Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19
  1. #11
    Member
    Join Date
    Mar 2011
    Posts
    113
    Points
    10

    Default

    So I was able to download and run it the first time....but it never created a log. I went back, deleted it, and tried to download it and run it again....and it will download the files, but it won't run again.

  2. #12
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,181
    Points
    1308

    Default

    Is there any type of error with combofix ? Also did you look for the log on your "C" drive--> C:\ComboFix.txt


    Have you tried rebooting the computer and try combofix again ? If that does not work can you post a new FRST Log at least .

    Thanks
    Joe
    Last edited by zep516; 12-22-2014 at 06:28 PM.

  3. #13
    Member
    Join Date
    Mar 2011
    Posts
    113
    Points
    10

    Default

    Yea, no luck with Combo fix. not sure what happened....but oh well. Sorry for the late response! Hope you had a great christmas! Also, I have a friend who can format the hard drive for me after we get it fixed. (if we can.) Or would it be better to just pull the files I need and have him do it? Also, I went ahead and ran first log again.

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
    Ran by Hiddendemon666 (administrator) on GLENN on 28-12-2014 07:31:11
    Running from C:\Users\Hiddendemon666\Desktop
    Loaded Profile: Hiddendemon666 (Available profiles: Hiddendemon666)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 9 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Windows\System32\alg.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Microsoft Corporation) C:\Windows\System32\msiexec.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
    HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
    HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
    HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
    HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
    HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-25] (TOSHIBA Corporation)
    HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA Corporation)
    HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
    HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1926928 2010-01-19] (Intel(R) Corporation)
    HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
    HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA Corporation)
    HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
    HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
    HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION)
    HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
    HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-02-22] (TOSHIBA CORPORATION)
    HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252728 2010-03-17] (TOSHIBA)
    HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-08-26] ()
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-02] (Adobe Systems Incorporated)
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2957040 2010-07-19] (SUPERAntiSpyware.com)
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2014-12-17] (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir...=ie&ar=msnhome
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKLM -> DefaultScope {FB6C0C18-6317-4948-A327-191E364D6F6B} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
    SearchScopes: HKLM -> {FB6C0C18-6317-4948-A327-191E364D6F6B} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
    SearchScopes: HKLM-x32 -> DefaultScope {DB87984A-8B16-4486-90FC-9C987E311AB6} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
    SearchScopes: HKLM-x32 -> {DB87984A-8B16-4486-90FC-9C987E311AB6} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
    SearchScopes: HKU\S-1-5-21-3092100664-2491022899-479283734-1000 -> DefaultScope {DB87984A-8B16-4486-90FC-9C987E311AB6} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS389
    SearchScopes: HKU\S-1-5-21-3092100664-2491022899-479283734-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={5541CE1C-0729-451E-960D-908A1E0D8DB9}&mid=f34ee44920a647d6a11ea113f022cb13-974a745a63313276e2cebbcbb4e040f305ef5aa1&lang=en&ds=AVG&pr=fr&d=2011-09-27 11:42:04&v=9.0.0.18&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3092100664-2491022899-479283734-1000 -> {B8B3A7A5-D246-4F15-AB03-6B706AF0FBAB} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
    SearchScopes: HKU\S-1-5-21-3092100664-2491022899-479283734-1000 -> {DB87984A-8B16-4486-90FC-9C987E311AB6} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS389
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

    FireFox:
    ========
    FF ProfilePath: C:\Users\Hiddendemon666\AppData\Roaming\Mozilla\Firefox\Profiles\3sk6a3c7.default
    FF DefaultSearchEngine: Google
    FF Homepage: hxxp://www.google.com/
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
    FF Extension: Test Pilot - C:\Users\Hiddendemon666\AppData\Roaming\Mozilla\Firefox\Profiles\3sk6a3c7.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-10-16]
    FF HKLM-x32\...\Firefox\Extensions: [avg@igeared] - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared
    FF Extension: AVG Security Toolbar - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011-09-16]
    FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
    FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-08-26]
    FF HKU\S-1-5-21-3092100664-2491022899-479283734-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Hiddendemon666\AppData\Roaming\IDM\idmmzcc5

