOD - [2010/11/20 23:24:00 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2010/11/20 23:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010/11/20 23:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010/11/20 23:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010/11/20 23:23:53 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsnmp32.dll
MOD - [2010/11/20 23:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010/11/20 23:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010/11/20 23:23:51 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010/11/20 23:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010/11/20 23:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010/11/20 23:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010/09/21 17:08:38 | 000,439,168 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
MOD - [2010/09/21 17:06:02 | 000,853,912 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\wlidcli.dll
MOD - [2010/09/21 17:03:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
MOD - [2009/10/21 17:39:56 | 000,291,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
MOD - [2009/07/13 21:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009/07/13 21:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/13 21:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009/07/13 21:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009/07/13 21:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009/07/13 21:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009/07/13 21:16:18 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wiadss.dll
MOD - [2009/07/13 21:16:18 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wiatrace.dll
MOD - [2009/07/13 21:16:17 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAutomationCore.dll
MOD - [2009/07/13 21:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009/07/13 21:16:17 | 000,030,749 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbajet32.dll
MOD - [2009/07/13 21:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009/07/13 21:16:15 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sti.dll
MOD - [2009/07/13 21:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009/07/13 21:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009/07/13 21:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009/07/13 21:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009/07/13 21:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009/07/13 21:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009/07/13 21:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009/07/13 21:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009/07/13 21:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009/07/13 21:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009/07/13 21:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009/07/13 21:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009/07/13 21:15:51 | 000,618,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswstr10.dll
MOD - [2009/07/13 21:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009/07/13 21:15:45 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msjtes40.dll
MOD - [2009/07/13 21:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009/07/13 21:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009/07/13 21:15:43 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdart.dll
MOD - [2009/07/13 21:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009/07/13 21:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009/07/13 21:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009/07/13 21:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009/07/13 21:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009/07/13 21:15:21 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fltLib.dll
MOD - [2009/07/13 21:15:20 | 000,380,957 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\expsrv.dll
MOD - [2009/07/13 21:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009/07/13 21:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009/07/13 21:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009/07/13 21:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009/07/13 21:15:11 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dinput8.dll
MOD - [2009/07/13 21:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009/07/13 21:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009/07/13 21:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009/07/13 21:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009/07/13 21:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 21:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009/07/13 21:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009/07/13 21:09:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll
MOD - [2009/07/13 21:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009/02/26 16:45:38 | 000,043,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2015/07/16 16:21:50 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/05/25 14:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2014/11/04 18:00:00 | 000,661,488 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2014/07/22 19:31:23 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/05/17 01:00:00 | 000,144,560 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc)
SRV:64bit: - [2010/12/20 21:30:30 | 000,822,704 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/12/09 20:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/12/08 18:55:26 | 000,267,192 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/12/08 18:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/09 20:26:34 | 000,162,824 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\GFNEXSrv.exe -- (GFNEXSrv)
SRV - [2015/08/12 04:29:11 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:39:50 | 001,133,880 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/12/11 12:36:04 | 000,089,864 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2014/12/11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/04/12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/10/10 03:44:15 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -- (AVP)
SRV - [2012/04/27 20:11:15 | 000,135,608 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011/02/03 15:50:10 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2010/12/20 21:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/20 21:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/29 17:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Disabled | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/05/20 19:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/02/20 10:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2015/06/18 08:41:56 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2015/06/18 08:41:40 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/02/17 11:47:52 | 000,177,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2014/05/20 18:57:04 | 000,628,320 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013/12/11 08:46:34 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2013/12/11 08:46:34 | 000,029,792 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2013/10/10 03:45:16 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2013/10/10 03:45:16 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/06/19 16:58:58 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2013/05/02 05:52:40 | 001,514,568 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane.sys -- (RTWlanE)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/04 23:10:14 | 012,262,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/02/03 22:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/01/12 20:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/16 17:24:16 | 000,015,672 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2010/11/02 19:48:38 | 001,103,464 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/10/29 19:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 04:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/24 18:36:48 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/08/03 09:52:13 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\SysWOW64\drivers\Partizan.sys -- (Partizan)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {8C55C50E-D2BA-4391-B2C5-1061540131E6}
IE:64bit: - HKLM\..\SearchScopes\{8C55C50E-D2BA-4391-B2C5-1061540131E6}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {4D517AB7-AD2C-4F6D-9E25-F01E122388D4}
IE - HKLM\..\SearchScopes\{4D517AB7-AD2C-4F6D-9E25-F01E122388D4}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/g/
IE - HKCU\..\SearchScopes,DefaultScope = {8C55C50E-D2BA-4391-B2C5-1061540131E6}
IE - HKCU\..\SearchScopes\{4D517AB7-AD2C-4F6D-9E25-F01E122388D4}: "URL" = http://www.google.co...1I7TSNF_enUS472
IE - HKCU\..\SearchScopes\{576BFB64-8506-4564-93C0-F268F07FB684}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\LWAPlugin15.8: C:\Users\Tannis\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/04/29 07:44:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2015/02/17 11:47:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2015/02/17 11:47:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2015/02/17 11:47:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015/06/10 17:48:00 | 000,000,000 | ---D | M]
 
[2014/04/10 19:22:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tannis\AppData\Roaming\Mozilla\Extensions
[2013/05/23 19:22:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tannis\AppData\Roaming\Mozilla\Avant\Profiles\b6r0x9ih.default\extensions
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ToshibaAppPlace] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe (Toshiba)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: calibresys.com ([calportal] https in Trusted sites)
O15 - HKCU\..Trusted Domains: calibresys.com ([ess] https in Trusted sites)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivX Web Player Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19F00931-BE4A-4CC3-93B2-6921B3BCD982}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{588B29DC-8816-4A08-83C6-15526DE51A28}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4a2aaa8f-670d-11e3-af6d-386077088a59}\Shell - "" = AutoRun
O33 - MountPoints2\{4a2aaa8f-670d-11e3-af6d-386077088a59}\Shell\AutoRun\command - "" = E:\Windows\AutoRun.exe {E43FCF0E-75BE-4430-A7F4-C55EE5AA1A70} 3.0.0.01 VID_19D2&PID_0358 {9B00E99F-83A4-40d4-B987-7EB04F722BB7}
O33 - MountPoints2\{4a2aaac4-670d-11e3-af6d-386077088a59}\Shell - "" = AutoRun
O33 - MountPoints2\{4a2aaac4-670d-11e3-af6d-386077088a59}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{b5d74417-11c5-11e3-9740-386077088a59}\Shell - "" = AutoRun
O33 - MountPoints2\{b5d74417-11c5-11e3-9740-386077088a59}\Shell\AutoRun\command - "" = E:\VZW_Software_upgrade_assistant_installer.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (Partizan)
O34 - HKLM BootExecute: (ootExecute settings...)
O34 - HKLM BootExecute: (ount)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 360 Days ==========
 
[2015/09/14 21:42:52 | 000,000,000 | ---D | C] -- C:\FRST
[2015/09/14 21:40:24 | 002,190,848 | ---- | C] (Farbar) -- C:\Users\Tannis\Desktop\FRST64.exe
[2015/09/14 18:43:12 | 000,113,880 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/09/14 18:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/09/14 18:42:13 | 000,109,272 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2015/09/14 18:42:13 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2015/09/14 18:42:13 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2015/09/14 18:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/09/14 18:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/09/14 18:22:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2015/09/14 17:24:39 | 000,000,000 | ---D | C] -- C:\Users\Tannis\AppData\Roaming\SUPERAntiSpyware.com
[2015/09/14 17:24:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2015/09/14 17:24:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2015/09/14 17:24:10 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2015/08/12 04:29:04 | 009,284,296 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2015/08/12 03:21:24 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2015/08/12 03:21:24 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2015/08/12 02:31:50 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2015/08/12 02:31:50 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appraiser.dll
[2015/08/12 02:31:50 | 000,774,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\invagent.dll
[2015/08/12 02:31:50 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2015/08/12 02:31:50 | 000,437,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
[2015/08/12 02:31:50 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\acmigration.dll
[2015/08/12 02:31:49 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2015/08/12 02:31:49 | 000,017,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CompatTelRunner.exe
[2015/08/12 02:31:48 | 007,077,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2015/08/12 02:31:48 | 006,131,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2015/08/12 02:31:47 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdvidcrl.dll
[2015/08/12 02:31:47 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdvidcrl.dll
[2015/08/12 02:31:47 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprt.exe
[2015/08/12 02:31:47 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2015/08/12 02:31:47 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2015/08/12 02:31:35 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2015/08/12 02:31:34 | 001,729,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2015/08/12 02:31:33 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2015/08/12 02:31:32 | 003,995,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2015/08/12 02:31:32 | 003,939,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2015/08/12 02:31:31 | 001,464,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2015/08/12 02:31:31 | 000,631,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2015/08/12 02:31:30 | 000,706,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2015/08/12 02:31:30 | 000,421,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2015/08/12 02:31:29 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2015/08/12 02:31:29 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certcli.dll
[2015/08/12 02:31:29 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2015/08/12 02:31:29 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2015/08/12 02:31:29 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2015/08/12 02:31:28 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2015/08/12 02:31:28 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2015/08/12 02:31:28 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2015/08/12 02:31:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2015/08/12 02:31:26 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2015/08/12 02:31:26 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2015/08/12 02:31:25 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpchttp.dll
[2015/08/12 02:31:25 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidpolicyconverter.exe
[2015/08/12 02:31:25 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rpchttp.dll
[2015/08/12 02:31:25 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2015/08/12 02:31:25 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\auditpol.exe
[2015/08/12 02:31:25 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll
[2015/08/12 02:31:25 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidapi.dll
[2015/08/12 02:31:25 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appidapi.dll
[2015/08/12 02:31:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srclient.dll
[2015/08/12 02:31:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\auditpol.exe
[2015/08/12 02:31:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2015/08/12 02:31:24 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2015/08/12 02:31:24 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptbase.dll
[2015/08/12 02:31:24 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2015/08/12 02:31:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2015/08/12 02:31:24 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidcertstorecheck.exe
[2015/08/12 02:31:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2015/08/12 02:31:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2015/08/12 02:31:24 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmmsp.dll
[2015/08/12 02:31:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2015/08/12 02:31:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2015/08/12 02:31:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/08/12 02:31:22 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/08/12 02:31:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/08/12 02:31:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/08/12 02:31:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/08/12 02:31:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/08/12 02:31:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/08/12 02:31:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/08/12 02:31:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/08/12 02:31:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/08/12 02:31:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/08/12 02:31:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/08/12 02:31:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/08/12 02:31:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/08/12 02:31:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/08/12 02:31:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/08/12 02:31:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/08/12 02:31:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/08/12 02:31:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/08/12 02:31:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/08/12 02:31:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/08/12 02:31:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2015/08/12 02:31:20 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/08/12 02:31:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/08/12 02:31:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/08/12 02:31:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/08/12 02:31:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/08/12 02:31:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/08/12 02:31:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/08/12 02:31:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/08/12 02:31:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/08/12 02:31:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/08/12 02:31:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/08/12 02:31:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/08/12 02:31:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/08/12 02:31:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2015/08/12 02:31:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll
[2015/08/12 02:31:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/08/12 02:31:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/08/12 02:31:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/08/12 02:31:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2015/08/12 02:31:18 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll
[2015/08/12 02:31:18 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll
[2015/08/12 02:31:18 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll
[2015/08/12 02:31:18 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll
[2015/08/12 02:31:17 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msobjs.dll
[2015/08/12 02:31:17 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msobjs.dll
[2015/08/12 02:30:35 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\basesrv.dll