    Chrome:
    =======

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com) [File not signed]
    S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [947528 2011-03-18] ()
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [315664 2010-01-19] ()
    S2 taisregispinger; C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe [297344 2009-08-13] ()
    S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 WINFLASH64; C:\Program Files (x86)\UEFI WinFlash\WinFlash64.sys [19000 2009-11-23] ()
    R4 AVGIDSHA; system32\DRIVERS\avgidsha.sys [X]
    R4 Avgrkx64; system32\DRIVERS\avgrkx64.sys [X]
    R4 Avgtdia; system32\DRIVERS\avgtdia.sys [X]
    U3 catchme; \??\C:\ComboFix\catchme.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-28 10:20 - 2014-06-05 22:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
    2014-12-28 10:20 - 2014-06-05 22:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
    2014-12-28 07:31 - 2014-12-28 07:31 - 00015516 _____ () C:\Users\Hiddendemon666\Desktop\FRST.txt
    2014-12-28 07:31 - 2014-12-28 07:31 - 00000000 ____D () C:\Users\Hiddendemon666\Desktop\FRST-OlderVersion
    2014-12-28 07:25 - 2014-12-28 07:25 - 00000796 _____ () C:\windows\setupact.log
    2014-12-28 07:25 - 2014-12-28 07:25 - 00000000 _____ () C:\windows\setuperr.log
    2014-12-28 07:21 - 2014-06-30 14:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
    2014-12-28 07:21 - 2014-06-30 14:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
    2014-12-28 07:21 - 2014-03-09 13:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
    2014-12-28 07:21 - 2014-03-09 13:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
    2014-12-28 07:21 - 2014-03-09 13:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
    2014-12-28 07:21 - 2014-03-09 13:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
    2014-12-22 15:35 - 2014-12-28 07:30 - 05603624 _____ (Swearware) C:\Users\Hiddendemon666\Downloads\ComboFix.exe
    2014-12-22 14:45 - 2014-12-28 07:30 - 00000000 ___SD () C:\ComboFix
    2014-12-22 14:45 - 2014-12-22 14:45 - 00000000 ____D () C:\windows\erdnt
    2014-12-22 14:45 - 2014-12-22 14:45 - 00000000 ____D () C:\Qoobox
    2014-12-22 14:45 - 2011-06-25 22:45 - 00256000 _____ () C:\windows\PEV.exe
    2014-12-22 14:45 - 2010-11-07 09:20 - 00208896 _____ () C:\windows\MBR.exe
    2014-12-22 14:45 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
    2014-12-22 14:45 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
    2014-12-22 14:45 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
    2014-12-22 14:45 - 2000-08-30 16:00 - 00098816 _____ () C:\windows\sed.exe
    2014-12-22 14:45 - 2000-08-30 16:00 - 00080412 _____ () C:\windows\grep.exe
    2014-12-22 14:45 - 2000-08-30 16:00 - 00068096 _____ () C:\windows\zip.exe
    2014-12-21 09:21 - 2014-12-21 09:22 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Hiddendemon666\Downloads\tdsskiller.exe
    2014-12-21 09:19 - 2014-12-21 09:19 - 00000000 ____D () C:\Users\Hiddendemon666\Downloads\FRST-OlderVersion
    2014-12-17 19:30 - 2014-12-17 19:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-12-17 17:59 - 2014-12-17 18:00 - 00028422 _____ () C:\Users\Hiddendemon666\Downloads\Addition.txt
    2014-12-17 17:55 - 2014-12-17 18:00 - 00161024 _____ () C:\Users\Hiddendemon666\Downloads\FRST.txt
    2014-12-17 17:41 - 2014-05-14 08:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
    2014-12-17 17:41 - 2014-05-14 08:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
    2014-12-17 17:41 - 2014-05-14 08:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
    2014-12-17 17:41 - 2014-05-14 08:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
    2014-12-17 17:39 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
    2014-12-17 17:39 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
    2014-12-17 17:39 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
    2014-12-17 17:39 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
    2014-12-17 07:03 - 2014-12-17 07:03 - 00000000 ____D () C:\windows\system32\SPReview
    2014-12-17 07:00 - 2014-12-17 07:00 - 00000000 ____D () C:\windows\system32\EventProviders
    2014-12-16 17:58 - 2010-11-04 17:57 - 01942856 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
    2014-12-16 17:58 - 2010-11-04 17:57 - 00048976 _____ (Microsoft Corporation) C:\windows\system32\netfxperf.dll
    2014-12-16 17:57 - 2010-11-20 05:39 - 05066752 _____ (Microsoft Corporation) C:\windows\system32\AuthFWSnapin.dll
    2014-12-16 17:57 - 2010-11-20 05:34 - 00215936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
    2014-12-16 17:57 - 2010-11-20 05:33 - 00982912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
    2014-12-16 17:57 - 2010-11-20 05:33 - 00951680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
    2014-12-16 17:57 - 2010-11-20 05:33 - 00299392 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
    2014-12-16 17:57 - 2010-11-20 05:33 - 00273792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
    2014-12-16 17:57 - 2010-11-20 05:27 - 14633472 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 03860992 _____ (Microsoft Corporation) C:\windows\system32\UIRibbon.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 03650560 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 03027968 _____ (Microsoft Corporation) C:\windows\system32\WMVCORE.DLL
    2014-12-16 17:57 - 2010-11-20 05:27 - 03008000 _____ (Microsoft Corporation) C:\windows\system32\xpsservices.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 02652160 _____ (Microsoft Corporation) C:\windows\system32\netshell.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 02543616 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 02086912 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 02055680 _____ (Microsoft Corporation) C:\windows\system32\Query.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 02018304 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01900544 _____ (Microsoft Corporation) C:\windows\system32\setupapi.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
    2014-12-16 17:57 - 2010-11-20 05:27 - 01808384 _____ (Microsoft Corporation) C:\windows\system32\pnidui.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01753088 _____ (Microsoft Corporation) C:\windows\system32\vssapi.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01646080 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01556992 _____ (Microsoft Corporation) C:\windows\system32\RacEngn.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01509888 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01326080 _____ (Microsoft Corporation) C:\windows\system32\NaturalLanguage6.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01281024 _____ (Microsoft Corporation) C:\windows\system32\werconcpl.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01219584 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01212416 _____ (Microsoft Corporation) C:\windows\system32\propsys.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01197056 _____ (Microsoft Corporation) C:\windows\system32\taskschd.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01190400 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01158656 _____ (Microsoft Corporation) C:\windows\system32\webservices.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01098240 _____ (Microsoft Corporation) C:\windows\system32\Vault.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01008128 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00867840 _____ (Microsoft Corporation) C:\windows\system32\SearchFolder.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00849920 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00758784 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\PortableDeviceApi.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00750080 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\odbc32.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00695808 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00582656 _____ (Microsoft Corporation) C:\windows\system32\sxs.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00577536 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00512000 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00481280 _____ (Microsoft Corporation) C:\windows\system32\wmpps.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00476160 _____ (Microsoft Corporation) C:\windows\system32\QAGENTRT.DLL
    2014-12-16 17:57 - 2010-11-20 05:27 - 00473600 _____ (Microsoft Corporation) C:\windows\system32\taskcomp.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00457216 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\shlwapi.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00444416 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00326144 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00299520 _____ (Microsoft Corporation) C:\windows\system32\tsmf.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\QAGENT.DLL
    2014-12-16 17:57 - 2010-11-20 05:27 - 00263168 _____ (Microsoft Corporation) C:\windows\system32\spwizui.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 04120064 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 03391488 _____ (Microsoft Corporation) C:\windows\system32\dbgeng.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 03205120 _____ (Microsoft Corporation) C:\windows\system32\mmcndmgr.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 02067456 _____ (Microsoft Corporation) C:\windows\system32\d3d9.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 01866240 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 01838080 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 01340416 _____ (Microsoft Corporation) C:\windows\system32\diagperf.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 01244160 _____ (Microsoft Corporation) C:\windows\system32\imapi2fs.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 01137664 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00853504 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
    2014-12-16 17:57 - 2010-11-20 05:26 - 00828416 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00787968 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00777728 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00658944 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\ipsmsnap.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00317952 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00295936 _____ (Microsoft Corporation) C:\windows\system32\framedynos.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00281600 _____ (Microsoft) C:\windows\system32\DShowRdpFilter.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\hgprint.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 03957760 _____ (Microsoft Corporation) C:\windows\system32\WinSAT.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 01975296 _____ (Microsoft Corporation) C:\windows\system32\CertEnroll.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 01927680 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 01796096 _____ (Microsoft Corporation) C:\windows\system32\certmgr.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 01600512 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 01504256 _____ (Microsoft Corporation) C:\windows\system32\wbengine.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 01116672 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 00958464 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 00902144 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 00897536 _____ (Microsoft Corporation) C:\windows\system32\azroles.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 00705024 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
    2014-12-16 17:57 - 2010-11-20 05:25 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\spinstall.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 00594432 _____ (Microsoft Corporation) C:\windows\system32\comdlg32.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 00464384 _____ (Microsoft Corporation) C:\windows\system32\taskeng.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 00390656 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 00301568 _____ (Microsoft Corporation) C:\windows\system32\spreview.exe
    2014-12-16 17:57 - 2010-11-20 05:24 - 00653312 _____ (Microsoft Corporation) C:\windows\system32\lpksetup.exe
    2014-12-16 17:57 - 2010-11-20 05:24 - 00345088 _____ (Microsoft Corporation) C:\windows\system32\cmd.exe
    2014-12-16 17:57 - 2010-11-20 05:24 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\lsm.exe
    2014-12-16 17:57 - 2010-11-20 05:24 - 00272896 _____ (Microsoft Corporation) C:\windows\system32\mcbuilder.exe
    2014-12-16 17:57 - 2010-11-20 04:32 - 05066752 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthFWSnapin.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 01667584 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupapi.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 01619456 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
    2014-12-16 17:57 - 2010-11-20 04:21 - 01363456 _____ (Microsoft Corporation) C:\windows\SysWOW64\Query.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 01175040 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 01128448 _____ (Microsoft Corporation) C:\windows\SysWOW64\vssapi.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 01115136 _____ (Microsoft Corporation) C:\windows\SysWOW64\RacEngn.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 01010688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFolder.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00505856 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskschd.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00351232 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsmf.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\upnp.dll
    2014-12-16 17:57 - 2010-11-20 04:20 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
    2014-12-16 17:57 - 2010-11-20 04:20 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbc32.dll
    2014-12-16 17:57 - 2010-11-20 04:20 - 00563712 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll
    2014-12-16 17:57 - 2010-11-20 04:20 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
    2014-12-16 17:57 - 2010-11-20 04:20 - 00406528 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 03207680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 02291712 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 02151936 _____ (Microsoft Corporation) C:\windows\SysWOW64\mmcndmgr.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 01493504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 00954752 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc40.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 00954288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc40u.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 00257024 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 02522624 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbgeng.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 01828352 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d9.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 01371136 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 01334272 _____ (Microsoft Corporation) C:\windows\SysWOW64\CertEnroll.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 01171456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00739840 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00522752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00252928 _____ (Microsoft) C:\windows\SysWOW64\DShowRdpFilter.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\dot3api.dll
    2014-12-16 17:57 - 2010-11-20 04:17 - 01049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
    2014-12-16 17:57 - 2010-11-20 04:17 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
    2014-12-16 17:57 - 2010-11-20 04:17 - 00322048 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
    2014-12-16 17:57 - 2010-11-20 03:07 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
    2014-12-16 17:57 - 2010-11-20 03:05 - 00274944 _____ (Microsoft Corporation) C:\windows\system32\rdpdd.dll
    2014-12-16 17:57 - 2010-11-20 01:25 - 00753664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
    2014-12-16 17:57 - 2010-11-20 01:23 - 00261632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
    2014-12-16 17:57 - 2010-11-20 01:21 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
    2014-12-16 17:57 - 2010-11-04 18:20 - 00347904 _____ () C:\windows\system32\systemsf.ebd
    2014-12-16 17:57 - 2010-11-04 17:58 - 01130824 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
    2014-12-16 17:57 - 2010-11-04 17:58 - 00297808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscoree.dll
    2014-12-16 17:57 - 2010-11-04 17:58 - 00049488 _____ (Microsoft Corporation) C:\windows\SysWOW64\netfxperf.dll
    2014-12-16 17:57 - 2010-11-04 17:57 - 00444752 _____ (Microsoft Corporation) C:\windows\system32\mscoree.dll
    2014-12-16 17:57 - 2010-11-04 17:53 - 00320352 _____ (Microsoft Corporation) C:\windows\system32\PresentationHost.exe
    2014-12-16 17:57 - 2010-11-04 17:53 - 00295264 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationHost.exe
    2014-12-16 17:57 - 2010-11-04 17:53 - 00109928 _____ (Microsoft Corporation) C:\windows\system32\PresentationHostProxy.dll
    2014-12-16 17:57 - 2010-11-04 17:53 - 00099176 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationHostProxy.dll
    2014-12-16 17:57 - 2009-07-13 17:16 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\tcpmonui.dll
    2014-12-16 17:56 - 2010-11-20 05:44 - 01077248 _____ (Microsoft Corporation) C:\windows\system32\Narrator.exe
    2014-12-16 17:56 - 2010-11-20 05:44 - 00133632 _____ (Microsoft Corporation) C:\windows\system32\NAPHLPR.DLL
    2014-12-16 17:56 - 2010-11-20 05:34 - 00363392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgrx.sys
    2014-12-16 17:56 - 2010-11-20 05:34 - 00295808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
    2014-12-16 17:56 - 2010-11-20 05:34 - 00071552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgr.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00366976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00289664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fltMgr.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00263040 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
    2014-12-16 17:56 - 2010-11-20 05:33 - 00213888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdyboost.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00184704 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00171392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scsiport.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00155008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpio.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00140672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msdsm.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00103808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sbp2port.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00094592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00078720 _____ (Hewlett-Packard Company) C:\windows\system32\Drivers\HpSAMD.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00063360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\termdd.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00031104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msahci.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00014720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hwpolicy.sys
    2014-12-16 17:56 - 2010-11-20 05:32 - 02217856 _____ (Microsoft Corporation) C:\windows\system32\bootres.dll
    2014-12-16 17:56 - 2010-11-20 05:32 - 00334208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\acpi.sys
    2014-12-16 17:56 - 2010-11-20 05:32 - 00179072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
    2014-12-16 17:56 - 2010-11-20 05:32 - 00155520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
    2014-12-16 17:56 - 2010-11-20 05:32 - 00112000 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
    2014-12-16 17:56 - 2010-11-20 05:29 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
    2014-12-16 17:56 - 2010-11-20 05:28 - 00780008 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
    2014-12-16 17:56 - 2010-11-20 05:28 - 00298104 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
    2014-12-16 17:56 - 2010-11-20 05:28 - 00166784 _____ (Microsoft Corporation) C:\windows\system32\basecsp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 02851840 _____ (Microsoft Corporation) C:\windows\system32\themeui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 02262528 _____ (Microsoft Corporation) C:\windows\system32\SyncCenter.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 02250752 _____ (Microsoft Corporation) C:\windows\system32\SensorsCpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 02193920 _____ (Microsoft Corporation) C:\windows\system32\themecpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 02146816 _____ (Microsoft Corporation) C:\windows\system32\networkmap.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 02072576 _____ (Microsoft Corporation) C:\windows\system32\WMPEncEn.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01689600 _____ (Microsoft Corporation) C:\windows\system32\netcenter.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01672704 _____ (Microsoft Corporation) C:\windows\system32\networkexplorer.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01441280 _____ (Microsoft Corporation) C:\windows\system32\wlanpref.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01389056 _____ (Microsoft Corporation) C:\windows\system32\pla.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01363968 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01243136 _____ (Microsoft Corporation) C:\windows\system32\WMNetMgr.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
    2014-12-16 17:56 - 2010-11-20 05:27 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\sdengin2.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01082880 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01050624 _____ (Microsoft Corporation) C:\windows\system32\printui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01024512 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00933888 _____ (Microsoft Corporation) C:\windows\system32\sqlsrv32.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00898560 _____ (Microsoft Corporation) C:\windows\system32\OobeFldr.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00812032 _____ (Microsoft Corporation) C:\windows\system32\wpccpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00799744 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00781312 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\sud.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\sdcpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00691200 _____ (Microsoft Corporation) C:\windows\system32\VAN.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\PerfCenterCPL.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00633344 _____ (Microsoft Corporation) C:\windows\system32\riched20.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00625664 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00625664 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00611840 _____ (Microsoft Corporation) C:\windows\system32\wpd_ci.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00605696 _____ (Microsoft Corporation) C:\windows\system32\wmpeffects.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\wiaservc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\mspbda.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\msdri.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\WinSATAPI.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00486400 _____ (Microsoft Corporation) C:\windows\system32\powercpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\wlangpui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\wiadefui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\nshipsec.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00451072 _____ (Microsoft Corporation) C:\windows\system32\shwebsvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00446976 _____ (Microsoft Corporation) C:\windows\system32\sqlcese30.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00445952 _____ (Microsoft Corporation) C:\windows\system32\spwizeng.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00421888 _____ (Microsoft Corporation) C:\windows\system32\termmgr.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\systemcpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00418816 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00416256 _____ (Microsoft Corporation) C:\windows\system32\prnfldr.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\wlanui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00409600 _____ (Microsoft Corporation) C:\windows\system32\photowiz.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00403968 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00372736 _____ (Microsoft Corporation) C:\windows\system32\mtxclu.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\shsvcs.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00367104 _____ (Microsoft Corporation) C:\windows\system32\wcncsvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00366080 _____ (Microsoft Corporation) C:\windows\system32\zipfldr.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00357888 _____ (Microsoft Corporation) C:\windows\system32\sharemediacpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00344576 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\srchadmin.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\netdiagfx.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\tapisrv.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00313856 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\scansetting.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00300032 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00270848 _____ (Microsoft Corporation) C:\windows\system32\srrstr.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00268288 _____ (Microsoft Corporation) C:\windows\system32\MSAC3ENC.DLL