[2015/08/12 02:30:11 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2015/08/12 02:30:11 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2015/08/12 02:30:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2015/08/12 02:30:11 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2015/08/12 02:30:11 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2015/08/12 02:30:10 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2015/08/12 02:30:10 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2015/08/12 02:30:10 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/08/12 02:30:10 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2015/08/12 02:30:08 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2015/08/12 02:30:08 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2015/08/12 02:30:08 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2015/08/12 02:30:08 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2015/08/12 02:30:08 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2015/08/12 02:30:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2015/08/12 02:30:07 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2015/08/12 02:30:07 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2015/08/12 02:30:07 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2015/08/12 02:30:07 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2015/08/12 02:30:07 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2015/08/12 02:30:06 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2015/08/12 02:30:06 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2015/08/12 02:30:06 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2015/08/12 02:30:05 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2015/08/12 02:30:05 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2015/08/12 02:30:05 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2015/08/12 02:30:05 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2015/08/12 02:30:05 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2015/08/12 02:30:05 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2015/08/12 02:30:04 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2015/08/12 02:30:04 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2015/08/12 02:30:03 | 005,923,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2015/08/12 02:30:03 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2015/08/12 02:30:03 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2015/08/12 02:30:03 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2015/08/12 02:30:03 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2015/08/12 02:30:02 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2015/08/12 02:30:02 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2015/08/12 02:30:01 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2015/08/12 02:29:46 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2015/08/12 02:29:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2015/08/12 02:29:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2015/08/12 02:29:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2015/08/12 02:29:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2015/08/12 02:29:43 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2015/08/12 02:29:42 | 000,372,736 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2015/08/12 02:29:42 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2015/08/12 02:29:41 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2015/08/12 02:29:41 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2015/08/12 02:29:40 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2015/08/12 02:29:40 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2015/08/12 02:29:40 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2015/08/12 02:29:40 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2015/08/12 02:29:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2015/08/12 02:29:38 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\notepad.exe
[2015/08/12 02:29:28 | 003,154,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2015/08/12 02:29:28 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2015/08/12 02:29:28 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2015/08/12 02:29:28 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2015/08/12 02:29:28 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2015/08/12 02:29:28 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2015/08/12 02:29:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2015/08/12 02:29:28 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2015/08/12 02:29:28 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSetupUI.dll
[2015/08/12 02:29:28 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2015/08/12 02:29:28 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2015/08/12 02:29:28 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2015/08/12 02:29:28 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2015/08/12 02:29:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2015/08/12 02:29:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wu.upgrade.ps.dll
[2015/08/12 02:29:16 | 000,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcupdate_GenuineIntel.dll
[2015/07/26 10:02:56 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptui.dll
[2015/07/26 10:02:56 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptui.dll
[2015/07/26 10:02:36 | 000,180,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys
[2015/07/26 10:00:49 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3msm.dll
[2015/07/26 10:00:49 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3msm.dll
[2015/07/26 09:59:46 | 000,377,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2015/07/22 18:56:54 | 000,000,000 | ---D | C] -- C:\Users\Tannis\AppData\Local\{5359AFF3-B265-439C-A5B8-F43CA8F95658}
[2015/07/14 19:07:48 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cewmdm.dll
[2015/07/14 19:07:48 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cewmdm.dll
[2015/07/14 19:07:26 | 003,180,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2015/07/14 19:07:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RdpGroupPolicyExtension.dll
[2015/07/14 19:07:23 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2015/07/14 19:06:06 | 002,087,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2015/07/14 19:06:00 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2015/07/14 19:06:00 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2015/07/14 19:05:59 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2015/07/14 19:04:20 | 003,242,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2015/07/14 19:04:19 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2015/07/14 19:04:19 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2015/07/14 19:04:19 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msihnd.dll
[2015/07/14 19:04:19 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll
[2015/07/14 19:04:19 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2015/07/14 19:04:18 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msimsg.dll
[2015/07/14 19:04:18 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msimsg.dll
[2015/07/14 18:45:07 | 000,000,000 | ---D | C] -- C:\windows\pss
[2015/07/10 09:39:22 | 000,000,000 | -H-D | C] -- C:\$Windows.~BT
[2015/07/03 13:14:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2015/07/03 13:14:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2015/07/03 13:14:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2015/06/24 01:29:00 | 001,217,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FM20.DLL
[2015/06/17 00:23:50 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\windows\SysWow64\QuickTimeVR.qtx
[2015/06/17 00:23:50 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\windows\SysWow64\QuickTime.qts
[2015/06/14 09:04:26 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2015/06/10 08:22:20 | 001,255,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagtrack.dll
[2015/06/10 08:22:14 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2015/06/10 08:22:12 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdh.dll
[2015/06/10 08:22:12 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tracerpt.exe
[2015/06/10 08:22:12 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tracerpt.exe
[2015/06/10 08:22:11 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdh.dll
[2015/06/10 08:22:11 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sechost.dll
[2015/06/10 08:22:11 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logman.exe
[2015/06/10 08:22:11 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logman.exe
[2015/06/10 08:22:11 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\typeperf.exe
[2015/06/10 08:22:11 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\relog.exe
[2015/06/10 08:22:11 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\typeperf.exe
[2015/06/10 08:22:11 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\relog.exe
[2015/06/10 08:22:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskperf.exe
[2015/06/10 08:22:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskperf.exe
[2015/06/10 08:22:06 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UtcResources.dll
[2015/06/10 08:21:56 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepic.dll
[2015/06/10 08:21:55 | 014,635,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2015/06/10 08:21:54 | 011,411,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2015/06/10 08:21:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwmp.dll
[2015/06/10 08:21:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwmp.dll
[2015/06/10 08:21:53 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdxm.ocx
[2015/06/10 08:21:53 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxmasf.dll
[2015/06/10 08:21:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdxm.ocx
[2015/06/10 08:21:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxmasf.dll
[2015/06/10 08:21:52 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2015/06/10 08:21:52 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2015/06/10 08:21:51 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2015/06/10 08:21:45 | 000,069,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\stream.sys
[2015/06/07 07:52:59 | 000,000,000 | ---D | C] -- C:\Users\Tannis\AppData\Local\GWX
[2015/05/13 06:58:26 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe
[2015/05/13 06:58:10 | 000,632,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2015/05/13 06:58:10 | 000,546,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2015/05/13 06:57:44 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\InkEd.dll
[2015/05/13 06:57:44 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\InkEd.dll
[2015/05/13 06:57:44 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jnwmon.dll
[2015/05/13 06:57:43 | 002,543,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdshext.dll
[2015/05/13 06:57:39 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2015/05/13 06:57:39 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2015/05/13 06:57:37 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apphelp.dll
[2015/05/13 06:57:37 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdbinst.exe
[2015/05/13 06:57:37 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sdbinst.exe
[2015/05/13 06:57:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shimeng.dll
[2015/05/05 23:26:28 | 000,341,512 | ---- | C] (DivX, LLC) -- C:\windows\SysWow64\DivXControlPanelApplet.cpl
[2015/04/15 13:27:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015/04/14 23:02:47 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\clfsw32.dll
[2015/04/14 23:02:47 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\clfsw32.dll
[2015/04/04 03:00:45 | 000,000,000 | --SD | C] -- C:\windows\SysWow64\GWX
[2015/04/04 03:00:44 | 000,000,000 | --SD | C] -- C:\windows\SysNative\GWX
[2015/03/12 00:04:26 | 000,000,000 | ---D | C] -- C:\Users\Tannis\Desktop\Memorial
[2015/03/11 00:38:34 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2015/03/11 00:38:28 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2015/03/11 00:38:26 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drmv2clt.dll
[2015/03/11 00:38:25 | 001,574,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2015/03/11 00:38:25 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2015/03/11 00:38:24 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drmv2clt.dll
[2015/03/11 00:38:24 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscp.dll
[2015/03/11 00:38:24 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2015/03/11 00:38:23 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\blackbox.dll
[2015/03/11 00:38:23 | 000,782,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmsdk.dll
[2015/03/11 00:38:23 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\blackbox.dll
[2015/03/11 00:38:22 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmsdk.dll
[2015/03/11 00:38:22 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drmmgrtn.dll
[2015/03/11 00:38:20 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AUDIOKSE.dll
[2015/03/11 00:38:20 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfplat.dll
[2015/03/11 00:38:20 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfplat.dll
[2015/03/11 00:38:19 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\evr.dll
[2015/03/11 00:38:19 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drmmgrtn.dll
[2015/03/11 00:38:18 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2015/03/11 00:38:18 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscp.dll
[2015/03/11 00:38:18 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2015/03/11 00:38:18 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2015/03/11 00:38:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEng.dll
[2015/03/11 00:38:17 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msnetobj.dll
[2015/03/11 00:38:17 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msnetobj.dll
[2015/03/11 00:38:17 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe
[2015/03/11 00:38:17 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcadm.dll
[2015/03/11 00:38:16 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AUDIOKSE.dll
[2015/03/11 00:38:16 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDump.dll
[2015/03/11 00:38:16 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2015/03/11 00:38:16 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfps.dll
[2015/03/11 00:38:16 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptsp.dll
[2015/03/11 00:38:16 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rrinstaller.exe
[2015/03/11 00:38:16 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rrinstaller.exe
[2015/03/11 00:38:16 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfpmp.exe
[2015/03/11 00:38:16 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfpmp.exe
[2015/03/11 00:38:16 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcawrk.exe
[2015/03/11 00:38:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcalua.exe
[2015/03/11 00:38:14 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcaevts.dll
[2015/03/11 00:38:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mferror.dll
[2015/03/11 00:38:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mferror.dll
[2015/03/11 00:37:59 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll
[2015/03/11 00:37:43 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ubpm.dll
[2015/03/11 00:37:43 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ubpm.dll
[2015/03/11 00:37:28 | 001,067,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msctf.dll
[2015/03/11 00:37:27 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2015/03/11 00:36:59 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2015/03/11 00:36:59 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2015/02/25 18:54:04 | 000,000,000 | ---D | C] -- C:\Users\Tannis\AppData\Roaming\Leadertech
[2015/02/25 18:50:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2015/02/25 18:42:57 | 000,000,000 | ---D | C] -- C:\Users\Tannis\AppData\Roaming\InstallShield
[2015/02/25 18:41:39 | 000,000,000 | ---D | C] -- C:\Users\Tannis\AppData\Roaming\Epson
[2015/02/25 18:40:10 | 000,000,000 | ---D | C] -- C:\Program Files\EPSON
[2015/02/25 18:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
[2015/02/25 18:39:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EPSON Software
[2015/02/25 18:38:41 | 000,558,592 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\windows\SysNative\ensppmon.dll
[2015/02/25 18:38:41 | 000,558,592 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\windows\SysNative\enppmon.dll
[2015/02/25 18:38:41 | 000,535,552 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\windows\SysNative\ensppui.dll
[2015/02/25 18:38:41 | 000,535,552 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\windows\SysNative\enppui.dll
[2015/02/25 18:38:41 | 000,219,648 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\windows\SysNative\enspres.dll
[2015/02/25 18:38:41 | 000,219,648 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\windows\SysNative\enpres.dll
[2015/02/25 18:38:40 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet
[2015/02/25 18:38:15 | 000,466,432 | ---- | C] (Seiko Epson Corporation) -- C:\windows\SysNative\esxw2ud.dll
[2015/02/25 18:38:15 | 000,147,472 | ---- | C] (TWAIN Working Group) -- C:\windows\SysWow64\twaindsm.dll
[2015/02/25 18:38:15 | 000,144,560 | ---- | C] (Seiko Epson Corporation) -- C:\windows\SysNative\escsvc64.exe
[2015/02/25 18:35:55 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\windows\SysNative\E_GCINST.DLL
[2015/02/25 18:35:37 | 000,179,712 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\windows\SysNative\E_YLMBKEE.DLL
[2015/02/25 18:35:34 | 000,083,968 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\windows\SysNative\E_YD4BKEE.DLL
[2015/02/25 18:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2015/02/25 18:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson
[2015/02/25 18:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epson
[2015/02/25 18:26:52 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perftrack.dll
[2015/02/25 18:26:52 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powertracker.dll
[2015/02/11 08:45:43 | 001,239,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aitstatic.exe
[2015/02/11 08:44:44 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2015/02/11 08:44:26 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scesrv.dll
[2015/02/11 08:44:26 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scesrv.dll