    2014-12-16 17:56 - 2010-11-20 05:27 - 00264192 _____ (Microsoft Corporation) C:\windows\system32\upnp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00263168 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00257024 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\wavemsp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\tcpipcfg.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00244224 _____ (Microsoft Corporation) C:\windows\system32\spp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\taskbarcpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00236032 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\onex.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00232960 _____ (Microsoft Corporation) C:\windows\system32\scecli.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00232448 _____ (Microsoft Corporation) C:\windows\system32\sppcomapi.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\XpsRasterService.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\SndVolSSO.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\wmpsrcwp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\QSHVHOST.DLL
    2014-12-16 17:56 - 2010-11-20 05:27 - 00222720 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00221696 _____ (Microsoft Corporation) C:\windows\system32\OnLineIDCpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00217600 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\netiohlp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\rasppp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00207360 _____ (Microsoft Corporation) C:\windows\system32\sysclass.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00200192 _____ (Microsoft Corporation) C:\windows\system32\syncui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00196608 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00193024 _____ (Microsoft Corporation) C:\windows\system32\netplwiz.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00188928 _____ (Microsoft Corporation) C:\windows\system32\netjoin.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\provsvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00185856 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\prncache.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\twext.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00170496 _____ (Microsoft Corporation) C:\windows\system32\sdrsvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00165376 _____ (Microsoft Corporation) C:\windows\system32\netid.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00161792 _____ (Microsoft Corporation) C:\windows\system32\ocsetapi.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\prntvpt.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00154624 _____ (Microsoft Corporation) C:\windows\system32\uxlib.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00153088 _____ (Microsoft Corporation) C:\windows\system32\remotepg.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00148992 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\recovery.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\shsetup.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\ntlanman.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\srvcli.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\wkssvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00115200 _____ (Microsoft Corporation) C:\windows\system32\WPDShServiceObj.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\thumbcache.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\userenv.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\QUTIL.DLL
    2014-12-16 17:56 - 2010-11-20 05:27 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\sppnp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00095232 _____ (Microsoft Corporation) C:\windows\system32\regapi.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\TabSvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\nci.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\UserAccountControlSettings.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\wkscli.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\rdpd3d.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\samcli.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\ncryptui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\RpcRtRemote.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\wscapi.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00046592 _____ (Microsoft Corporation) C:\windows\system32\msasn1.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00040960 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\vpnikeapi.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\msvidc32.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\sisbkup.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\slwga.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 01457664 _____ (Microsoft Corporation) C:\windows\system32\DxpTaskSync.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\DiagCpl.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 01066496 _____ (Microsoft Corporation) C:\windows\system32\Display.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00934912 _____ (Microsoft Corporation) C:\windows\system32\FirewallControlPanel.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00861184 _____ (Microsoft Corporation) C:\windows\system32\fontext.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00701440 _____ (Microsoft Corporation) C:\windows\system32\dsuiext.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00675328 _____ (Microsoft Corporation) C:\windows\system32\DXPTaskRingtone.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00630272 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00551936 _____ (Microsoft Corporation) C:\windows\system32\localsec.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00508928 _____ (Microsoft Corporation) C:\windows\system32\DeviceCenter.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\imapi2.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
    2014-12-16 17:56 - 2010-11-20 05:26 - 00495104 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00459776 _____ (Microsoft Corporation) C:\windows\system32\DXP.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00403968 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00355328 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00348160 _____ (Microsoft Corporation) C:\windows\system32\eapp3hst.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\MediaMetadataHandler.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00332288 _____ (Microsoft Corporation) C:\windows\system32\hgcpl.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\efscore.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\eapphost.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00282624 _____ (Microsoft Corporation) C:\windows\system32\iTVData.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00281088 _____ (Microsoft Corporation) C:\windows\system32\iprtrmgr.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00279552 _____ (Microsoft Corporation) C:\windows\system32\dxdiagn.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\framedyn.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00257024 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\dot3svc.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00240640 _____ (Microsoft Corporation) C:\windows\system32\MFPlay.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00239616 _____ (Microsoft Corporation) C:\windows\system32\dskquoui.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00233984 _____ (Microsoft Corporation) C:\windows\system32\defaultlocationcpl.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00232448 _____ (Microsoft Corporation) C:\windows\system32\ListSvc.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\DevicePairingFolder.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\mprapi.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00217088 _____ (Microsoft Corporation) C:\windows\system32\iasrad.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\mprddm.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\logoncli.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\fde.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00166912 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00162816 _____ (Microsoft Corporation) C:\windows\system32\dps.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00145920 _____ (Microsoft Corporation) C:\windows\system32\IPHLPAPI.DLL
    2014-12-16 17:56 - 2010-11-20 05:26 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\dwmredir.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\dnscmmc.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00116224 _____ (Windows (R) Codename Longhorn DDK provider) C:\windows\system32\fms.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\iasacct.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\dot3api.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\hbaapi.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\fdeploy.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\dot3cfg.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\iyuv_32.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\lsmproxy.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\httpapi.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\mimefilt.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 03745792 _____ (Microsoft Corporation) C:\windows\system32\accessibilitycpl.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 03524608 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 01264640 _____ (Microsoft Corporation) C:\windows\system32\sdclt.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 01065984 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00780800 _____ (Microsoft Corporation) C:\windows\system32\ActionCenter.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00749568 _____ (Microsoft Corporation) C:\windows\system32\batmeter.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\AuxiliaryDisplayCpl.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00549888 _____ (Microsoft Corporation) C:\windows\system32\ActionCenterCPL.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00533504 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\biocpl.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00472064 _____ (Microsoft Corporation) C:\windows\system32\azroleui.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00412160 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\wisptis.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00349696 _____ (Microsoft Corporation) C:\windows\system32\slui.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00314368 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\schtasks.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\sethc.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00273920 _____ (Microsoft Corporation) C:\windows\system32\SndVol.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00257024 _____ (Microsoft Corporation) C:\windows\system32\taskmgr.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00238080 _____ (Microsoft Corporation) C:\windows\system32\recdisc.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00186368 _____ (Microsoft Corporation) C:\windows\system32\ocsetup.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00168448 _____ (Microsoft Corporation) C:\windows\system32\bcdsrv.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00155136 _____ (Microsoft Corporation) C:\windows\system32\autoplay.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\cabview.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\AuxiliaryDisplayServices.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00128000 _____ (Microsoft) C:\windows\system32\Robocopy.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\AxInstSv.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\nslookup.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00095232 _____ (Microsoft Corporation) C:\windows\system32\cca.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\cabinet.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\setupcl.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00080384 _____ (Microsoft Corporation) C:\windows\system32\certprop.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00058368 _____ (Microsoft Corporation) C:\windows\system32\tzutil.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\acppage.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\proquota.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\userinit.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
    2014-12-16 17:56 - 2010-11-20 05:24 - 00957440 _____ (Microsoft Corporation) C:\windows\system32\mblctr.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00850944 _____ (Microsoft Corporation) C:\windows\system32\mmsys.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00793088 _____ (Microsoft Corporation) C:\windows\system32\autoconv.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00777728 _____ (Microsoft Corporation) C:\windows\system32\autochk.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00763904 _____ (Microsoft Corporation) C:\windows\system32\autofmt.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\appwiz.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\bthprops.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\FXSSVC.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\TabletPC.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00606208 _____ (Microsoft Corporation) C:\windows\system32\dfrgui.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00477696 _____ (Microsoft Corporation) C:\windows\system32\PhotoScreensaver.scr
    2014-12-16 17:56 - 2010-11-20 05:24 - 00474112 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx
    2014-12-16 17:56 - 2010-11-20 05:24 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
    2014-12-16 17:56 - 2010-11-20 05:24 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\msinfo32.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00373248 _____ (Microsoft Corporation) C:\windows\system32\intl.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00359936 _____ (Microsoft Corporation) C:\windows\system32\eudcedit.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00352768 _____ (Microsoft Corporation) C:\windows\system32\sysdm.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00333824 _____ (Microsoft Corporation) C:\windows\system32\ssText3d.scr
    2014-12-16 17:56 - 2010-11-20 05:24 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\unimdm.tsp
    2014-12-16 17:56 - 2010-11-20 05:24 - 00300032 _____ (Microsoft Corporation) C:\windows\system32\msconfig.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
    2014-12-16 17:56 - 2010-11-20 05:24 - 00217088 _____ (Microsoft Corporation) C:\windows\system32\wdmaud.drv
    2014-12-16 17:56 - 2010-11-20 05:24 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\VBICodec.ax
    2014-12-16 17:56 - 2010-11-20 05:24 - 00175616 _____ (Microsoft Corporation) C:\windows\system32\bcdboot.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00122880 _____ (Microsoft Corporation) C:\windows\system32\aitagent.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\kstvtune.ax
    2014-12-16 17:56 - 2010-11-20 05:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\WSTPager.ax
    2014-12-16 17:56 - 2010-11-20 05:24 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\isoburn.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\ksxbar.ax
    2014-12-16 17:56 - 2010-11-20 04:55 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
    2014-12-16 17:56 - 2010-11-20 04:51 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
    2014-12-16 17:56 - 2010-11-20 04:36 - 00107008 _____ (Microsoft Corporation) C:\windows\SysWOW64\NAPHLPR.DLL
    2014-12-16 17:56 - 2010-11-20 04:23 - 00144768 _____ (Microsoft Corporation) C:\windows\SysWOW64\basecsp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 02983424 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIRibbon.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 02755072 _____ (Microsoft Corporation) C:\windows\SysWOW64\themeui.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 02202624 _____ (Microsoft Corporation) C:\windows\SysWOW64\SensorsCpl.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 02157568 _____ (Microsoft Corporation) C:\windows\SysWOW64\themecpl.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 02146304 _____ (Microsoft Corporation) C:\windows\SysWOW64\SyncCenter.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 01712640 _____ (Microsoft Corporation) C:\windows\SysWOW64\xpsservices.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 01624064 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPEncEn.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 01326592 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanpref.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 01227776 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 01003008 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMNetMgr.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00933376 _____ (Microsoft Corporation) C:\windows\SysWOW64\Vault.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00782336 _____ (Microsoft Corporation) C:\windows\SysWOW64\webservices.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00778240 _____ (Microsoft Corporation) C:\windows\SysWOW64\sqlsrv32.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00755200 _____ (Microsoft Corporation) C:\windows\SysWOW64\sud.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00738816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00638976 _____ (Microsoft Corporation) C:\windows\SysWOW64\VAN.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00600064 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00560128 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00473600 _____ (Microsoft Corporation) C:\windows\SysWOW64\riched20.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00458752 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00428544 _____ (Microsoft Corporation) C:\windows\SysWOW64\shwebsvc.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00416768 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiadefui.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00411648 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlangpui.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00410624 _____ (Microsoft Corporation) C:\windows\SysWOW64\systemcpl.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00410112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanui.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00380416 _____ (Microsoft Corporation) C:\windows\SysWOW64\sxs.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00372224 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\termmgr.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwizeng.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00352256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpeffects.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00350208 _____ (Microsoft Corporation) C:\windows\SysWOW64\shlwapi.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00346624 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00335872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSATAPI.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00328192 _____ (Microsoft Corporation) C:\windows\SysWOW64\shsvcs.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00327680 _____ (Microsoft Corporation) C:\windows\SysWOW64\zipfldr.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00307712 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskcomp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\srchadmin.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00276992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wcncsvc.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00246272 _____ (Microsoft Corporation) C:\windows\SysWOW64\scansetting.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00242176 _____ (Microsoft Corporation) C:\windows\SysWOW64\tapisrv.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00228352 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00222208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wavemsp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVolSSO.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00204800 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppcomapi.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpsrcwp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00181760 _____ (Microsoft Corporation) C:\windows\SysWOW64\tcpipcfg.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00176640 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasppp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00175616 _____ (Microsoft Corporation) C:\windows\SysWOW64\scecli.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00172544 _____ (Microsoft Corporation) C:\windows\SysWOW64\spp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\syncui.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00152064 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00135168 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsRasterService.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00134656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00113664 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00111104 _____ (Microsoft Corporation) C:\windows\SysWOW64\shsetup.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\thumbcache.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\userenv.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00072192 _____ (Microsoft Corporation) C:\windows\SysWOW64\regapi.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\samcli.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\RpcRtRemote.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00037376 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00019456 _____ (Microsoft Corporation) C:\windows\SysWOW64\sisbkup.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 02504192 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVCORE.DLL