[2015/02/04 12:23:14 | 000,875,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr120_clr0400.dll
[2015/02/04 12:13:22 | 000,869,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcr120_clr0400.dll
[2015/01/30 20:10:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2015/01/13 19:44:14 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\profprov.dll
[2015/01/13 19:44:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2015/01/13 19:44:11 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWbPrxy.exe
[2015/01/13 11:28:09 | 000,000,000 | ---D | C] -- C:\Users\Tannis\Desktop\Bobbie
[2015/01/03 22:43:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2015/01/03 22:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2015/01/03 22:43:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/12/17 09:54:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
[2014/12/17 09:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Phone
[2014/12/17 09:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Applications
[2014/12/10 06:59:42 | 000,000,000 | ---D | C] -- C:\windows\SysNative\appraiser
[2014/12/09 18:12:32 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\charmap.exe
[2014/12/09 18:12:32 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\charmap.exe
[2014/12/09 18:12:29 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSManMigrationPlugin.dll
[2014/12/09 18:12:29 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WsmWmiPl.dll
[2014/12/09 18:12:29 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSManHTTPConfig.exe
[2014/12/09 18:12:29 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSManMigrationPlugin.dll
[2014/12/09 18:12:29 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WsmWmiPl.dll
[2014/12/09 18:12:29 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSManHTTPConfig.exe
[2014/12/09 18:12:29 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WsmAuto.dll
[2014/12/09 18:12:29 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WsmAuto.dll
[2014/11/19 23:21:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reanimator
[2014/11/12 13:46:50 | 000,000,000 | -HSD | C] -- C:\Users\Tannis\AppData\Local\EmieBrowserModeList
[2014/11/11 22:19:33 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IMJP10K.DLL
[2014/11/11 22:19:33 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IMJP10K.DLL
[2014/11/11 22:19:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2014/11/11 22:19:31 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2014/10/15 21:07:22 | 000,457,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll
[2014/10/15 19:36:17 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2014/10/15 19:36:17 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2014/10/15 19:36:17 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2014/10/15 19:36:17 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2014/10/15 19:36:10 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2014/10/15 19:36:10 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscories.dll
[2014/10/15 19:35:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDYAK.DLL
[2014/10/15 19:35:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTAT.DLL
[2014/10/15 19:35:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTAT.DLL
[2014/10/15 19:35:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDRU1.DLL
[2014/10/15 19:35:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDRU.DLL
[2014/10/15 19:35:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBASH.DLL
[2014/10/15 19:35:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDYAK.DLL
[2014/10/15 19:35:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDRU1.DLL
[2014/10/15 19:35:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBASH.DLL
[2014/10/15 19:35:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDRU.DLL
[2014/10/15 19:32:31 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2014/10/15 19:32:30 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2014/10/15 19:32:17 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2014/10/15 19:32:16 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2014/10/15 19:32:15 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2014/09/21 22:02:31 | 000,000,000 | ---D | C] -- C:\HP color LaserJet 3600
[2 C:\Users\Tannis\Desktop\*.tmp files -> C:\Users\Tannis\Desktop\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Tannis\Documents\*.tmp files -> C:\Users\Tannis\Documents\*.tmp -> ]
 
========== Files - Modified Within 360 Days ==========
 
[2015/09/14 22:29:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015/09/14 21:55:58 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/09/14 21:54:00 | 000,000,725 | ---- | M] () -- C:\windows\tasks\EPSON WF-3620 Series Invitation {54972EBC-3E3F-43FC-A59A-33B6DEBB9169}.job
[2015/09/14 21:53:01 | 000,000,911 | ---- | M] () -- C:\windows\tasks\EPSON WF-3620 Series Update {54972EBC-3E3F-43FC-A59A-33B6DEBB9169}.job
[2015/09/14 21:40:25 | 002,190,848 | ---- | M] (Farbar) -- C:\Users\Tannis\Desktop\FRST64.exe
[2015/09/14 21:37:30 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/09/14 21:37:30 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/09/14 21:27:48 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/09/14 21:27:34 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2015/09/14 21:27:29 | 3151,998,976 | -HS- | M] () -- C:\hiberfil.sys
[2015/09/14 18:43:50 | 000,113,880 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/09/14 17:24:13 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2015/09/10 12:51:08 | 001,348,608 | ---- | M] () -- C:\Users\Tannis\Documents\HTH raffle.pub
[2015/09/10 12:50:55 | 000,363,387 | ---- | M] () -- C:\Users\Tannis\Desktop\HTH raffle.jpg
[2015/09/03 22:43:36 | 001,348,608 | ---- | M] () -- C:\Users\Tannis\Desktop\HTH raffle.pub
[2015/08/12 04:29:10 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2015/08/12 04:29:10 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/08/12 04:29:04 | 009,284,296 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2015/08/12 03:44:45 | 000,420,680 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2015/07/31 08:02:19 | 000,852,346 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2015/07/31 08:02:19 | 000,712,300 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2015/07/31 08:02:19 | 000,140,890 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2015/07/30 14:06:57 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2015/07/30 14:06:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2015/07/30 14:06:42 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2015/07/30 14:06:39 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2015/07/30 14:06:35 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2015/07/30 14:06:34 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2015/07/30 13:57:08 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2015/07/30 13:57:02 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2015/07/30 12:52:53 | 000,372,736 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2015/07/30 12:49:55 | 000,299,520 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2015/07/30 09:13:38 | 000,103,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2015/07/30 09:13:11 | 000,124,624 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2015/07/28 16:09:44 | 000,017,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\CompatTelRunner.exe
[2015/07/28 16:05:53 | 000,774,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\invagent.dll
[2015/07/28 16:05:50 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2015/07/28 16:05:47 | 000,437,760 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
[2015/07/28 16:05:45 | 001,116,672 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\appraiser.dll
[2015/07/28 16:05:44 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2015/07/28 16:05:44 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\acmigration.dll
[2015/07/28 15:55:14 | 001,148,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2015/07/26 10:26:02 | 000,007,605 | ---- | M] () -- C:\Users\Tannis\AppData\Local\Resmon.ResmonCfg
[2015/07/20 14:12:45 | 003,154,944 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2015/07/20 14:12:45 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2015/07/20 14:12:45 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2015/07/20 14:12:45 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2015/07/20 14:12:45 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2015/07/20 14:12:44 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2015/07/20 14:12:16 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WinSetupUI.dll
[2015/07/20 14:12:05 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wu.upgrade.ps.dll
[2015/07/20 14:12:02 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2015/07/20 14:12:02 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2015/07/20 13:56:49 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2015/07/20 13:56:49 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2015/07/20 13:56:49 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2015/07/20 13:56:48 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2015/07/20 13:56:08 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2015/07/16 16:54:33 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2015/07/16 16:37:26 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2015/07/16 16:36:31 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2015/07/16 16:36:22 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2015/07/16 16:36:21 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2015/07/16 16:35:40 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2015/07/16 16:26:47 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2015/07/16 16:26:00 | 005,923,328 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2015/07/16 16:23:31 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2015/07/16 16:21:50 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2015/07/16 16:21:47 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2015/07/16 16:21:41 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2015/07/16 16:21:25 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2015/07/16 16:12:23 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2015/07/16 16:08:43 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2015/07/16 16:00:07 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2015/07/16 15:55:08 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2015/07/16 15:54:32 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2015/07/16 15:51:59 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2015/07/16 15:51:46 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2015/07/16 15:50:54 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2015/07/16 15:50:38 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2015/07/16 15:49:37 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2015/07/16 15:43:01 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2015/07/16 15:41:09 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2015/07/16 15:39:24 | 000,664,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2015/07/16 15:39:20 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2015/07/16 15:38:51 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2015/07/16 15:36:02 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2015/07/16 15:35:58 | 000,720,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2015/07/16 15:33:23 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2015/07/16 15:32:53 | 002,125,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2015/07/16 15:24:03 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/07/16 15:20:11 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2015/07/16 15:19:17 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2015/07/16 15:12:29 | 000,856,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\rdvidcrl.dll
[2015/07/16 15:12:29 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2015/07/16 15:12:28 | 006,131,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2015/07/16 15:11:27 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2015/07/16 15:11:26 | 007,077,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2015/07/16 15:11:26 | 001,057,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\rdvidcrl.dll
[2015/07/16 15:06:06 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2015/07/16 15:05:15 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2015/07/16 14:49:46 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2015/07/16 14:37:01 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2015/07/15 14:13:22 | 005,550,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2015/07/15 14:13:22 | 000,706,496 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2015/07/15 14:12:37 | 000,631,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2015/07/15 14:11:18 | 001,729,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2015/07/15 14:10:50 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msmmsp.dll
[2015/07/15 14:09:29 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2015/07/15 14:09:29 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2015/07/15 14:09:29 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2015/07/15 14:09:28 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2015/07/15 14:09:18 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2015/07/15 14:09:18 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2015/07/15 14:09:17 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2015/07/15 14:09:17 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll
[2015/07/15 14:09:17 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\srclient.dll
[2015/07/15 14:09:17 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2015/07/15 14:09:16 | 001,216,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2015/07/15 14:09:16 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\rpchttp.dll
[2015/07/15 14:09:12 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2015/07/15 14:09:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2015/07/15 14:09:09 | 001,464,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2015/07/15 14:09:09 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2015/07/15 14:09:09 | 000,421,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2015/07/15 14:09:05 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\cryptbase.dll
[2015/07/15 14:09:05 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2015/07/15 14:09:04 | 000,463,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\certcli.dll
[2015/07/15 14:09:03 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\appidapi.dll
[2015/07/15 14:08:53 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2015/07/15 14:08:50 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2015/07/15 14:08:37 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2015/07/15 14:08:34 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\appidpolicyconverter.exe
[2015/07/15 14:08:34 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\auditpol.exe
[2015/07/15 14:08:34 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\appidcertstorecheck.exe
[2015/07/15 14:07:01 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msobjs.dll
[2015/07/15 14:06:50 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll
[2015/07/15 14:05:03 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll
[2015/07/15 14:05:03 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/07/15 14:05:03 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/07/15 14:05:03 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/07/15 14:05:03 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/07/15 14:05:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/07/15 14:05:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/07/15 14:05:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/07/15 14:05:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/07/15 14:05:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/07/15 14:05:01 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll
[2015/07/15 14:02:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\en-US\mountmgr.sys.mui
[2015/07/15 13:54:18 | 003,995,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2015/07/15 13:54:18 | 003,939,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2015/07/15 13:49:51 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\rpchttp.dll
[2015/07/15 13:49:48 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2015/07/15 13:49:37 | 000,342,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2015/07/15 13:49:36 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\appidapi.dll
[2015/07/15 13:49:19 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2015/07/15 13:48:47 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\auditpol.exe
[2015/07/15 13:48:29 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2015/07/15 13:44:12 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msobjs.dll
[2015/07/15 13:43:53 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll
[2015/07/15 13:40:57 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2015/07/15 13:40:57 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/07/15 13:40:57 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/07/15 13:40:57 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/07/15 13:40:57 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/07/15 13:40:57 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/07/15 13:40:57 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/07/15 13:40:57 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/07/15 13:40:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/07/15 13:40:56 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll
[2015/07/15 12:36:14 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2015/07/15 12:36:12 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2015/07/15 12:33:38 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/07/15 12:33:38 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/07/15 12:33:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/07/15 12:33:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/07/14 23:19:45 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\basesrv.dll
[2015/07/14 23:14:09 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2015/07/14 23:13:59 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2015/07/14 22:51:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2015/07/14 22:51:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2015/07/11 09:15:03 | 000,429,568 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wksprt.exe