    2014-12-16 17:56 - 2010-11-20 04:20 - 02494464 _____ (Microsoft Corporation) C:\windows\SysWOW64\netshell.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 02130944 _____ (Microsoft Corporation) C:\windows\SysWOW64\networkmap.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 01750528 _____ (Microsoft Corporation) C:\windows\SysWOW64\pnidui.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 01644032 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcenter.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 01508864 _____ (Microsoft Corporation) C:\windows\SysWOW64\pla.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\propsys.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00932352 _____ (Microsoft Corporation) C:\windows\SysWOW64\printui.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00859648 _____ (Microsoft Corporation) C:\windows\SysWOW64\OobeFldr.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00801280 _____ (Microsoft Corporation) C:\windows\SysWOW64\NaturalLanguage6.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00656384 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00600576 _____ (Microsoft Corporation) C:\windows\SysWOW64\PerfCenterCPL.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00547840 _____ (Microsoft Corporation) C:\windows\SysWOW64\PortableDeviceApi.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00441856 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercpl.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00395264 _____ (Microsoft Corporation) C:\windows\SysWOW64\prnfldr.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00346112 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshipsec.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00324608 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00297472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00295424 _____ (Microsoft Corporation) C:\windows\SysWOW64\photowiz.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00225792 _____ (Microsoft Corporation) C:\windows\SysWOW64\netdiagfx.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00218112 _____ (Microsoft Corporation) C:\windows\SysWOW64\OnLineIDCpl.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\onex.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00175616 _____ (Microsoft Corporation) C:\windows\SysWOW64\netplwiz.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\QAGENT.DLL
    2014-12-16 17:56 - 2010-11-20 04:20 - 00167936 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSHVHOST.DLL
    2014-12-16 17:56 - 2010-11-20 04:20 - 00166400 _____ (Microsoft Corporation) C:\windows\SysWOW64\netiohlp.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\netjoin.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00152064 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00120320 _____ (Microsoft Corporation) C:\windows\SysWOW64\prntvpt.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\netid.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\prncache.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00078848 _____ (Microsoft Corporation) C:\windows\SysWOW64\nci.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntlanman.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00856576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallControlPanel.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00830464 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
    2014-12-16 17:56 - 2010-11-20 04:19 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontext.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00732160 _____ (Microsoft Corporation) C:\windows\SysWOW64\imapi2fs.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00592384 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00488448 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00481792 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00429056 _____ (Microsoft Corporation) C:\windows\SysWOW64\localsec.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00400896 _____ (Microsoft Corporation) C:\windows\SysWOW64\ipsmsnap.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00392192 _____ (Microsoft Corporation) C:\windows\SysWOW64\imapi2.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxclu.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\hgcpl.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00296448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00271360 _____ (Microsoft Corporation) C:\windows\SysWOW64\iprtrmgr.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprddm.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00266752 _____ (Microsoft Corporation) C:\windows\SysWOW64\MediaMetadataHandler.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00232448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00226304 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSAC3ENC.DLL
    2014-12-16 17:56 - 2010-11-20 04:19 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
    2014-12-16 17:56 - 2010-11-20 04:19 - 00213504 _____ (Microsoft Corporation) C:\windows\SysWOW64\MMDevAPI.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedynos.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00202752 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedyn.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00196608 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasrad.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00167936 _____ (Microsoft Corporation) C:\windows\SysWOW64\msutb.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00148992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ifsutil.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\logoncli.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00124416 _____ (Microsoft Corporation) C:\windows\SysWOW64\fde.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\IPHLPAPI.DLL
    2014-12-16 17:56 - 2010-11-20 04:19 - 00101888 _____ (Microsoft Corporation) C:\windows\SysWOW64\migisol.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\windows\SysWOW64\fms.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00078848 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasacct.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00066560 _____ (Microsoft Corporation) C:\windows\SysWOW64\hbaapi.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\fdeploy.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00042496 _____ (Microsoft Corporation) C:\windows\SysWOW64\mimefilt.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\httpapi.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00034304 _____ (Microsoft Corporation) C:\windows\SysWOW64\msasn1.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 03727872 _____ (Microsoft Corporation) C:\windows\SysWOW64\accessibilitycpl.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 01792000 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 01555456 _____ (Microsoft Corporation) C:\windows\SysWOW64\certmgr.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 01400320 _____ (Microsoft Corporation) C:\windows\SysWOW64\DxpTaskSync.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 01040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Display.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 01003520 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00854016 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbghelp.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00762880 _____ (Microsoft Corporation) C:\windows\SysWOW64\azroles.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00744448 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenter.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00743424 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00740864 _____ (Microsoft Corporation) C:\windows\SysWOW64\batmeter.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00665600 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuxiliaryDisplayCpl.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00630784 _____ (Microsoft Corporation) C:\windows\SysWOW64\DXPTaskRingtone.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00537600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenterCPL.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00508416 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00484864 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceCenter.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00314368 _____ (Microsoft Corporation) C:\windows\SysWOW64\azroleui.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00222208 _____ (Microsoft Corporation) C:\windows\SysWOW64\eapphost.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\defaultlocationcpl.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00205312 _____ (Microsoft Corporation) C:\windows\SysWOW64\efscore.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00202752 _____ (Microsoft Corporation) C:\windows\SysWOW64\activeds.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00196608 _____ (Microsoft Corporation) C:\windows\SysWOW64\dskquoui.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsldp.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\autoplay.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00132608 _____ (Microsoft Corporation) C:\windows\SysWOW64\cabview.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnscmmc.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\dot3cfg.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
    2014-12-16 17:56 - 2010-11-20 04:17 - 00314880 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00314368 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVol.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00303104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msinfo32.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00302592 _____ (Microsoft Corporation) C:\windows\SysWOW64\cmd.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00288256 _____ (Microsoft Corporation) C:\windows\SysWOW64\eudcedit.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00270336 _____ (Microsoft Corporation) C:\windows\SysWOW64\sethc.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00227328 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskmgr.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\mcbuilder.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskeng.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\schtasks.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00142336 _____ (Microsoft Corporation) C:\windows\SysWOW64\net1.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00098816 _____ (Microsoft) C:\windows\SysWOW64\Robocopy.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\isoburn.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00066048 _____ (Microsoft Corporation) C:\windows\SysWOW64\w32tm.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00042496 _____ (Microsoft Corporation) C:\windows\SysWOW64\ftp.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\proquota.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\userinit.exe
    2014-12-16 17:56 - 2010-11-20 04:16 - 00905216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mmsys.cpl
    2014-12-16 17:56 - 2010-11-20 04:16 - 00776192 _____ (Microsoft Corporation) C:\windows\SysWOW64\calc.exe
    2014-12-16 17:56 - 2010-11-20 04:16 - 00692736 _____ (Microsoft Corporation) C:\windows\SysWOW64\bthprops.cpl
    2014-12-16 17:56 - 2010-11-20 04:16 - 00679424 _____ (Microsoft Corporation) C:\windows\SysWOW64\autoconv.exe
    2014-12-16 17:56 - 2010-11-20 04:16 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\autochk.exe
    2014-12-16 17:56 - 2010-11-20 04:16 - 00658944 _____ (Microsoft Corporation) C:\windows\SysWOW64\autofmt.exe
    2014-12-16 17:56 - 2010-11-20 04:16 - 00649216 _____ (Microsoft Corporation) C:\windows\SysWOW64\appwiz.cpl
    2014-12-16 17:56 - 2010-11-20 04:16 - 00516096 _____ (Microsoft Corporation) C:\windows\SysWOW64\main.cpl
    2014-12-16 17:56 - 2010-11-20 04:16 - 00413696 _____ (Microsoft Corporation) C:\windows\SysWOW64\PhotoScreensaver.scr
    2014-12-16 17:56 - 2010-11-20 04:16 - 00389632 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
    2014-12-16 17:56 - 2010-11-20 04:16 - 00345088 _____ (Microsoft Corporation) C:\windows\SysWOW64\intl.cpl
    2014-12-16 17:56 - 2010-11-20 04:16 - 00326656 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysdm.cpl
    2014-12-16 17:56 - 2010-11-20 04:16 - 00320000 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
    2014-12-16 17:56 - 2010-11-20 04:16 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
    2014-12-16 17:56 - 2010-11-20 04:16 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdmaud.drv
    2014-12-16 17:56 - 2010-11-20 04:16 - 00068608 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSTPager.ax
    2014-12-16 17:56 - 2010-11-20 04:08 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
    2014-12-16 17:56 - 2010-11-20 04:08 - 00311296 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
    2014-12-16 17:56 - 2010-11-20 03:04 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
    2014-12-16 17:56 - 2010-11-20 03:04 - 00039424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
    2014-12-16 17:56 - 2010-11-20 02:52 - 00164352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndiswan.sys
    2014-12-16 17:56 - 2010-11-20 02:52 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rasl2tp.sys
    2014-12-16 17:56 - 2010-11-20 02:52 - 00111104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\raspptp.sys
    2014-12-16 17:56 - 2010-11-20 02:52 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
    2014-12-16 17:56 - 2010-11-20 02:52 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ipfltdrv.sys
    2014-12-16 17:56 - 2010-11-20 02:52 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys
    2014-12-16 17:56 - 2010-11-20 02:44 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\1394ohci.sys
    2014-12-16 17:56 - 2010-11-20 02:44 - 00184960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
    2014-12-16 17:56 - 2010-11-20 02:43 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
    2014-12-16 17:56 - 2010-11-20 02:43 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\winusb.sys
    2014-12-16 17:56 - 2010-11-20 02:33 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
    2014-12-16 17:56 - 2010-11-20 01:37 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
    2014-12-16 17:56 - 2010-11-20 01:27 - 00309248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
    2014-12-16 17:56 - 2010-11-20 01:26 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
    2014-12-16 17:56 - 2010-11-20 01:26 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
    2014-12-16 17:56 - 2010-11-04 18:11 - 00433512 _____ (Microsoft Corporation) C:\windows\system32\MCEWMDRMNDBootstrap.dll
    2014-12-16 17:56 - 2010-11-04 18:11 - 00312168 _____ (Microsoft Corporation) C:\windows\SysWOW64\MCEWMDRMNDBootstrap.dll
    2014-12-16 17:56 - 2010-11-04 17:58 - 00155472 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
    2014-12-16 17:56 - 2010-11-04 17:58 - 00080720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
    2014-12-16 17:56 - 2010-11-04 17:57 - 00154960 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
    2014-12-16 17:55 - 2010-11-20 05:44 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\NAPCRYPT.DLL
    2014-12-16 17:55 - 2010-11-20 05:27 - 01911808 _____ (Microsoft Corporation) C:\windows\system32\OpcServices.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
    2014-12-16 17:55 - 2010-11-20 05:27 - 01080320 _____ (Microsoft Corporation) C:\windows\system32\onexui.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
    2014-12-16 17:55 - 2010-11-20 05:27 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
    2014-12-16 17:55 - 2010-11-20 05:27 - 00636416 _____ (Microsoft Corporation) C:\windows\system32\wmdrmdev.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00594432 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00527872 _____ (Microsoft Corporation) C:\windows\system32\wmdrmnet.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00435712 _____ (Microsoft Corporation) C:\windows\system32\PortableDeviceStatus.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00431104 _____ (Microsoft Corporation) C:\windows\system32\WPDSp.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00392192 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00358400 _____ (Microsoft Corporation) C:\windows\system32\wmpdxm.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00337920 _____ (Microsoft Corporation) C:\windows\system32\raschap.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\qdv.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00238080 _____ (Microsoft Corporation) C:\windows\system32\mstask.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\PortableDeviceSyncProvider.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\rdpencom.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\wpdwcn.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\vdsbas.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\qcap.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00145920 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00143360 _____ (Microsoft Corporation) C:\windows\system32\mydocs.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\shacct.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00132608 _____ (Microsoft Corporation) C:\windows\system32\wmpshell.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00124928 _____ (Microsoft Corporation) C:\windows\system32\wiavideo.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\QSVRMGMT.DLL
    2014-12-16 17:55 - 2010-11-20 05:27 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\QCLIPROV.DLL
    2014-12-16 17:55 - 2010-11-20 05:27 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\spbcd.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\tlscsp.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\unimdmat.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\napdsnap.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\vfwwdm32.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\wsnmp32.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\WavDest.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\vss_ps.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\umb.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\odbcconf.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\PrintIsolationProxy.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\wshbth.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\shimgvw.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\wdiasqmmodule.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\msdmo.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\netutils.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\shgina.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\wsdchngr.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\msyuv.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\schedcli.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\rdprefdrvapi.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00021504 _____ (Microsoft Corporation) C:\windows\system32\TRAPI.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\spopk.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\syssetup.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\muifontsetup.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\msrle32.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\nrpsrv.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\tsbyuv.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\wshirda.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\shunimpl.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\riched32.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\rdpcfgex.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
    2014-12-16 17:55 - 2010-11-20 05:27 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 01087488 _____ (Microsoft Corporation) C:\windows\system32\dbghelp.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00623104 _____ (Microsoft Corporation) C:\windows\system32\FXSAPI.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00434688 _____ (Microsoft Corporation) C:\windows\system32\FXSTIFF.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00313344 _____ (Microsoft Corporation) C:\windows\system32\dot3ui.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\iasrecst.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\itircl.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00180736 _____ (Microsoft Corporation) C:\windows\system32\ifsutil.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\EhStorAPI.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00121344 _____ (Microsoft Corporation) C:\windows\system32\fphc.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\eappgnui.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\dot3msm.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\KMSVC.DLL
    2014-12-16 17:55 - 2010-11-20 05:26 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\Mcx2Svc.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\fdProxy.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\inetmib1.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\luainstall.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\FXSMON.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\mciqtz32.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\iscsium.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\dsauth.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\HotStartUserAgent.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\elsTrans.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00840192 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00395776 _____ (Microsoft Corporation) C:\windows\system32\nltest.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00306688 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00294912 _____ (Microsoft Corporation) C:\windows\system32\WindowsAnytimeUpgradeResults.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00293888 _____ (Microsoft Corporation) C:\windows\system32\wsqmcons.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00213504 _____ (Microsoft Corporation) C:\windows\system32\ActionQueue.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\perfmon.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\net1.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00089088 _____ (Microsoft Corporation) C:\windows\system32\amstream.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\tabcal.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\CertPolEng.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\takeown.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\PnPUnattend.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\runonce.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\repair-bde.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\MultiDigiMon.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00046080 _____ (Microsoft Corporation) C:\windows\system32\cscapi.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\AzSqlExt.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\cscdll.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\bitsperf.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\BWUnpairElevated.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\browseui.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\C_ISCII.DLL
    2014-12-16 17:55 - 2010-11-20 05:25 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00899584 _____ (Microsoft Corporation) C:\windows\system32\Bubbles.scr
    2014-12-16 17:55 - 2010-11-20 05:24 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\main.cpl
    2014-12-16 17:55 - 2010-11-20 05:24 - 00363520 _____ (Microsoft Corporation) C:\windows\system32\diskraid.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00242688 _____ (Microsoft Corporation) C:\windows\system32\Mystify.scr
    2014-12-16 17:55 - 2010-11-20 05:24 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\Ribbons.scr
    2014-12-16 17:55 - 2010-11-20 05:24 - 00232448 _____ (Microsoft Corporation) C:\windows\system32\bitsadmin.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00166400 _____ (Microsoft Corporation) C:\windows\system32\diskpart.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\iscsicli.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\MdSched.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00133120 _____ (Microsoft Corporation) C:\windows\system32\Kswdmcap.ax
    2014-12-16 17:55 - 2010-11-20 05:24 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\desk.cpl
    2014-12-16 17:55 - 2010-11-20 05:24 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\mobsync.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\cmstp.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\manage-bde.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\findstr.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00071168 _____ (Microsoft Corporation) C:\windows\bfsvc.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\djoin.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\g711codc.ax
    2014-12-16 17:55 - 2010-11-20 05:24 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\ftp.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\vbisurf.ax
    2014-12-16 17:55 - 2010-11-20 05:24 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\choice.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\LogonUI.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\FXSUNATD.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
    2014-12-16 17:55 - 2010-11-20 05:16 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
    2014-12-16 17:55 - 2010-11-20 05:15 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\UIRibbonRes.dll
    2014-12-16 17:55 - 2010-11-20 05:14 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\spwizres.dll
    2014-12-16 17:55 - 2010-11-20 05:13 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\RDPENCDD.dll
    2014-12-16 17:55 - 2010-11-20 05:13 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
    2014-12-16 17:55 - 2010-11-20 05:12 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\pifmgr.dll
    2014-12-16 17:55 - 2010-11-20 05:02 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\IMJP10.IME
    2014-12-16 17:55 - 2010-11-20 05:02 - 00457216 _____ (Microsoft Corporation) C:\windows\system32\imkr80.ime
    2014-12-16 17:55 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDTUQ.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDTUF.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDSG.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\kbdlk41a.dll
    2014-12-16 17:55 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDGKL.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDCZ1.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDSF.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDPO.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDNEPR.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDINTAM.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDINBEN.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDGR1.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDUS.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDUGHR1.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTURME.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAJIK.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDMON.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDMAORI.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDLT1.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINTEL.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINORI.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINMAR.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINKAN.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINHIN.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBULG.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBLR.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDGEO.DLL
    2014-12-16 17:55 - 2010-11-20 04:54 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\BlbEvents.dll
    2014-12-16 17:55 - 2010-11-20 04:51 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-ums-l1-1-0.dll
    2014-12-16 17:55 - 2010-11-20 04:36 - 00046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\NAPCRYPT.DLL
    2014-12-16 17:55 - 2010-11-20 04:21 - 00902656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
    2014-12-16 17:55 - 2010-11-20 04:21 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
    2014-12-16 17:55 - 2010-11-20 04:21 - 00616960 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
    2014-12-16 17:55 - 2010-11-20 04:21 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmdev.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00444928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00436736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmnet.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00406528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wimgapi.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00350720 _____ (Microsoft Corporation) C:\windows\SysWOW64\WPDSp.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00318976 _____ (Microsoft Corporation) C:\windows\SysWOW64\raschap.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00318464 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\sqlcese30.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpdxm.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00198144 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdwcn.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdscore.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\sqmapi.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00186368 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpencom.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\vdsbas.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\remotepg.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\twext.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00144384 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpps.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00118784 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxlib.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00109568 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiavideo.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00108032 _____ (Microsoft Corporation) C:\windows\SysWOW64\shacct.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00105984 _____ (Microsoft Corporation) C:\windows\SysWOW64\WPDShServiceObj.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00105472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpshell.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppinst.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00090112 _____ (Microsoft Corporation) C:\windows\SysWOW64\srvcli.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00087552 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\QUTIL.DLL
    2014-12-16 17:55 - 2010-11-20 04:21 - 00078848 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserAccountControlSettings.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00071168 _____ (Microsoft Corporation) C:\windows\SysWOW64\resutils.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\tlscsp.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastapi.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00065024 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\spbcd.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\unimdmat.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vfwwdm32.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpd3d.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsnmp32.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00051200 _____ (Twain Working Group) C:\windows\twain_32.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\wkscli.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\wtsapi32.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshbth.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00035840 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimgvw.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00031744 _____ (Microsoft Corporation) C:\windows\SysWOW64\utildll.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\vpnikeapi.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsdchngr.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\TRAPI.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdprefdrvapi.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\shgina.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00019968 _____ (Microsoft Corporation) C:\windows\SysWOW64\spopk.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\schedcli.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\syssetup.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\slwga.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsbyuv.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00011264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshirda.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\shunimpl.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00008704 _____ (Microsoft Corporation) C:\windows\SysWOW64\riched32.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
    2014-12-16 17:55 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 01661440 _____ (Microsoft Corporation) C:\windows\SysWOW64\networkexplorer.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 01160192 _____ (Microsoft Corporation) C:\windows\SysWOW64\OpcServices.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 01111552 _____ (Microsoft Corporation) C:\windows\SysWOW64\onexui.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\PortableDeviceStatus.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00283136 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdv.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00236544 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdh.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00190976 _____ (Microsoft Corporation) C:\windows\SysWOW64\qcap.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00183296 _____ (Microsoft Corporation) C:\windows\SysWOW64\PortableDeviceSyncProvider.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00174592 _____ (Microsoft Corporation) C:\windows\SysWOW64\ocsetapi.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00165376 _____ (Microsoft Corporation) C:\windows\SysWOW64\provsvc.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00136192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mydocs.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00121344 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00099328 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSVRMGMT.DLL
    2014-12-16 17:55 - 2010-11-20 04:20 - 00090112 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\olethk32.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\QCLIPROV.DLL
    2014-12-16 17:55 - 2010-11-20 04:20 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\napdsnap.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00060928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptui.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdhui.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00040960 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcconf.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\netutils.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\perfts.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00219648 _____ (Microsoft Corporation) C:\windows\SysWOW64\iTVData.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00209920 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstask.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00202240 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFPlay.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprapi.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\itircl.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00122880 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasrecst.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00120320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvfw32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00098304 _____ (Microsoft Corporation) C:\windows\SysWOW64\fphc.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\mciavi32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00082944 _____ (Radius Inc.) C:\windows\SysWOW64\iccvid.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetmib1.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\iyuv_32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\luainstall.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mciqtz32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00031744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvidc32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdmo.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsium.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\msyuv.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\lsmproxy.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\muifontsetup.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrle32.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00685056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsuiext.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00402944 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00333824 _____ (Microsoft Corporation) C:\windows\SysWOW64\dot3ui.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00243712 _____ (Microsoft Corporation) C:\windows\SysWOW64\audiodev.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00242176 _____ (Microsoft Corporation) C:\windows\SysWOW64\eapp3hst.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00230912 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00211456 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairingFolder.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxdiagn.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00128512 _____ (Microsoft Corporation) C:\windows\SysWOW64\EhStorAPI.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00115200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dot3msm.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\eappgnui.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\avifil32.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\cabinet.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\amstream.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00066560 _____ (Microsoft Corporation) C:\windows\SysWOW64\cca.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00065024 _____ (Microsoft Corporation) C:\windows\SysWOW64\CertPolEng.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00045568 _____ (Microsoft Corporation) C:\windows\SysWOW64\acppage.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscapi.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsauth.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00028160 _____ (Microsoft Corporation) C:\windows\SysWOW64\AzSqlExt.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscdll.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\elsTrans.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00019456 _____ (Microsoft Corporation) C:\windows\SysWOW64\bitsperf.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00011264 _____ (Microsoft Corporation) C:\windows\SysWOW64\C_ISCII.DLL
    2014-12-16 17:55 - 2010-11-20 04:18 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\browseui.dll
    2014-12-16 17:55 - 2010-11-20 04:17 - 00586752 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfrgui.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00327680 _____ (Microsoft Corporation) C:\windows\SysWOW64\wimserv.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00280064 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00278016 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00276480 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskraid.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00209920 _____ (Microsoft Corporation) C:\windows\SysWOW64\PkgMgr.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00197632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ocsetup.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00157184 _____ (Microsoft Corporation) C:\windows\SysWOW64\perfmon.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00144896 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsicli.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00133632 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskpart.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00113152 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupugc.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00101376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mobsync.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00098304 _____ (Microsoft Corporation) C:\windows\SysWOW64\nslookup.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\logagent.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\cmstp.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\MuiUnattend.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00062976 _____ (Microsoft Corporation) C:\windows\SysWOW64\findstr.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\takeown.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\runonce.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzutil.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00034304 _____ (Microsoft Corporation) C:\windows\SysWOW64\unlodctr.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\netiougc.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00024064 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgentc.exe
    2014-12-16 17:55 - 2010-11-20 04:16 - 00878592 _____ (Microsoft Corporation) C:\windows\SysWOW64\Bubbles.scr
    2014-12-16 17:55 - 2010-11-20 04:16 - 00293888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ssText3d.scr
    2014-12-16 17:55 - 2010-11-20 04:16 - 00281088 _____ (Microsoft Corporation) C:\windows\SysWOW64\unimdm.tsp
    2014-12-16 17:55 - 2010-11-20 04:16 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\Mystify.scr
    2014-12-16 17:55 - 2010-11-20 04:16 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\Ribbons.scr
    2014-12-16 17:55 - 2010-11-20 04:16 - 00186368 _____ (Microsoft Corporation) C:\windows\SysWOW64\bitsadmin.exe
    2014-12-16 17:55 - 2010-11-20 04:16 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\VBICodec.ax
    2014-12-16 17:55 - 2010-11-20 04:16 - 00142336 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl
    2014-12-16 17:55 - 2010-11-20 04:16 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\desk.cpl
    2014-12-16 17:55 - 2010-11-20 04:16 - 00107008 _____ (Microsoft Corporation) C:\windows\SysWOW64\Kswdmcap.ax
    2014-12-16 17:55 - 2010-11-20 04:16 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\kstvtune.ax
    2014-12-16 17:55 - 2010-11-20 04:16 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksxbar.ax
    2014-12-16 17:55 - 2010-11-20 04:16 - 00045568 _____ (Microsoft Corporation) C:\windows\SysWOW64\g711codc.ax
    2014-12-16 17:55 - 2010-11-20 04:16 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbisurf.ax
    2014-12-16 17:55 - 2010-11-20 04:08 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00663040 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
    2014-12-16 17:55 - 2010-11-20 04:08 - 00119808 _____ (Microsoft Corporation) C:\windows\SysWOW64\imm32.dll
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTUQ.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTUF.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDSG.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdlk41a.dll
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDGR1.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDGKL.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDCZ1.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDSF.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDPO.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDNEPR.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINTAM.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINORI.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINMAR.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINKAN.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINHIN.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINBEN.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDUS.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDUGHR1.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTURME.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAJIK.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDMON.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDMAORI.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDLT1.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINTEL.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDGEO.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBULG.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBLR.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
    2014-12-16 17:55 - 2010-11-20 04:07 - 01164800 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIRibbonRes.dll
    2014-12-16 17:55 - 2010-11-20 04:07 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwizres.dll
    2014-12-16 17:55 - 2010-11-20 04:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
    2014-12-16 17:55 - 2010-11-20 04:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\pifmgr.dll
    2014-12-16 17:55 - 2010-11-20 04:00 - 01027584 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10.IME
    2014-12-16 17:55 - 2010-11-20 04:00 - 00430080 _____ (Microsoft Corporation) C:\windows\SysWOW64\imkr80.ime
    2014-12-16 17:55 - 2010-11-20 03:37 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbrpm.sys
    2014-12-16 17:55 - 2010-11-20 02:52 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pacer.sys
    2014-12-16 17:55 - 2010-11-20 02:51 - 00125440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tunnel.sys
    2014-12-16 17:55 - 2010-11-20 02:51 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
    2014-12-16 17:55 - 2010-11-20 02:50 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndisuio.sys
    2014-12-16 17:55 - 2010-11-20 02:49 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
    2014-12-16 17:55 - 2010-11-20 02:44 - 00350208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
    2014-12-16 17:55 - 2010-11-20 02:44 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\umbus.sys
    2014-12-16 17:55 - 2010-11-20 02:44 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBCAMD2.sys
    2014-12-16 17:55 - 2010-11-20 02:43 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
    2014-12-16 17:55 - 2010-11-20 02:43 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
    2014-12-16 17:55 - 2010-11-20 02:34 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sffp_sd.sys
    2014-12-16 17:55 - 2010-11-20 02:33 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\CompositeBus.sys
    2014-12-16 17:55 - 2010-11-20 02:33 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys
    2014-12-16 17:55 - 2010-11-20 02:14 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
    2014-12-16 17:55 - 2010-11-20 02:09 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scfilter.sys
    2014-12-16 17:55 - 2010-11-20 02:04 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
    2014-12-16 17:55 - 2010-11-20 01:49 - 00258048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
    2014-12-16 17:55 - 2010-11-20 01:30 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\acpipmi.sys
    2014-12-16 17:55 - 2010-11-20 01:26 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
    2014-12-16 17:55 - 2010-11-20 01:22 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdi.sys
    2014-12-16 17:55 - 2010-11-20 01:19 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cdrom.sys
    2014-12-16 17:55 - 2010-11-09 17:48 - 00010429 _____ () C:\windows\system32\ScavengeSpace.xml
    2014-12-16 17:55 - 2010-11-04 18:20 - 00105559 _____ () C:\windows\SysWOW64\RacRules.xml
    2014-12-16 17:55 - 2010-11-04 18:20 - 00105559 _____ () C:\windows\system32\RacRules.xml
    2014-12-16 17:55 - 2009-06-10 13:39 - 00001041 _____ () C:\windows\SysWOW64\tcpbidi.xml
    2014-12-16 17:54 - 2010-11-20 04:21 - 00363008 _____ (Microsoft Corporation) C:\windows\SysWOW64\wbemcomn.dll
    2014-12-16 17:54 - 2010-11-20 04:18 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvstore.dll
    2014-12-16 17:54 - 2010-11-20 04:18 - 00257024 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpx.dll
    2014-12-16 17:51 - 2010-11-20 05:27 - 00933376 _____ (Microsoft Corporation) C:\windows\system32\SmiEngine.dll
    2014-12-16 17:51 - 2010-11-20 05:27 - 00529408 _____ (Microsoft Corporation) C:\windows\system32\wbemcomn.dll
    2014-12-16 17:51 - 2010-11-20 05:27 - 00524288 _____ (Microsoft Corporation) C:\windows\system32\wmicmiplugin.dll
    2014-12-16 17:51 - 2010-11-20 05:27 - 00244736 _____ (Microsoft Corporation) C:\windows\system32\sqmapi.dll
    2014-12-16 17:51 - 2010-11-20 05:25 - 00199168 _____ (Microsoft Corporation) C:\windows\system32\PkgMgr.exe
    2014-12-16 17:50 - 2010-11-20 05:26 - 00422912 _____ (Microsoft Corporation) C:\windows\system32\drvstore.dll
    2014-12-16 17:50 - 2010-11-20 05:26 - 00399872 _____ (Microsoft Corporation) C:\windows\system32\dpx.dll
    2014-12-12 17:54 - 2014-12-12 17:54 - 00000000 ____D () C:\windows\system32\appraiser
    2014-12-10 07:15 - 2014-12-03 18:32 - 00741376 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
    2014-12-10 07:15 - 2014-12-03 18:32 - 00413184 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
    2014-12-10 07:15 - 2014-12-03 18:32 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
    2014-12-10 07:15 - 2014-12-03 18:31 - 00830976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
    2014-12-10 07:15 - 2014-12-01 15:21 - 01232040 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
    2014-12-07 10:20 - 2014-12-14 21:02 - 00000000 ____D () C:\Users\Hiddendemon666\Documents\New folder2
    2014-12-01 16:17 - 2014-12-17 17:43 - 02044514 ____N () C:\windows\WindowsUpdate.log

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-28 10:20 - 2010-08-26 16:43 - 00000000 ____D () C:\Users\Hiddendemon666\Desktop\Desktop!
    2014-12-28 10:19 - 2009-07-13 20:45 - 00016304 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-28 10:19 - 2009-07-13 20:45 - 00016304 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-28 07:31 - 2012-09-23 21:56 - 00000000 ____D () C:\FRST
    2014-12-28 07:31 - 2012-09-23 21:55 - 02123264 _____ (Farbar) C:\Users\Hiddendemon666\Desktop\FRST64.exe
    2014-12-28 07:29 - 2010-10-14 07:43 - 00000000 ____D () C:\ProgramData\MFAData
    2014-12-28 07:29 - 2009-07-13 21:13 - 00726444 _____ () C:\windows\system32\PerfStringBackup.INI
    2014-12-28 07:25 - 2014-11-23 07:21 - 00000000 ____D () C:\ProgramData\AVG2015
    2014-12-28 07:25 - 2014-06-25 19:41 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2014-12-21 09:30 - 2011-09-27 10:49 - 00000000 ____D () C:\Program Files (x86)\JAVA
    2014-12-18 08:22 - 2012-09-26 21:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-12-17 19:05 - 2010-09-10 18:38 - 00000000 ____D () C:\Users\Hiddendemon666\AppData\Roaming\Skype
    2014-12-17 17:32 - 2009-07-13 21:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
    2014-12-17 17:31 - 2012-04-01 16:05 - 00000374 _____ () C:\windows\system32\Drivers\etc\hosts.ics
    2014-12-17 17:30 - 2009-07-13 21:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
    2014-12-17 17:30 - 2009-07-13 20:45 - 00426160 _____ () C:\windows\system32\FNTCACHE.DAT
    2014-12-17 17:11 - 2009-07-13 23:45 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\DVD Maker
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
    2014-12-17 17:11 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\servicing
    2014-12-17 17:11 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\sppui
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\Setup
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\oobe
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\migwiz
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\manifeststore
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\AdvancedInstallers
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\sppui
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\Setup
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\oobe
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\migwiz
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\manifeststore
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\Dism
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
    2014-12-17 07:19 - 2009-07-13 18:36 - 00175616 _____ (Microsoft Corporation) C:\windows\system32\msclmd.dll
    2014-12-17 07:19 - 2009-07-13 18:36 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msclmd.dll
    2014-12-16 20:18 - 2010-04-08 18:21 - 00000000 ____D () C:\Program Files (x86)\Windows Live
    2014-12-16 19:49 - 2012-11-04 12:45 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
    2014-12-12 19:07 - 2012-11-04 12:45 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2014-12-12 19:07 - 2012-11-04 12:45 - 00003770 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
    2014-12-12 19:07 - 2011-10-29 10:11 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-12 19:07 - 2010-07-23 11:52 - 00000000 ____D () C:\Users\Hiddendemon666\AppData\Local\Adobe
    2014-12-12 17:54 - 2014-07-11 06:10 - 00000000 ___SD () C:\windows\system32\CompatTel
    2014-12-12 17:54 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\AppCompat
    2014-12-12 17:53 - 2010-09-10 18:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2014-12-12 17:53 - 2010-09-10 18:38 - 00000000 ____D () C:\ProgramData\Skype
    2014-12-11 07:15 - 2012-01-16 19:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-12-11 07:13 - 2013-07-21 10:51 - 00000000 ____D () C:\windows\system32\MRT
    2014-12-11 07:06 - 2010-07-26 20:27 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
    2014-12-09 19:09 - 2010-08-21 08:47 - 00000000 ____D () C:\Users\Hiddendemon666\AppData\Local\CrashDumps
    2014-12-07 09:27 - 2012-08-21 22:40 - 00000000 ____D () C:\Users\Hiddendemon666\AppData\Roaming\.minecraft
    2014-12-01 16:14 - 2010-08-02 12:59 - 00000000 ____D () C:\Program Files (x86)\AVG
    2014-12-01 16:12 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\NDF

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-01-15 21:31

    ==================== End Of Log ============================



    and the other one:

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
    Ran by Hiddendemon666 at 2014-12-28 07:32:54
    Running from C:\Users\Hiddendemon666\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
    Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.6) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
    Apple Application Support (HKLM-x32\...\{B3575D00-27EF-49C2-B9E0-14B3D954E992}) (Version: 1.5.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{439760BC-7737-4386-9B1D-A90A3E8A22EA}) (Version: 3.4.1.2 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ArcSoft Panorama Maker 4 (HKLM-x32\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version: - ArcSoft)
    AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
    CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    EPSON Easy Photo Print (HKLM-x32\...\{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}) (Version: 1.5.1.0 - SEIKO EPSON CORPORATION)
    EPSON WorkForce 30 Series Printer Uninstall (HKLM\...\EPSON WorkForce 30 Series) (Version: - SEIKO EPSON Corporation)
    HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
    Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{B90E5EBE-DF18-44D5-9D18-689ADEE9DA6C}) (Version: 13.01.1000 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
    Intel(R) Wireless Display (HKLM\...\{26F41FA3-3170-446B-A3A2-83F5FA26E6CD}) (Version: 1.1.8.0 - Intel Corporation)
    iTunes (HKLM\...\{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}) (Version: 10.4.1.10 - Apple Inc.)
    JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.44.1 - JMicron Technology Corp.)
    Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    Memeo AutoSync (HKLM-x32\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version: - Memeo Inc.)
    Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7876 - Memeo Inc.)
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
    Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Nikon Transfer (HKLM-x32\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.0.2 - Nikon)
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    QuickTime (HKLM-x32\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)
    Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.13.112.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
    runtime64 (Version: 1.0.0 - immunet) Hidden
    Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.41.1000 - SUPERAntiSpyware.com)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
    TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
    TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
    TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
    TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
    TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.2.07-A - TOSHIBA Corporation)
    TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
    TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
    TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
    TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.22C - TOSHIBA CORPORATION)
    TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.4 - TOSHIBA Corporation)
    TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
    TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
    TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
    TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
    TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
    TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
    TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
    TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
    TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.1.1 - TOSHIBA Corporation)
    TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
    TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.4.64 - TOSHIBA Corporation)
    TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
    ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
    Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
    Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VS10Runtime64 (Version: 1.0.0 - immunet) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
    WorkForce 30 Series Info Center (HKLM-x32\...\Silent Package Run-Time Sample) (Version: - )

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points =========================

    17-12-2014 07:02:53 Windows 7 Service Pack 1
    17-12-2014 17:38:24 Windows Update
    21-12-2014 09:29:13 Removed Java 7 Update 9
    28-12-2014 10:18:39 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 18:34 - 2014-12-22 14:54 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {023D69F8-59EB-4F7F-BC89-9603E0DB4D3C} - System32\Tasks\{7D9B48F3-AF0B-4E23-B302-4ED5CD53E215} => pcalua.exe -a C:\Users\HIDDEN~1\AppData\Local\Temp\InstallFlashPlayer.exe -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {1C0F9970-DCD7-4AC3-A2E1-86A16FE8D72F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {32739329-8CA1-4362-A51C-433E511000C0} - System32\Tasks\{107A5A71-982B-490B-8903-2A593E3DF21C} => Firefox.exe
    Task: {57318A18-A545-4D22-AEB7-8AC75E83F11D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
    Task: {5B20E57D-1445-43BC-B2C4-A554E75711C1} - System32\Tasks\{3C19006C-A61D-4B1A-BE70-2FCF94850A4D} => pcalua.exe -a C:\Users\Hiddendemon666\Downloads\OfficeSetup.exe -d C:\Users\Hiddendemon666\Downloads
    Task: {800B389D-3B6C-4E8E-9055-435F52E88C3C} - System32\Tasks\{6EBF066A-7424-4750-B52F-6234671EF89A} => Firefox.exe
    Task: {D45E2DE7-F705-4BAB-AABF-2A55AACF6F12} - System32\Tasks\{DCE4883E-838A-47F7-85F3-0E25ABA67F02} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
    Task: {F410E639-2FF5-432F-8E4E-8261555C1F85} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    Task: {F6D9B289-2360-48A8-A167-AA338140E0C1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {FDBBDE54-111B-4D49-96AB-9596ED276F50} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3092100664-2491022899-479283734-1000
    Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    ==================== Loaded Modules (whitelisted) =============

    2010-01-19 15:27 - 2010-01-19 15:27 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nikon Monitor.lnk => C:\windows\pss\Nikon Monitor.lnk.CommonStartup
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    MSCONFIG\startupreg: EPSON WorkForce 30 Series => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEEA.EXE /FU "C:\windows\TEMP\E_SC222.tmp" /EF "HKCU"
    MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: Memeo AutoSync => C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
    MSCONFIG\startupreg: Memeo Instant Backup => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
    MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
    MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
    MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-3092100664-2491022899-479283734-500 - Administrator - Disabled)
    Guest (S-1-5-21-3092100664-2491022899-479283734-501 - Limited - Disabled)
    Hiddendemon666 (S-1-5-21-3092100664-2491022899-479283734-1000 - Administrator - Enabled) => C:\Users\Hiddendemon666

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/28/2014 10:18:54 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


    Details:
    AddWin32ServiceFiles: Unable to back up image of service McAfee SiteAdvisor Service since QueryServiceConfig API failed

    System Error:
    The system cannot find the file specified.
    .

    Error: (12/22/2014 10:34:27 AM) (Source: Windows Backup) (EventID: 4104) (User: )
    Description: The backup was not successful. The error is: Windows Backup had to skip all the drives included in backup. Make sure that the drives are plugged in and working correctly. (0x810000FF).

    Error: (12/21/2014 09:29:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


    Details:
    AddWin32ServiceFiles: Unable to back up image of service McAfee SiteAdvisor Service since QueryServiceConfig API failed

    System Error:
    The system cannot find the file specified.
    .

    Error: (12/21/2014 09:20:08 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error: (12/17/2014 05:31:31 PM) (Source: ESENT) (EventID: 215) (User: )
    Description: WinMail (4592) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

    Error: (12/17/2014 05:31:24 PM) (Source: ESENT) (EventID: 215) (User: )
    Description: WinMail (4288) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description: The index cannot be initialized.


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: The application cannot be initialized.

    Context: Windows Application


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
    Description: The gatherer object cannot be initialized.

    Context: Windows Application, SystemIndex Catalog


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

    Context: Windows Application, SystemIndex Catalog


    Details:
    Element not found. (HRESULT : 0x80070490) (0x80070490)


    System errors:
    =============
    Error: (12/28/2014 07:31:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x800703fa: Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939).

    Error: (12/28/2014 07:28:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2813430).

    Error: (12/28/2014 07:28:06 AM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/28/2014 07:27:44 AM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/28/2014 07:25:43 AM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume C:.

    Error: (12/28/2014 07:25:43 AM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/28/2014 07:25:43 AM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/28/2014 07:25:43 AM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/28/2014 07:25:43 AM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/28/2014 07:25:43 AM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.


    Microsoft Office Sessions:
    =========================
    Error: (12/28/2014 10:18:54 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description:
    Details:
    AddWin32ServiceFiles: Unable to back up image of service McAfee SiteAdvisor Service since QueryServiceConfig API failed

    System Error:
    The system cannot find the file specified.

    Error: (12/22/2014 10:34:27 AM) (Source: Windows Backup) (EventID: 4104) (User: )
    Description: Windows Backup had to skip all the drives included in backup. Make sure that the drives are plugged in and working correctly. (0x810000FF)

    Error: (12/21/2014 09:29:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description:
    Details:
    AddWin32ServiceFiles: Unable to back up image of service McAfee SiteAdvisor Service since QueryServiceConfig API failed

    System Error:
    The system cannot find the file specified.

    Error: (12/21/2014 09:20:08 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Hiddendemon666\Downloads\esetsmartinstaller_enu.exe

    Error: (12/17/2014 05:31:31 PM) (Source: ESENT) (EventID: 215) (User: )
    Description: WinMail4592WindowsMail0:

    Error: (12/17/2014 05:31:24 PM) (Source: ESENT) (EventID: 215) (User: )
    Description: WinMail4288WindowsMail0:

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description:
    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: Context: Windows Application


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
    Description: Context: Windows Application, SystemIndex Catalog


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: Context: Windows Application, SystemIndex Catalog


    Details:
    Element not found. (HRESULT : 0x80070490) (0x80070490)
    Search.TripoliIndexer


    CodeIntegrity Errors:
    ===================================
    Date: 2014-12-22 14:53:12.077
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-12-22 14:53:11.905
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
    Percentage of memory in use: 65%
    Total physical RAM: 3890.67 MB
    Available physical RAM: 1324.34 MB
    Total Pagefile: 7779.53 MB
    Available Pagefile: 4429.7 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB

    ==================== Drives ================================

    Drive c: (TI105835W0G) (Fixed) (Total:453.83 GB) (Free:347.48 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 1786ECE7)
    Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
    Partition 2: (Not Active) - (Size=453.8 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=10.5 GB) - (Type=17)

    ==================== End Of Log ============================

  4. #14
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,181
    Points
    1308

    Default

    Hello,

    When you get a chance a few more scans.

    Please download aswMBR ( 511KB ) to your desktop.
    • Double click the aswMBR.exe icon to run it
    • Click the Scan button to start the scan
    • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.


    Next

    • Download RogueKiller on the desktop
    • Close all the running processes
    • Under Vista/Seven, right click -> Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • When prompted, Click Scan
    • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again
    Last edited by zep516; 12-28-2014 at 11:48 AM.

  5. #15
    Member
    Join Date
    Mar 2011
    Posts
    113
    Points
    10

    Default

    Asw results:

    aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
    Run date: 2014-12-28 12:04:37
    -----------------------------
    12:04:37.339 OS Version: Windows x64 6.1.7601 Service Pack 1
    12:04:37.340 Number of processors: 4 586 0x2502
    12:04:37.341 ComputerName: GLENN UserName:
    12:04:43.267 Initialize success
    12:04:43.321 VM: initialized successfully
    12:04:43.322 VM: Intel CPU supported
    12:04:48.218 VM: supported disk I/O iaStor.sys
    12:04:57.480 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    12:04:57.489 Disk 0 Vendor: ST950042 0001 Size: 476940MB BusType: 3
    12:04:57.847 VM: Disk 0 MBR read successfully
    12:04:57.853 Disk 0 MBR scan
    12:04:57.891 Disk 0 Windows VISTA default MBR code
    12:04:57.912 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
    12:04:57.942 Disk 0 default boot code
    12:04:57.972 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 464726 MB offset 3074048
    12:04:58.020 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10713 MB offset 954832896
    12:04:58.675 Disk 0 scanning C:\windows\system32\drivers
    12:05:11.681 Service scanning
    12:05:37.391 Modules scanning
    12:05:37.406 Disk 0 trace - called modules:
    12:05:37.456 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys
    12:05:37.461 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c86060]
    12:05:37.467 3 CLASSPNP.SYS[fffff88001a1743f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8004c85060]
    12:05:37.471 Disk 0 statistics 92912/0/22 @ 4.08 MB/s
    12:05:37.514 Scan finished successfully
    12:08:17.918 Disk 0 MBR has been saved successfully to "C:\Users\Hiddendemon666\Desktop\MBR.dat"
    12:08:17.933 The log file has been saved successfully to "C:\Users\Hiddendemon666\Desktop\aswMBR.txt"


    Rouge results :

    RogueKiller V10.1.1.0 [Dec 23 2014] by Adlice Software
    mail : Contact
    Feedback : Adlice forum
    Website : RogueKiller download
    Blog : Adlice Software - malware analysis

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Hiddendemon666 [Administrator]
    Mode : Scan -- Date : 12/28/2014 12:26:24

    Processes : 0

    Registry : 24
    [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | vProt : "C:\Program Files (x86)\AVG Secure Search\vprot.exe" -> Found
    [Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BridgeMP (system32\DRIVERS\bridge.sys) -> Found
    [Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme (\??\C:\ComboFix\catchme.sys) -> Found
    [PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\vToolbarUpdater18.1.9 (C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe) -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aswMBR (\??\C:\Users\HIDDEN~1\AppData\Local\Temp\aswMBR.sys) -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aswVmm (\??\C:\Users\HIDDEN~1\AppData\Local\Temp\aswVmm.sys) -> Found
    [PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vToolbarUpdater18.1.9 (C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe) -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMBR (\??\C:\Users\HIDDEN~1\AppData\Local\Temp\aswMBR.sys) -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswVmm (\??\C:\Users\HIDDEN~1\AppData\Local\Temp\aswVmm.sys) -> Found
    [PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\vToolbarUpdater18.1.9 (C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe) -> Found
    [PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir...=ie&ar=msnhome -> Found
    [PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir...=ie&ar=msnhome -> Found
    [PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir...=ie&ar=msnhome -> Found
    [PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir...=ie&ar=msnhome -> Found
    [PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir...ie&ar=iesearch -> Found
    [PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir...ie&ar=iesearch -> Found
    [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3092100664-2491022899-479283734-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir...ie&ar=iesearch -> Found
    [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3092100664-2491022899-479283734-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir...ie&ar=iesearch -> Found
    [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir...ie&ar=iesearch -> Found
    [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir...ie&ar=iesearch -> Found
    [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
    [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
    [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
    [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found

    Tasks : 0

    Files : 0

    Hosts File : 1
    [C:\windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

    Antirootkit : 0 (Driver: Not loaded [0xc000036b])

    Web browsers : 1
    [PUP][FIREFX:Addon] 3sk6a3c7.default : AVG Security Toolbar [avg@toolbar] -> Found

    MBR Check :
    +++++ PhysicalDrive0: +++++
    --- User ---
    [MBR] 35cdcf2d6902b3140cbbf1e1c437dd83
    [BSP] ad3169145d5a5582624fdef33b7b7fca : HP MBR Code
    Partition table:
    0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 464726 MB
    2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 954832896 | Size: 10713 MB
    User = LL1 ... OK
    User = LL2 ... OK

  6. #16
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,181
    Points
    1308

    Default

    Hello,

    You may already have Malwarebytes installed, if so you will not have to download. So far looking good


    Please download Malwarebytes Anti-Malware to your desktop
    Install the progamme and select update
    Once it has updated select Settings > Detection and Protection
    Tick Scan for rootkits



    Go back to the Dashboard and select Scan Now



    If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.





    On completion of the scan (or after the reboot) select View Detailed Log
    Select Export > Select text file and save to the desktop

    Post that log

    If you have trouble getting the Malwarebytes log you can get this way too:

    • After the restart once you are back at your desktop, open MBAM once more.[/*]
    • Click on the History tab > Application Logs.[/*]
    • Double click on the Scan Log which shows the Date and time of the scan just performed.[/*]
    • Click 'Export'.[/*]
    • Click 'Text file (*.txt)'[/*]
    • In the Save File dialog box which appears, click on Desktop.[/*]
    • In the File name: box type a name for your scan log.[/*]
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".[/*]
    • Click Ok[/*]
    • post that saved log to your next reply.[/*]

  7. #17
    Member
    Join Date
    Mar 2011
    Posts
    113
    Points
    10

    Default

    Malwarebytes Anti-Malware
    Malwarebytes | Free Anti-Malware & Internet Security Software

    Scan Date: 12/28/2014
    Scan Time: 3:55:13 PM
    Logfile: malwayre..txt
    Administrator: Yes

    Version: 2.00.4.1028
    Malware Database: v2014.12.28.08
    Rootkit Database: v2014.12.23.02
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Hiddendemon666

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 345687
    Time Elapsed: 31 min, 53 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Warn
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

  8. #18
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,181
    Points
    1308

    Default

    Yea! Clean...

    When time permits....

    Next

    Please download AdwCleaner by Xplode onto your Desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the Report button and the report will open in Notepad.
    • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
    • Click on the Clean button follow the prompts.[/*]
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner


    Next

    Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.


    In your next reply post;

    • The AdwCleaner [SO].txt Log
    • The JRT.txt Log

  9. #19
    Member
    Join Date
    Mar 2011
    Posts
    113
    Points
    10

    Default

    I will do that tomorrow after work. : ) And any idea how to prevent from getting those in the future? Since my virus scans didn't even pick up on it? When I run malware in the future, should I make sure rootkit is checked?

Page 2 of 2 FirstFirst 12