[2015/07/09 13:57:57 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\windows\notepad.exe
[2015/07/04 14:07:11 | 002,087,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2015/07/03 13:14:27 | 000,001,816 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2015/07/01 16:48:36 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2015/06/29 22:19:45 | 001,907,147 | ---- | M] () -- C:\Users\Tannis\Desktop\img20150629_22150467.jpg
[2015/06/24 01:29:00 | 001,217,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\FM20.DLL
[2015/06/18 08:41:56 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2015/06/18 08:41:44 | 000,109,272 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2015/06/18 08:41:40 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2015/06/17 13:47:05 | 000,404,992 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2015/06/17 00:23:50 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\windows\SysWow64\QuickTimeVR.qtx
[2015/06/17 00:23:50 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\windows\SysWow64\QuickTime.qts
[2015/06/15 17:50:42 | 000,112,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2015/06/15 17:45:42 | 003,242,496 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2015/06/15 17:45:42 | 000,504,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msihnd.dll
[2015/06/15 17:45:34 | 001,941,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2015/06/15 17:43:35 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll
[2015/06/15 17:43:24 | 001,805,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2015/06/15 17:42:46 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msimsg.dll
[2015/06/15 17:37:15 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msimsg.dll
[2015/06/14 09:04:11 | 536,493,900 | ---- | M] () -- C:\windows\MEMORY.DMP
[2015/06/09 14:03:22 | 003,180,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2015/06/09 14:03:22 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RdpGroupPolicyExtension.dll
[2015/06/01 20:07:15 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\cewmdm.dll
[2015/06/01 19:47:09 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\cewmdm.dll
[2015/05/25 14:22:13 | 000,879,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdh.dll
[2015/05/25 14:21:55 | 000,879,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2015/05/25 14:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\diagtrack.dll
[2015/05/25 14:19:09 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\sechost.dll
[2015/05/25 14:18:45 | 000,404,992 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tracerpt.exe
[2015/05/25 14:18:45 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\typeperf.exe
[2015/05/25 14:18:30 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\relog.exe
[2015/05/25 14:18:19 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\logman.exe
[2015/05/25 14:18:11 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\diskperf.exe
[2015/05/25 14:07:14 | 000,635,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdh.dll
[2015/05/25 14:00:44 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\typeperf.exe
[2015/05/25 14:00:40 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tracerpt.exe
[2015/05/25 14:00:25 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\relog.exe
[2015/05/25 14:00:17 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\logman.exe
[2015/05/25 14:00:09 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\diskperf.exe
[2015/05/25 13:00:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\UtcResources.dll
[2015/05/21 09:19:52 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepic.dll
[2015/05/09 14:26:06 | 000,493,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mcupdate_GenuineIntel.dll
[2015/05/05 23:26:28 | 000,341,512 | ---- | M] (DivX, LLC) -- C:\windows\SysWow64\DivXControlPanelApplet.cpl
[2015/04/29 14:22:09 | 014,635,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2015/04/29 14:21:50 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msdxm.ocx
[2015/04/29 14:21:50 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxmasf.dll
[2015/04/29 14:21:46 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\spwmp.dll
[2015/04/29 14:19:43 | 012,625,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2015/04/29 14:07:29 | 011,411,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2015/04/29 14:07:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msdxm.ocx
[2015/04/29 14:07:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\dxmasf.dll
[2015/04/29 14:07:07 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\spwmp.dll
[2015/04/29 14:05:19 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2015/04/27 15:23:45 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2015/04/27 15:23:13 | 001,480,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2015/04/27 15:23:13 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2015/04/25 07:28:46 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2015/04/24 14:17:26 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2015/04/15 13:34:47 | 000,844,960 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2015/04/15 13:27:55 | 000,002,697 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2015/04/12 23:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe
[2015/04/10 23:19:59 | 000,069,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\stream.sys
[2015/04/08 23:23:46 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\cryptui.dll
[2015/04/08 23:09:35 | 001,005,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\cryptui.dll
[2015/04/07 23:29:07 | 000,275,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\InkEd.dll
[2015/04/07 23:29:07 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jnwmon.dll
[2015/04/07 23:14:07 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\InkEd.dll
[2015/04/06 21:32:20 | 000,000,168 | ---- | M] () -- C:\Users\Tannis\Nova Genesis.url
[2015/03/18 19:39:03 | 000,632,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2015/03/18 19:39:03 | 000,546,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2015/03/12 21:58:14 | 000,016,303 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2015/03/12 21:55:15 | 000,016,303 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2015/03/09 13:44:15 | 000,089,978 | ---- | M] () -- C:\Users\Tannis\Documents\img20150309_13441545.pdf
[2015/03/09 12:52:34 | 000,597,561 | ---- | M] () -- C:\Users\Tannis\Documents\img20150309_12523409.pdf
[2015/03/04 00:41:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\shimeng.dll
[2015/03/04 00:41:27 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\clfsw32.dll
[2015/03/04 00:41:26 | 000,342,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\apphelp.dll
[2015/03/04 00:41:09 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\sdbinst.exe
[2015/03/04 00:10:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\clfsw32.dll
[2015/03/04 00:10:37 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\sdbinst.exe
[2015/02/25 18:53:50 | 000,000,059 | ---- | M] () -- C:\windows\WF-3620.ini
[2015/02/25 18:44:36 | 000,000,165 | ---- | M] () -- C:\Users\Public\Desktop\Epson WF-3620 User’s Guide.url
[2015/02/18 03:06:21 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2015/02/18 03:04:44 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2015/02/17 11:47:52 | 000,177,864 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\kneps.sys
[2015/02/04 12:23:14 | 000,875,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr120_clr0400.dll
[2015/02/04 12:13:22 | 000,869,536 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msvcr120_clr0400.dll
[2015/02/03 23:16:35 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2015/02/03 22:54:09 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2015/02/02 23:31:23 | 000,782,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmsdk.dll
[2015/02/02 23:31:16 | 001,424,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2015/02/02 23:31:08 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ubpm.dll
[2015/02/02 23:31:05 | 001,574,400 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2015/02/02 23:31:05 | 000,500,224 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\AUDIOKSE.dll
[2015/02/02 23:31:05 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2015/02/02 23:31:04 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pcadm.dll
[2015/02/02 23:31:03 | 000,641,024 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msscp.dll
[2015/02/02 23:31:03 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msnetobj.dll
[2015/02/02 23:31:01 | 004,121,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2015/02/02 23:31:01 | 000,432,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mfplat.dll
[2015/02/02 23:31:01 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2015/02/02 23:30:58 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2015/02/02 23:30:58 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\EncDump.dll
[2015/02/02 23:30:57 | 001,202,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drmv2clt.dll
[2015/02/02 23:30:57 | 000,497,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drmmgrtn.dll
[2015/02/02 23:30:56 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\cryptsp.dll
[2015/02/02 23:30:55 | 000,842,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\blackbox.dll
[2015/02/02 23:30:55 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\AudioEng.dll
[2015/02/02 23:30:55 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2015/02/02 23:30:39 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\rrinstaller.exe
[2015/02/02 23:30:36 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pcawrk.exe
[2015/02/02 23:30:36 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pcalua.exe
[2015/02/02 23:30:32 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mfpmp.exe
[2015/02/02 23:30:19 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe
[2015/02/02 23:29:19 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pcaevts.dll
[2015/02/02 23:28:49 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mferror.dll
[2015/02/02 23:12:48 | 000,617,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmsdk.dll
[2015/02/02 23:12:34 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ubpm.dll
[2015/02/02 23:12:29 | 001,329,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2015/02/02 23:12:29 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2015/02/02 23:12:29 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\AUDIOKSE.dll
[2015/02/02 23:12:25 | 000,504,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msscp.dll
[2015/02/02 23:12:24 | 000,265,216 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msnetobj.dll
[2015/02/02 23:12:22 | 003,209,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2015/02/02 23:12:22 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mfplat.dll
[2015/02/02 23:12:22 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mfps.dll
[2015/02/02 23:12:18 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\evr.dll
[2015/02/02 23:12:16 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\drmv2clt.dll
[2015/02/02 23:12:16 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\drmmgrtn.dll
[2015/02/02 23:12:12 | 000,744,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\blackbox.dll
[2015/02/02 23:11:55 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\rrinstaller.exe
[2015/02/02 23:11:48 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mfpmp.exe
[2015/02/02 23:09:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mferror.dll
[2015/01/30 21:04:24 | 000,207,668 | ---- | M] () -- C:\windows\hpwins28.dat
[2015/01/30 19:56:52 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll
[2015/01/30 19:23:56 | 001,032,846 | ---- | M] () -- C:\Users\Tannis\Desktop\Nationstar 2014 EOY and 2015 statement.pdf
[2015/01/28 23:19:34 | 002,543,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wpdshext.dll
[2015/01/28 23:19:34 | 001,195,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\UMDF\WpdMtpDr.dll
[2015/01/28 12:46:41 | 000,001,810 | ---- | M] () -- C:\Users\Tannis\Desktop\Your Enrollment Status for Instructor Led Session Lunch & Learn is Confirmed _1.ics
[2015/01/27 19:36:21 | 001,239,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aitstatic.exe
[2015/01/24 20:47:00 | 000,485,827 | ---- | M] () -- C:\Users\Tannis\Desktop\Vacation voucher.pdf
[2015/01/23 18:49:55 | 000,030,819 | ---- | M] () -- C:\Users\Tannis\Desktop\Ft. Benning Job.htm
[2015/01/16 22:48:38 | 001,067,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msctf.dll
[2015/01/14 09:00:02 | 000,000,002 | RHS- | M] () -- C:\windows\winstart.bat
[2015/01/14 09:00:02 | 000,000,002 | RHS- | M] () -- C:\windows\SysWow64\CONFIG.NT
[2015/01/14 09:00:02 | 000,000,002 | RHS- | M] () -- C:\windows\SysWow64\AUTOEXEC.NT
[2015/01/14 08:59:50 | 000,000,978 | ---- | M] () -- C:\Users\Tannis\Desktop\UnHackMe.lnk
[2015/01/13 19:23:34 | 000,435,200 | ---- | M] () -- C:\Users\Tannis\Desktop\family calendar.pub
[2015/01/08 23:14:19 | 000,950,272 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\perftrack.dll
[2015/01/08 23:14:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\powertracker.dll
[2014/12/18 23:30:49 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\profprov.dll
[2014/12/11 13:47:17 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\TSWbPrxy.exe
[2014/12/07 23:09:05 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\scesrv.dll
[2014/12/07 22:46:05 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\scesrv.dll
[2014/12/05 23:50:18 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2014/11/25 23:53:59 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2014/11/19 23:21:31 | 000,000,924 | ---- | M] () -- C:\Users\Tannis\Desktop\Reanimator.lnk
[2014/11/06 12:32:03 | 000,170,548 | ---- | M] () -- C:\Users\Tannis\Desktop\Bolier Meter Compliance.zip
[2014/10/30 10:33:39 | 000,003,337 | ---- | M] () -- C:\Users\Tannis\Desktop\images3Y6NS3PF.jpg
[2014/10/29 22:03:43 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\charmap.exe
[2014/10/29 21:45:43 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\charmap.exe
[2014/10/24 21:57:59 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2014/10/24 21:32:37 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2014/10/02 22:12:23 | 000,310,272 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WsmWmiPl.dll
[2014/10/02 22:12:22 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WSManMigrationPlugin.dll
[2014/10/02 22:12:22 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WsmAuto.dll
[2014/10/02 22:11:49 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WSManHTTPConfig.exe
[2014/10/02 21:45:03 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\WSManMigrationPlugin.dll
[2014/10/02 21:45:03 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\WsmWmiPl.dll
[2014/10/02 21:45:03 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\WsmAuto.dll
[2014/10/02 21:44:25 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\WSManHTTPConfig.exe
[2 C:\Users\Tannis\Desktop\*.tmp files -> C:\Users\Tannis\Desktop\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Tannis\Documents\*.tmp files -> C:\Users\Tannis\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015/09/14 17:24:13 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2015/09/10 12:50:33 | 001,348,608 | ---- | C] () -- C:\Users\Tannis\Documents\HTH raffle.pub
[2015/09/03 22:45:23 | 000,363,387 | ---- | C] () -- C:\Users\Tannis\Desktop\HTH raffle.jpg
[2015/09/03 20:59:08 | 001,348,608 | ---- | C] () -- C:\Users\Tannis\Desktop\HTH raffle.pub
[2015/07/03 13:14:27 | 000,001,816 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2015/06/29 22:15:04 | 001,907,147 | ---- | C] () -- C:\Users\Tannis\Desktop\img20150629_22150467.jpg
[2015/06/14 09:04:11 | 536,493,900 | ---- | C] () -- C:\windows\MEMORY.DMP
[2015/04/15 13:27:54 | 000,002,697 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2015/04/14 23:03:17 | 000,016,303 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2015/04/14 23:03:15 | 000,016,303 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2015/04/06 21:32:16 | 000,000,168 | ---- | C] () -- C:\Users\Tannis\Nova Genesis.url
[2015/03/09 13:44:15 | 000,089,978 | ---- | C] () -- C:\Users\Tannis\Documents\img20150309_13441545.pdf
[2015/03/09 12:52:34 | 000,597,561 | ---- | C] () -- C:\Users\Tannis\Documents\img20150309_12523409.pdf
[2015/03/09 10:54:08 | 000,000,725 | ---- | C] () -- C:\windows\tasks\EPSON WF-3620 Series Invitation {54972EBC-3E3F-43FC-A59A-33B6DEBB9169}.job
[2015/03/09 10:53:57 | 000,000,911 | ---- | C] () -- C:\windows\tasks\EPSON WF-3620 Series Update {54972EBC-3E3F-43FC-A59A-33B6DEBB9169}.job
[2015/02/25 18:51:04 | 000,000,059 | ---- | C] () -- C:\windows\WF-3620.ini
[2015/02/25 18:38:16 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2015/02/25 18:31:35 | 000,000,165 | ---- | C] () -- C:\Users\Public\Desktop\Epson WF-3620 User’s Guide.url
[2015/01/30 19:23:56 | 001,032,846 | ---- | C] () -- C:\Users\Tannis\Desktop\Nationstar 2014 EOY and 2015 statement.pdf
[2015/01/28 12:46:31 | 000,001,810 | ---- | C] () -- C:\Users\Tannis\Desktop\Your Enrollment Status for Instructor Led Session Lunch & Learn is Confirmed _1.ics
[2015/01/24 20:47:00 | 000,485,827 | ---- | C] () -- C:\Users\Tannis\Desktop\Vacation voucher.pdf
[2015/01/23 18:49:54 | 000,030,819 | ---- | C] () -- C:\Users\Tannis\Desktop\Ft. Benning Job.htm
[2014/11/19 23:21:31 | 000,000,924 | ---- | C] () -- C:\Users\Tannis\Desktop\Reanimator.lnk
[2014/11/11 22:33:53 | 000,007,605 | ---- | C] () -- C:\Users\Tannis\AppData\Local\Resmon.ResmonCfg
[2014/11/06 12:32:03 | 000,170,548 | ---- | C] () -- C:\Users\Tannis\Desktop\Bolier Meter Compliance.zip
[2014/10/30 10:34:20 | 000,003,337 | ---- | C] () -- C:\Users\Tannis\Desktop\images3Y6NS3PF.jpg
[2013/12/21 15:26:28 | 000,000,418 | ---- | C] () -- C:\windows\hpwmdl28.dat.temp
[2012/03/21 00:39:58 | 000,017,408 | ---- | C] () -- C:\Users\Tannis\AppData\Local\WebpageIcons.db
[2012/02/23 19:09:02 | 000,061,304 | ---- | C] () -- C:\Users\Tannis\g2mdlhlpx.exe
[2012/02/22 21:33:30 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/07/10 13:51:25 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/07/10 13:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

 


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP