Jump to content

Search the Community

Showing results for tags 'Malicious'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Is there is a way to block this malicious webpage? It pops up after I log in to Yahoo and am directed to the Yahoo home page. If I do not immediately leave the Yahoo home page, the attd zipped page appears. If I do not immediately close the tab, it locks the screen and I am unable to close the tab. I must power down the laptop and restart it to get rid of the page. This only happens upon logging in to Yahoo. (I don't know what would happen if I didn't log in to Yahoo and just visited the home page.) archive.zip
  2. Hello all, I have been reading through the forum and following the advice of the forum moderators I have decided to create my own topic. Earlier today I upgraded the free version of Malwarebytes to the 14-day premium version. Since the download has been completed, I have been getting non-stop warnings for websites blocked that are being detected as malicious. The ports are constantly changing, but the common theme is that they all come from the same IP address (37.48.125.112), are all outbound, and originate from svchost.exe I have downloaded and ran the programs listed here https://www.bleepingcomputer.com/virus-removal/fix-malicious-web-site-blocked-alert-from-svchost.exe/ but the updates are still occurring. I have also ran Farbar Recovery Scan Tool, and I have attached my FRST and Addition txt files to this post here. If there is anything else I need to add please let me know. FRST.txt Addition.txt
  3. Please help! I have an HP stream 11 and it suddenly had a message come up regarding malware?? I've tried everything I've read in forums for the last 24 and nothing had helped, it's just getting worse. I no longer I'm able to delete certain files because I don't have to permission. Malwarebytes keeps popping up with a message telling me that PUPs have blocked me from going to a site that I'm trying to go to to clean the virus. I have downloaded as many different malware removers as I can but my computer is becoming less and less usable. Please help!!! Also, every scanner/detector, comes back with a clean result as if nothing is wrong with it, but there's definitely something wrong!!!!
  4. I installed Malwarebytes to scan for potential viruses on my PC. Following that scan I had no issues shown on my system. However, I was placed on the Premium trial during which MAlwarebytes was using its active protection to detect and block access to "malicious sites". However, this blocked me from using many trusted services, including application like Teamspeak and Discord as well as seeming to block any and all use of game servers. I attempted to use the exclusion function to restore my access however that has yet to work. I also attempted to uninstall Malwarebytes, however the issue persisted. Since leaving the premium trial, I no longer get notifications that sites or ips have been blocked. However I was never given the specific IP or files that were deemed malicious. At this point, all I know is that my computer is still connected to the internet, I can still access normal websites, but most if not all of gaming related online functions are blocked off from my use. Games on Steam as well as Battlenet and Origin are being blocked. mb-check-results.zip
  5. Hi, I have the Malwarebytes Premium and scan my computer regularly. Unfortunately recently I seem to be getting the same results every time I scan. there are 8 threats, two of them are malicious and when I quarantine them only half are quarantined (never the malicious ones) and then I delete them. So firstly only half of them are quarantined and secondly when I scan again the exact same threats come up, even the ones that I quarantined and deleted. I am worried about what the malware are doing? My computer Defender keeps switching off too, wondering if it is all related.... Any help would be great, I have programmes on my computer I can't lose for my work. I have backed up all of my files on an external hard drive though. Thank you! .
  6. Hello everyone! I'm new to the forum and I'm here to seek help. I find Malewarebytes very useful because it successfully cured my Chrome problem so I registered for a premium version 3.1.2. Recently I logged in to my college's website to check for results through turnitin. I clicked on the link that led to it but then Malwarebytes didn't allow me to open it. Then I accidentally clicked the 'block pop-up website' option (or something) on the notification board and now I will never be able to see my results again. I tried browsing the forum to find the solution but everything is about managing exclusions, which didn't work. Can anyone help me with this? MANY THANKS!
  7. As requested by 1PW in Malware Removal for Windows on October 30, I am attaching FRST.txt and Addition.txt to this post. My Premium MalwarBytes has blocked on almost a daily basis Outbound websites which use various ports and either Skype or Firefox as the process. Attached are two of those bockages. My question is can I reduce or eliminate these outbound websites? FRST.txt Addition.txt
  8. My MalwareBytes Premium indicates daily blockages of outgoing malicious IPs using various ports and either Skype or Firefox as the process. Is there a way of eliminating these?
  9. I manage our church website and Malwarebytes is blocking access to it for two users that have Malwarebytes Anti-Malware installed. website is pilgrimspraise.com and IP is 74.220.215.58 Could you please investiage and remove it from the blocked list if it is clean. It was previously hosted on a different server and did have malicious content at that point. It has now been completely refreshed and I await your decision. Thank you.
  10. Hi, I was on www.geocities.ws just a day ago. I go back today and Malwarebytes' malicious website blocking is triggered. I can't view any page associated with the domain. Is this a false positive?
  11. Hello Guys, I'm receiving pop up message as shown below in my windows server 2012 machine. Logs : Detection, 5/31/2016 8:09 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 208.100.26.234, ns2.honeybot.us, 64571, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 8:10 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 94.242.206.221, 65180, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 8:10 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 94.242.206.221, 63706, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 8:10 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 94.242.206.36, 65180, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 8:10 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 94.242.206.36, 64807, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 8:10 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 94.242.206.36, 63706, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 8:11 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 94.242.206.221, 64807, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 9:04 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 148.81.111.111, sinkhole.cert.pl, 63902, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 9:04 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 148.81.111.111, sinkhole.cert.pl, 63902, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 9:05 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 148.81.111.111, sinkhole.cert.pl, 63306, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 9:13 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 49287, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 9:25 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, Domain, 89.145.103.61, ns2.gwesystems.com, 64752, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 9:25 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, Domain, 89.145.103.61, ns2.gwesystems.com, 64752, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 9:25 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, Domain, 89.145.103.61, ns2.gwesystems.com, 63713, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 9:29 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 65177, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 9:45 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 65089, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 9:47 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 64221, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 9:47 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 64019, Outbound, C:\Windows\System32\dns.exe, Update, 5/31/2016 9:51 AM, SYSTEM, PKSHQINF01, Scheduler, IP Database, 2016.5.27.3, 2016.5.30.1, Update, 5/31/2016 9:51 AM, SYSTEM, PKSHQINF01, Scheduler, Domain Database, 2016.5.29.1, 2016.5.30.3, Update, 5/31/2016 9:51 AM, SYSTEM, PKSHQINF01, Scheduler, Malware Database, 2016.5.30.4, 2016.5.30.7, Protection, 5/31/2016 9:51 AM, SYSTEM, PKSHQINF01, Protection, Refresh, Starting, Protection, 5/31/2016 9:51 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, Stopping, Protection, 5/31/2016 9:52 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, Stopped, Protection, 5/31/2016 9:52 AM, SYSTEM, PKSHQINF01, Protection, Refresh, Success, Protection, 5/31/2016 9:52 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, Started, Detection, 5/31/2016 9:56 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 80.77.81.89, 64421, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 10:03 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 109.163.226.148, 64209, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 10:04 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 148.81.111.111, sinkhole.cert.pl, 64135, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 10:05 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 148.81.111.111, sinkhole.cert.pl, 63241, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 10:09 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 64386, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 10:09 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 63591, Outbound, C:\Windows\System32\dns.exe, Detection, 5/31/2016 10:11 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 63450, Outbound, C:\Windows\System32\dns.exe, How do i solve this issue ? Please assist, Rgds, Muraly 30 May Daily Protection Logs.txt 31 May Daily Protection Logs.txt
  12. This morning malware bytes blocked 4 outbound attacks (for lack of a better term), all with the same time stamp. The site referenced is click.watchjmp.com, 54.219.179.252. It was coming from firefox.exe. I'm unable to find much of any information about this site. I was on msn.com reading an article, and had a flickr site open, and one other normal, non-suspicious webpage. Has anyone had a similar incident? I'm not sure what to make of the fact that this was an outbound attack....
  13. So I was playing Counter-Strike 1.6 in a trusted server and everyone in it started to lose connection. I think the server was experiencing problems and this happened about 4-5 times before I just gave up and decided to take a break. I went back to my desktop and MBAM popped up in the corner and blocked a malicious website I'm guessing and it popped up about 3-4 times with different IP addresses. I looked at my applications log to see if this happened earlier and I found the same thing that it blocked some IPs from a week ago as well. Yesterday was over 50 website IPs that it blocked and today was only 20. I pasted the IPs in google and they were linked to servers in Counter-Strike located in Russian federation and Romania. It was found in - Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe I'm wondering if my system is infected or this was just a cautious move by Mbam. I scanned my system with Mbam and nothing popped up. Here are some of the IPs that it detected.. 93.115.80.112, 52024 93.115.83.187, 52024 93.115.83.180, 52024 195.2.253.170, 52026 195.2.253.105, 52026
  14. I got infected with this GoSearchMe 'virus' (to my knowledge GoSearchMe isn't technically malware but it certainly acts like it). What happens is that when I open my browser [Chrome], instead of my usual homepage I get redirected to a GoSearchMe link (which doesn't show up in my history) which then links to 'Dounty.com' which ends up as 'zwiiky.com'. I'm computer savvy to a small degree. I've tried searching my file archives, downloaded Malwarebytes, CCcleaner, LockHunter, tried deleting all files associated with it, but now I need some help.
  15. It is very frustrating that every 1 or 2 days I lose my malicious website protection. This is extremely frustrating. Please see the picture. Whenever I click "fix now" nothing happens. Please help me.
  16. Hello, Im very new to this software so please forgive me, but im constantly recieving "Malicious Website Blocked" notifications one after the other. Here are the details: The Type is Inbound The proccess is C:\Windows\System32\svchost.exe The IP address is 187.217.198.114 The port is 52150 These details are the same everytime. I have disconnect myself from the internet, stopped MBAM, ran MBAR as administrator then re-enabled everything. Everything is coming back clean though? Any ideas?
  17. Hello, I'll be grateful for help on a repeated popup from an 'outbound' website. It occurs even when browsing is discontinued. IP is 46.161.41.146. Process: c:/windows/system32/svchost.exe. The process also varies between the latter and a Kaspersky application.Attached is the text log file. What information would you need to help me further with this? Thanks in advance, S. log_outbound.txt
  18. I've read every single thread on this topic, and there are a ton of them so I'm confident it's a big problem. I've also tried every suggestion, including: Update database and restartUpdate database and rebootWipe the whole environment and reinstallManually delete and update the databaseSetting from "Fix Now"Setting from "Icon Tray"Setting from "Settings"... and several othersThese suggestions simply don't work. I have five family computers, all of them running MBAM-Premium ... and I just added one additional computer and get this error, and can't for the life of me figure out how to solve it. The only difference is that this is the only Windows-8 computer, but I have trouble believing that's the problem given OS hasn't been listed in any of the forum posts as a contributing factor. Does anyone have any suggestions to solve this annoying problem ... that hasn't been documented in the posts already? I love this application, but this will be my last purchased version if I can't crack the code on this issue pretty darn quickly. Oh ... BTW ... the solution that's "Pinned" to the top of this forum ... doesn't work. Rusty
  19. I have the game War Thunder through the Steam game service. When the game client patched tonight, I started seeing outbound connection attempts blocked by malwarebytes from War Thunder's launcher.exe to hosts mostly in Russia (I ran whois on the IP addresses.) My security software is not throwing errors about any other application on my machine, just the War Thunder launcher. Is the steam launcher infected? Is my computer infected? What is the fix? Any help would be greatly appreciated, thanks very much! Here is a screenshot of my malwarebytes log:
  20. Hello, I can't use internet (firefox, mail, etc.) if the malicious website protection is activated with Malwarebytes Anti-Malware. But I noticed if I use a VPN (with a server from my country or from another country), the internet connection is available !!! This problem was not present with 1.7x version of Malwarebytes Anti-Malware. I got another computer (using the same network) and I dont have this problem ! (with or without VPN, with or without WIFI). I'm using Windows 7 (64 bits). My motherboard is the MSI Z87-G45 Gaming, integrated the "Killer e2200" network card (from Qualcomm). I have installed the latest drivers with the Killer Network Manager (v1.1.48.1376). Please help me ! Killer™ e2200
  21. I am not sure if I am allowed to paste a link with a path provided by preview.tinyurl.com, so at this point I will not paste it but I will if needed. So short story: I was browsing gaming forum and there was imgur link from one of the posters, which actually was tinyurl.com/IMAGE-xXxXxXx (xxxx are really numbers but I will keep them away since I do no think its appropriate to post infected links here), but I misread it and clicked it. It instantly downloaded picture to my computer, but as soon as I realized this I went to the file location and deleted instantly without opening it. I have tried scanning my computer with safe modes on, with Malwarebytes, Norton 360 and Spybot too, but have not found anything and now I am being paranoid all the time wether or not I should even log to emails etc without some prick getting my informations. So do I have malware on loose or should I just let it be? Thank you for reading!
  22. A couple of days ago I started getting these pop-ups from Malwarebytes saying malicious websites have been blocked.I checked the IP addresses of the blocked websites and they're all from Ecatel LDT from Netherlands.I've run both MBAM and Malwarebytes Anti-Rootkit but no malware has been found.I've attached the Application logs from the past three days since this problem started and Scan logs. mbam-scan-log-2014-10-30.txtmbam-daily-log-2014-10-30.txtmbam-daily-log-2014-10-31.txtmbam-daily-log-2014-11-01.txt
  23. Hello yesterday those popups began to appear out of nowhere. MB keeps blocking inbound/outbound connections of svchost.exe. Already checked what information you guys need. Disabled all p2p things and i havent pirated any software so that should be okay. Will post Malwarebytes and TDSSKiller logs asap.
  24. Thank You for your help with my infection. As instructed, I ran the Farbar Recovery Scan Tool and I am posting the results. I had trouble posting to this forum from the infected computer - I could not cut and paste and I could not upload files. I don't know why or if it related to the infection. So I am posting to this forum from another computer (clean I believe). I emailed the FRST txt files to myself and then I could cut and paste on the good computer. Here is the FRST.txt below. I will send the addition.txt in another post. Please Help Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014Ran by David Angeley (administrator) on GIGANTOR on 24-10-2014 13:20:32Running from C:\Users\David Angeley\DesktopLoaded Profiles: UpdatusUser & David Angeley (Available profiles: UpdatusUser & David Angeley)Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Webroot) C:\Program Files (x86)\Webroot\WRSA.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpCardEngine.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe() C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe(DigitalPersona, Inc.) C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Dell Inc.) C:\Program Files\Dell\PPO\poaService.exe(Dell Inc.) C:\Program Files\Dell\PPO\poaSmSrv.exe(Dell Inc.) C:\Program Files\Dell\PPO\poaTaServ.exe(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe(Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpAgent.exe(Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe(Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe(O2Micro International) C:\Windows\System32\drivers\o2flash.exe(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe(Microsoft Corporation) C:\Windows\System32\perfmon.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-05-02] (Alps Electric Co., Ltd.)HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-27] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1291848 2013-03-22] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1291848 2013-03-22] (Realtek Semiconductor)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [WRSVC] => C:\Program Files (x86)\Webroot\WRSA.exe [767600 2014-10-22] (Webroot)HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe,Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)HKU\S-1-5-21-815478023-2570439054-1862698040-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1HKU\S-1-5-21-815478023-2570439054-1862698040-1001\...\Policies\Explorer: [NoDesktopCleanupWizard] 1HKU\S-1-5-21-815478023-2570439054-1862698040-1001\...\MountPoints2: {a7ff626e-52d2-11e3-bdbb-24fd52447a7a} - "E:\WD Drive Unlock.exe" autoplay=trueHKU\S-1-5-21-815478023-2570439054-1862698040-1001\...\MountPoints2: {daaaa67a-39dc-11e3-aabd-806e6f6e6963} - D:\mri.exeHKU\S-1-5-21-815478023-2570439054-1862698040-1001\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dllStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnkShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnkShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/SearchScopes: HKCU - DefaultScope {18BB9F07-485C-4D36-BDB2-82E9340177AE} URL = https://www.google.com/search?q={searchTerms}SearchScopes: HKCU - {18BB9F07-485C-4D36-BDB2-82E9340177AE} URL = https://www.google.com/search?q={searchTerms}BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox:========FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\ChromeExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtnFF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-11-01]FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\FirefoxExtFF Extension: DigitalPersona Extension - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\FirefoxExt [2013-11-11] Chrome: =======CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\ChromeExt\dpchrome.crx [2013-08-13]CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-10-22] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)S3 CVShell Service; C:\Program Files (x86)\ACD Systems\Canvas 14\CVShellSrv.exe [259192 2012-11-29] (ACD Systems of America Inc.)R2 Dell.PowerManager.Service; C:\Windows\system32\dllhost.exe [9728 2009-07-13] (Microsoft Corporation)R2 Dell.PowerManager.Service; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-13] (Microsoft Corporation)S3 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2486272 2013-04-30] (Dell Inc.) [File not signed]R2 DellMgmtAgent; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe [247136 2013-10-08] (Dell Inc.)R2 DellMgmtLoader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe [26464 2013-10-08] ()R2 DellMgmtServer; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe [33632 2013-10-08] (Dell, Inc.)R2 DpHost; C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe [472400 2013-08-27] (DigitalPersona, Inc.)R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [337264 2013-03-19] (FileOpen Systems Inc.)R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-15] (Intel Corporation)R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)S3 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2947856 2013-07-30] (Invincea, Inc.)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-06-18] (Intel Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)R2 poaService; C:\Program Files\Dell\PPO\poaService.exe [641232 2013-07-19] (Dell Inc.)R2 PoaSMSrv; C:\Program Files\Dell\PPO\poaSmSrv.exe [277712 2013-07-19] (Dell Inc.)R2 poaTaServ; C:\Program Files\Dell\PPO\poaTaServ.exe [516304 2013-07-19] (Dell Inc.)R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [223816 2013-01-09] (Realtek Semiconductor)S3 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [124616 2013-07-30] ()R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (SoftThinks SAS)S2 tcsd_win32.exe; C:\Program Files\Dell\Dell Data Protection\TSS\bin\tcsd_win32.exe [1636352 2012-12-10] (Security Innovation, Inc.) [File not signed]R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc.)R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-07-22] (Western Digital Technologies, Inc.)R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6169600 2013-10-20] (Dell Inc.) [File not signed]R2 WRSVC; C:\Program Files (x86)\Webroot\WRSA.exe [767600 2014-10-22] (Webroot) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2013-10-20] (Broadcom Corporation.)S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-10-11] (Emsisoft GmbH)R0 CredFltL; C:\Windows\System32\DRIVERS\CredFltL.sys [34048 2013-10-08] ()R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2013-04-29] (Dell Computer Corporation)R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2010-01-20] (Samsung Electronics Co., Ltd.)R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [489752 2014-08-14] (Intel Corporation)R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-07-10] (Intel Corporation)R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2136520 2013-06-07] (Realtek Semiconductor Corp.)S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [34824 2013-07-30] ()R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-24] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-04] (NVIDIA Corporation)R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [185760 2013-05-07] (O2Micro )R3 POADrvr; C:\Windows\System32\drivers\POADrvr.sys [21264 2013-07-19] (Dell Computer Corporation)S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [202248 2013-07-30] ()R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)R3 ST_Accel; C:\Windows\System32\DRIVERS\ST_Accel.sys [89312 2013-03-27] (STMicroelectronics)S3 uc480; C:\Windows\System32\DRIVERS\uc480_64.sys [6456640 2013-02-11] (OEM)S3 uc480_boot; C:\Windows\System32\DRIVERS\uc480_boot_64.sys [6453056 2013-02-11] (OEM)R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [257536 2012-01-19] (Jungo)R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115680 2014-10-22] (Webroot) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-24 13:20 - 2014-10-24 13:20 - 00021263 _____ () C:\Users\David Angeley\Desktop\FRST.txt2014-10-24 13:20 - 2014-10-24 13:20 - 00000000 ____D () C:\FRST2014-10-24 13:16 - 2014-10-24 13:16 - 02112000 _____ (Farbar) C:\Users\David Angeley\Desktop\FRST64.exe2014-10-24 07:44 - 2014-10-24 07:44 - 00000000 ____D () C:\Windows\system32\appmgmt2014-10-24 07:41 - 2014-10-24 07:41 - 00001304 _____ () C:\Users\David Angeley\Desktop\Notepad.lnk2014-10-23 19:37 - 2014-10-23 19:37 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-10-23 19:37 - 2014-10-23 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-10-23 19:37 - 2014-10-23 19:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-10-23 19:37 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-10-23 19:37 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-10-23 19:37 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-10-23 19:26 - 2014-10-23 19:36 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\David Angeley\Desktop\mbam-setup-2.0.3.1025.exe2014-10-23 14:49 - 2014-10-23 14:58 - 00000000 ____D () C:\Users\David Angeley\Documents\work2014-10-22 15:42 - 2014-10-22 15:42 - 00000000 ____D () C:\Windows\pss2014-10-22 15:11 - 2014-10-22 15:42 - 00000000 ____D () C:\Users\David Angeley\AppData\Local\lptmp1818943582014-10-22 15:10 - 2014-10-24 12:22 - 00000000 ____D () C:\ProgramData\WRData2014-10-22 15:10 - 2014-10-22 15:16 - 00154760 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll2014-10-22 15:10 - 2014-10-22 15:16 - 00115680 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys2014-10-22 15:10 - 2014-10-22 15:16 - 00105320 _____ (Webroot) C:\Windows\system32\WRusr.dll2014-10-22 15:10 - 2014-10-22 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere2014-10-22 15:10 - 2014-09-05 17:02 - 00168104 ____N (Geek Squad) C:\Users\Public\Desktop\Geek Squad Support.exe2014-10-22 15:09 - 2014-10-22 15:10 - 00000000 ____D () C:\Program Files (x86)\Webroot2014-10-22 15:07 - 2014-10-22 15:07 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk2014-10-21 15:06 - 2014-10-21 15:06 - 00000000 _____ () C:\detestfrag.txt2014-10-21 14:46 - 2014-10-24 09:30 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-10-21 14:46 - 2014-10-21 15:50 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-10-21 14:40 - 2014-10-24 07:54 - 00000000 ___RD () C:\Users\David Angeley\Desktop\Desktop Items2014-10-21 14:19 - 2014-09-04 19:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2014-10-21 14:19 - 2014-09-04 18:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2014-10-21 13:38 - 2014-10-21 13:53 - 00000000 ____D () C:\ProgramData\TEMP2014-10-21 13:34 - 2013-10-01 19:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys2014-10-21 13:34 - 2013-10-01 19:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe2014-10-21 13:34 - 2013-10-01 19:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll2014-10-21 13:34 - 2013-10-01 18:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll2014-10-21 13:34 - 2013-10-01 18:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll2014-10-21 13:34 - 2013-10-01 18:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll2014-10-21 13:34 - 2013-10-01 18:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll2014-10-21 13:34 - 2013-10-01 17:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll2014-10-21 13:34 - 2013-10-01 17:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll2014-10-21 13:34 - 2013-10-01 17:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll2014-10-21 13:34 - 2013-10-01 17:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe2014-10-21 13:34 - 2013-10-01 17:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe2014-10-21 13:34 - 2013-10-01 16:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll2014-10-21 13:34 - 2013-10-01 16:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe2014-10-21 13:34 - 2013-10-01 16:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll2014-10-21 13:34 - 2013-10-01 15:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe2014-10-21 13:02 - 2014-10-06 19:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-10-21 13:02 - 2014-10-06 19:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-10-21 13:02 - 2014-09-25 15:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-10-21 13:02 - 2014-09-25 15:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-10-21 13:02 - 2014-09-25 15:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-10-21 13:02 - 2014-09-25 15:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-10-21 13:02 - 2014-09-25 15:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-10-21 13:02 - 2014-09-25 15:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-10-21 13:02 - 2014-09-25 15:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-10-21 13:02 - 2014-09-18 19:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-10-21 13:02 - 2014-09-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-10-21 13:02 - 2014-09-18 18:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-10-21 13:02 - 2014-09-18 18:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-10-21 13:02 - 2014-09-18 18:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-10-21 13:02 - 2014-09-18 18:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-10-21 13:02 - 2014-09-18 18:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-10-21 13:02 - 2014-09-18 18:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-10-21 13:02 - 2014-09-18 18:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-10-21 13:02 - 2014-09-18 18:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-10-21 13:02 - 2014-09-18 18:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-10-21 13:02 - 2014-09-18 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-10-21 13:02 - 2014-09-18 18:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-10-21 13:02 - 2014-09-18 18:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-10-21 13:02 - 2014-09-18 18:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-10-21 13:02 - 2014-09-18 18:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-10-21 13:02 - 2014-09-18 18:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-10-21 13:02 - 2014-09-18 18:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-10-21 13:02 - 2014-09-18 18:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-10-21 13:02 - 2014-09-18 18:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-10-21 13:02 - 2014-09-18 18:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-10-21 13:02 - 2014-09-18 18:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-10-21 13:02 - 2014-09-18 18:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-10-21 13:02 - 2014-09-18 18:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-10-21 13:02 - 2014-09-18 18:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-10-21 13:02 - 2014-09-18 18:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-10-21 13:02 - 2014-09-18 17:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-10-21 13:02 - 2014-09-18 17:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-10-21 13:02 - 2014-09-18 17:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-10-21 13:02 - 2014-09-18 17:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-10-21 13:02 - 2014-09-18 17:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-10-21 13:02 - 2014-09-18 17:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-10-21 13:02 - 2014-09-18 17:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-10-21 13:02 - 2014-09-18 17:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-10-21 13:02 - 2014-09-18 17:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-10-21 13:02 - 2014-09-18 17:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-10-21 13:02 - 2014-09-18 17:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-10-21 13:02 - 2014-09-18 17:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-10-21 13:02 - 2014-09-18 17:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-10-21 13:02 - 2014-09-18 17:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-10-21 13:02 - 2014-09-18 17:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-10-21 13:02 - 2014-09-18 17:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-10-21 13:02 - 2014-09-18 17:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-10-21 13:02 - 2014-09-18 16:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-10-21 13:02 - 2014-09-18 16:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-10-21 13:02 - 2014-09-18 16:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-10-21 13:02 - 2014-09-18 16:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-10-21 13:02 - 2014-09-17 19:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll2014-10-21 13:02 - 2014-09-17 18:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll2014-10-21 13:02 - 2014-08-28 19:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2014-10-21 13:02 - 2014-07-16 19:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll2014-10-21 13:02 - 2014-07-16 19:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe2014-10-21 13:02 - 2014-07-16 19:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll2014-10-21 13:02 - 2014-07-16 19:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll2014-10-21 13:02 - 2014-07-16 19:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-10-21 13:02 - 2014-07-16 19:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-10-21 13:02 - 2014-07-16 18:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll2014-10-21 13:02 - 2014-07-16 18:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-10-21 13:02 - 2014-07-16 18:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-10-21 13:02 - 2014-07-16 18:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys2014-10-21 13:02 - 2014-07-16 18:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys2014-10-21 13:01 - 2014-09-28 17:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-10-21 13:01 - 2014-09-12 18:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll2014-10-21 13:01 - 2014-09-12 18:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll2014-10-21 13:01 - 2014-09-03 22:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll2014-10-21 13:01 - 2014-09-03 22:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll2014-10-21 13:01 - 2014-06-18 15:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll2014-10-21 13:01 - 2014-06-18 15:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll2014-10-21 13:01 - 2014-06-18 15:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll2014-10-21 13:01 - 2014-06-18 15:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll2014-10-21 13:01 - 2014-06-18 15:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll2014-10-21 13:01 - 2014-06-18 15:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll2014-10-20 11:06 - 2014-10-20 13:50 - 00000000 ___HD () C:\MRI_PE_TEMP2014-10-20 09:38 - 2014-10-22 15:05 - 00000000 ____D () C:\Users\David Angeley\AppData\Local\LogMeIn Rescue Applet2014-10-20 09:24 - 2014-10-22 15:09 - 00000000 ____D () C:\ProgramData\Geek Squad2014-10-12 13:27 - 2014-10-12 13:27 - 00000000 ____D () C:\ProgramData\Sophos2014-10-12 09:48 - 2014-10-12 09:59 - 00000000 ____D () C:\NPE2014-10-12 09:47 - 2014-10-12 10:04 - 00000000 ____D () C:\Users\David Angeley\AppData\Local\NPE2014-10-12 09:47 - 2014-10-12 09:47 - 00000000 ____D () C:\ProgramData\Norton2014-10-11 12:27 - 2014-10-11 12:27 - 00000000 ____D () C:\Users\David Angeley\AppData\Local\Dell2014-10-11 11:54 - 2014-10-11 12:06 - 00000000 ____D () C:\EEK2014-10-11 08:13 - 2014-10-11 08:13 - 00000000 ____D () C:\Windows\ERUNT2014-10-10 23:03 - 2014-10-11 07:13 - 00000000 ____D () C:\AdwCleaner2014-10-10 22:39 - 2014-10-12 19:30 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys2014-10-10 22:39 - 2014-10-10 22:39 - 00000000 ____D () C:\ProgramData\RogueKiller2014-10-10 17:36 - 2014-10-10 17:36 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe2014-10-10 16:53 - 2014-10-11 07:17 - 00000000 ____D () C:\ProgramData\HitmanPro2014-10-10 16:22 - 2014-10-12 19:34 - 00000000 ____D () C:\Users\David Angeley\Documents\Computer virus2014-10-10 16:13 - 2014-10-21 14:46 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-10-10 13:53 - 2014-10-12 13:09 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage2014-10-10 13:53 - 2014-10-10 13:53 - 00000000 _____ () C:\Windows\system32\eekhj.dll2014-10-07 10:33 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll2014-10-06 17:34 - 2012-08-23 07:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll2014-10-06 17:34 - 2012-08-23 07:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys2014-10-06 17:34 - 2012-08-23 07:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys2014-10-06 17:34 - 2012-08-23 04:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll2014-10-06 17:34 - 2012-08-23 03:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll2014-10-06 17:21 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL2014-10-06 17:21 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL2014-10-06 17:21 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL2014-10-06 17:21 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL2014-10-06 17:21 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL2014-10-06 17:21 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL2014-10-06 17:21 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL2014-10-06 17:21 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL2014-10-06 17:21 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL2014-10-06 17:21 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL2014-10-06 17:21 - 2014-07-08 15:38 - 00419992 _____ () C:\Windows\system32\locale.nls2014-10-06 17:21 - 2014-07-08 15:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls2014-10-04 13:57 - 2014-10-04 13:57 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk2014-10-04 12:47 - 2014-10-21 13:09 - 00000000 ____D () C:\Windows\system32\MRT2014-10-04 12:47 - 2014-10-21 13:03 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-10-04 12:38 - 2014-10-24 07:39 - 00007606 _____ () C:\Users\David Angeley\AppData\Local\Resmon.ResmonCfg2014-10-02 17:02 - 2014-10-02 17:02 - 00000165 ____H () C:\Users\David Angeley\Desktop\~$spie openings aug2014.xlsx2014-10-01 07:56 - 2014-10-01 07:56 - 00000000 __SHD () C:\Users\David Angeley\AppData\Local\EmieUserList2014-10-01 07:56 - 2014-10-01 07:56 - 00000000 __SHD () C:\Users\David Angeley\AppData\Local\EmieSiteList2014-09-30 17:08 - 2014-09-24 19:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll2014-09-30 17:08 - 2014-09-24 18:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll2014-09-30 07:19 - 2014-09-30 07:19 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.02014-09-30 05:03 - 2014-09-30 05:03 - 00001415 _____ () C:\Users\David Angeley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-09-30 04:08 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE2014-09-30 04:06 - 2014-09-30 04:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll2014-09-30 04:06 - 2014-09-30 04:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2014-09-30 04:06 - 2014-09-30 04:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2014-09-30 04:06 - 2014-09-30 04:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll2014-09-30 04:06 - 2014-09-30 04:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2014-09-30 04:06 - 2014-09-30 04:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2014-09-30 04:06 - 2014-09-30 04:06 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2014-09-30 04:06 - 2014-09-30 04:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2014-09-30 04:06 - 2014-09-30 04:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2014-09-30 04:06 - 2014-09-30 04:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2014-09-30 04:06 - 2014-09-30 04:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2014-09-30 04:06 - 2014-09-30 04:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2014-09-30 04:06 - 2014-09-30 04:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2014-09-30 04:06 - 2014-09-30 04:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2014-09-30 04:06 - 2014-09-30 04:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2014-09-30 04:06 - 2014-09-30 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2014-09-30 04:05 - 2014-09-30 04:05 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2014-09-30 04:05 - 2014-09-30 04:05 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2014-09-30 04:05 - 2014-09-30 04:05 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2014-09-30 04:05 - 2014-09-30 04:05 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2014-09-30 04:05 - 2014-09-30 04:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2014-09-30 04:05 - 2014-09-30 04:05 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2014-09-30 04:05 - 2014-09-30 04:05 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2014-09-30 04:05 - 2014-09-30 04:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2014-09-30 04:05 - 2014-09-30 04:05 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2014-09-30 04:05 - 2014-09-30 04:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2014-09-30 04:05 - 2014-09-30 04:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2014-09-30 04:05 - 2014-09-30 04:05 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2014-09-30 04:03 - 2014-09-30 04:08 - 00008872 _____ () C:\Windows\IE11_main.log2014-09-30 03:46 - 2014-09-30 07:19 - 00287594 _____ () C:\Windows\msxml4-KB973688-enu.LOG2014-09-30 03:31 - 2014-09-30 07:19 - 00291686 _____ () C:\Windows\msxml4-KB954430-enu.LOG2014-09-30 03:14 - 2012-07-25 20:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll2014-09-30 03:14 - 2012-07-25 20:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll2014-09-30 03:14 - 2012-07-25 19:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys2014-09-30 03:14 - 2012-07-25 19:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys2014-09-30 03:13 - 2012-07-25 20:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll2014-09-30 03:13 - 2012-07-25 20:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe2014-09-30 03:13 - 2012-07-25 20:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll2014-09-30 03:13 - 2012-06-02 07:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf2014-09-30 03:08 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll2014-09-30 03:08 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll2014-09-30 03:01 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll2014-09-30 03:01 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll2014-09-30 03:01 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe2014-09-30 03:01 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll2014-09-30 03:01 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe2014-09-30 03:01 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll2014-09-30 03:00 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe2014-09-30 03:00 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe2014-09-29 21:14 - 2011-04-08 23:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe2014-09-29 21:14 - 2011-04-08 22:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe2014-09-29 18:32 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe2014-09-29 18:32 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe2014-09-29 18:31 - 2014-03-04 02:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2014-09-29 18:31 - 2014-03-04 02:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll2014-09-29 18:31 - 2014-03-04 02:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2014-09-29 18:31 - 2014-03-04 02:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll2014-09-29 18:31 - 2014-03-04 02:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll2014-09-29 18:31 - 2014-03-04 02:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll2014-09-29 18:31 - 2014-03-04 02:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll2014-09-29 18:31 - 2014-03-04 02:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll2014-09-29 18:31 - 2014-03-04 02:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll2014-09-29 18:31 - 2014-03-04 02:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2014-09-29 18:31 - 2014-03-04 02:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2014-09-29 18:31 - 2014-03-04 02:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll2014-09-29 18:31 - 2014-03-04 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll2014-09-29 18:31 - 2014-03-04 02:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll2014-09-29 18:31 - 2014-03-04 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll2014-09-29 18:31 - 2014-03-04 02:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll2014-09-29 18:31 - 2014-03-04 02:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll2014-09-29 18:31 - 2014-03-04 02:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll2014-09-29 18:31 - 2014-03-04 02:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2014-09-29 18:31 - 2013-11-26 18:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys2014-09-29 18:31 - 2013-11-26 18:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys2014-09-29 18:31 - 2013-11-26 18:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys2014-09-29 18:31 - 2013-11-26 18:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys2014-09-29 18:31 - 2013-11-26 18:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys2014-09-29 18:31 - 2013-10-03 19:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll2014-09-29 18:31 - 2013-10-03 19:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll2014-09-29 18:31 - 2013-10-03 18:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll2014-09-29 18:31 - 2013-10-03 18:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll2014-09-29 18:31 - 2013-08-04 19:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys2014-09-29 18:31 - 2013-08-01 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2014-09-29 18:31 - 2013-08-01 19:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2014-09-29 18:31 - 2013-08-01 18:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2014-09-29 18:31 - 2013-08-01 17:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2014-09-29 17:39 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll2014-09-29 17:39 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll2014-09-29 17:39 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll2014-09-29 17:39 - 2013-07-12 03:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys2014-09-29 17:39 - 2013-07-12 03:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys2014-09-29 17:39 - 2013-07-12 03:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys2014-09-29 17:39 - 2013-07-02 21:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys2014-09-29 17:39 - 2013-07-02 21:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys2014-09-29 17:39 - 2013-07-02 21:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys2014-09-29 17:39 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys2014-09-29 17:38 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll2014-09-29 17:38 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe2014-09-29 17:38 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll2014-09-29 17:38 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll2014-09-29 17:38 - 2013-11-26 01:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll2014-09-29 17:38 - 2013-11-22 15:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll2014-09-29 17:37 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2014-09-29 17:37 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll2014-09-29 17:37 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-09-29 17:37 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-09-29 17:37 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-09-29 17:37 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2014-09-29 17:37 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2014-09-29 17:37 - 2014-05-30 01:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-09-29 17:37 - 2014-05-30 01:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2014-09-29 17:37 - 2014-05-30 01:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2014-09-29 17:37 - 2014-05-30 01:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2014-09-29 17:37 - 2014-05-30 00:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2014-09-29 17:37 - 2014-05-30 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-09-29 17:37 - 2014-05-30 00:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2014-09-29 17:37 - 2014-05-30 00:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2014-09-29 17:37 - 2014-04-11 19:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2014-09-29 17:37 - 2014-04-11 19:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2014-09-29 17:37 - 2014-04-11 19:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2014-09-29 17:37 - 2014-04-11 19:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2014-09-29 17:37 - 2014-04-11 19:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2014-09-29 17:37 - 2014-04-11 19:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2014-09-29 17:37 - 2014-01-27 19:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll2014-09-29 17:37 - 2013-10-29 19:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll2014-09-29 17:37 - 2013-10-29 19:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll2014-09-29 17:37 - 2013-08-28 19:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2014-09-29 17:37 - 2013-08-28 19:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll2014-09-29 17:37 - 2013-08-28 19:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll2014-09-29 17:37 - 2013-08-28 18:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2014-09-29 17:37 - 2013-08-28 18:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll2014-09-29 17:37 - 2013-08-28 18:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2014-09-29 17:37 - 2013-07-04 05:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll2014-09-29 17:37 - 2013-07-04 05:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2014-09-29 17:37 - 2013-07-04 04:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll2014-09-29 17:36 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll2014-09-29 17:36 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll2014-09-29 17:36 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll2014-09-29 17:36 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll2014-09-29 17:36 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2014-09-29 17:36 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS2014-09-29 17:36 - 2014-01-28 19:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll2014-09-29 17:36 - 2014-01-28 19:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll2014-09-29 17:36 - 2013-11-26 04:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys2014-09-29 17:36 - 2013-11-23 11:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll2014-09-29 17:36 - 2013-11-23 10:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll2014-09-29 17:36 - 2013-10-18 19:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll2014-09-29 17:36 - 2013-10-18 18:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll2014-09-29 17:36 - 2013-10-05 13:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2014-09-29 17:36 - 2013-10-05 12:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2014-09-29 17:35 - 2014-06-23 20:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2014-09-29 17:35 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll2014-09-29 17:35 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll2014-09-29 17:35 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-09-29 17:35 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll2014-09-29 17:35 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2014-09-29 17:35 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll2014-09-29 17:35 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2014-09-29 17:35 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll2014-09-29 17:35 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2014-09-29 17:34 - 2013-10-03 19:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys2014-09-29 17:34 - 2013-10-03 18:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys2014-09-29 17:33 - 2013-12-03 19:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll2014-09-29 17:33 - 2013-12-03 19:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll2014-09-29 17:33 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll2014-09-29 17:33 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll2014-09-29 17:33 - 2013-12-03 19:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll2014-09-29 17:33 - 2013-12-03 19:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe2014-09-29 17:33 - 2013-12-03 19:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe2014-09-29 17:33 - 2013-12-03 19:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe2014-09-29 17:33 - 2013-12-03 19:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe2014-09-29 17:33 - 2013-12-03 19:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll2014-09-29 17:33 - 2013-12-03 19:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll2014-09-29 17:33 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll2014-09-29 17:33 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll2014-09-29 17:33 - 2013-12-03 19:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll2014-09-29 17:33 - 2013-12-03 18:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe2014-09-29 17:33 - 2013-12-03 18:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe2014-09-29 17:33 - 2013-12-03 18:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe2014-09-29 17:33 - 2013-12-03 18:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe2014-09-29 17:33 - 2013-06-05 22:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2014-09-29 17:33 - 2013-06-05 22:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2014-09-29 17:33 - 2013-06-05 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2014-09-29 17:33 - 2013-06-05 22:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2014-09-29 17:33 - 2013-06-05 21:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2014-09-29 17:33 - 2013-06-05 21:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2014-09-29 17:33 - 2013-06-05 21:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2014-09-29 17:33 - 2013-06-05 20:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2014-09-29 17:33 - 2013-06-05 20:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2014-09-29 17:33 - 2013-06-05 20:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2014-09-29 17:32 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys2014-09-29 17:30 - 2013-07-04 05:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll2014-09-29 17:30 - 2013-07-04 05:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll2014-09-29 17:30 - 2013-07-04 04:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll2014-09-29 17:30 - 2013-07-04 04:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll2014-09-29 17:30 - 2013-07-04 03:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys2014-09-29 17:28 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys2014-09-29 17:28 - 2013-09-07 19:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll2014-09-29 17:28 - 2013-09-07 19:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll2014-09-29 17:27 - 2014-02-03 19:37 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys2014-09-29 17:27 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys2014-09-29 17:27 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys2014-09-29 17:27 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll2014-09-29 17:27 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll2014-09-29 17:26 - 2014-09-09 15:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2014-09-29 17:26 - 2014-09-09 14:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2014-09-29 17:26 - 2014-06-24 19:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2014-09-29 17:26 - 2014-06-24 18:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2014-09-29 17:26 - 2013-07-25 19:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll2014-09-29 17:26 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll2014-09-29 17:25 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2014-09-29 17:25 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2014-09-29 17:25 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2014-09-29 17:25 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2014-09-29 17:25 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2014-09-29 17:25 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2014-09-29 17:25 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2014-09-29 17:25 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2014-09-29 17:25 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2014-09-29 17:25 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2014-09-29 17:25 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2014-09-29 17:25 - 2014-01-23 19:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys2014-09-29 17:25 - 2013-10-11 19:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx2014-09-29 17:25 - 2013-10-11 19:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll2014-09-29 17:25 - 2013-10-11 19:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx2014-09-29 17:25 - 2013-10-11 19:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll2014-09-29 17:25 - 2013-10-11 18:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe2014-09-29 17:25 - 2013-10-11 18:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe2014-09-29 17:25 - 2013-10-11 18:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe2014-09-29 17:25 - 2013-10-11 18:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe2014-09-29 17:25 - 2013-08-01 19:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 18:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2014-09-29 17:25 - 2013-08-01 17:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 17:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 17:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2014-09-29 17:25 - 2013-08-01 17:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2014-09-29 17:25 - 2013-07-20 03:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll2014-09-29 17:25 - 2013-07-20 03:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll2014-09-29 17:23 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2014-09-29 17:23 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll2014-09-29 17:23 - 2014-02-03 19:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll2014-09-29 17:23 - 2014-02-03 19:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll2014-09-29 17:23 - 2013-10-11 19:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll2014-09-29 17:23 - 2013-10-11 19:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL2014-09-29 17:23 - 2013-10-11 19:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL2014-09-29 17:23 - 2013-10-11 19:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll2014-09-29 17:23 - 2013-10-11 19:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL2014-09-29 17:23 - 2013-08-27 18:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll2014-09-29 11:58 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2014-09-29 11:58 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2014-09-29 11:58 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2014-09-29 11:58 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2014-09-29 11:57 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2014-09-29 11:57 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2014-09-29 11:57 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2014-09-29 11:57 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2014-09-29 11:57 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2014-09-29 11:57 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll2014-09-29 11:57 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2014-09-29 11:57 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2014-09-29 11:57 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2014-09-29 11:57 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-24 13:19 - 2013-10-20 16:12 - 02037833 _____ () C:\Windows\WindowsUpdate.log2014-10-24 12:32 - 2013-10-20 14:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-10-24 12:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache2014-10-24 10:42 - 2013-11-01 16:22 - 00000000 ____D () C:\Users\David Angeley\AppData\Local\CrashDumps2014-10-24 10:34 - 2013-11-11 18:36 - 00131072 ___SH () C:\CredSED.dat2014-10-24 08:46 - 2013-10-20 14:46 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery2014-10-24 08:46 - 2009-07-13 21:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-10-24 08:46 - 2009-07-13 21:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-10-24 08:43 - 2009-07-13 22:13 - 00783606 _____ () C:\Windows\system32\PerfStringBackup.INI2014-10-24 08:39 - 2010-11-20 20:47 - 01632740 _____ () C:\Windows\PFRO.log2014-10-24 08:39 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-10-24 08:39 - 2009-07-13 21:51 - 00243463 _____ () C:\Windows\setupact.log2014-10-24 08:39 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Registration2014-10-22 15:42 - 2014-09-01 18:53 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat2014-10-22 15:27 - 2013-11-01 15:42 - 00000000 ____D () C:\Program Files\Microsoft Office 152014-10-22 15:10 - 2009-07-13 22:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-10-22 15:07 - 2013-10-20 14:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-10-22 15:06 - 2013-10-20 14:51 - 00000000 ____D () C:\ProgramData\Adobe2014-10-22 15:06 - 2013-10-20 14:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-10-22 15:06 - 2013-10-20 14:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-10-22 15:06 - 2013-10-20 14:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-10-21 16:12 - 2009-07-13 22:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD2014-10-21 14:02 - 2013-10-20 14:24 - 00000000 ____D () C:\ProgramData\NVIDIA2014-10-21 14:00 - 2009-07-13 21:45 - 00327152 _____ () C:\Windows\system32\FNTCACHE.DAT2014-10-20 14:54 - 2013-10-20 14:46 - 00000000 ____D () C:\Temp2014-10-12 20:46 - 2013-11-11 11:47 - 00000000 ____D () C:\Users\David Angeley\Documents\Circuit Therapeutics2014-10-12 20:38 - 2014-05-05 20:32 - 00000000 ____D () C:\Users\David Angeley\Documents\Elisabeth2014-10-12 20:37 - 2014-06-17 11:54 - 00000000 ____D () C:\Users\David Angeley\Documents\RFI2014-10-12 07:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Web2014-10-11 12:27 - 2013-10-20 14:32 - 00000000 ____D () C:\ProgramData\Dell2014-10-11 09:04 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Public\Libraries2014-10-11 05:59 - 2014-01-25 14:14 - 00000000 ____D () C:\Users\David Angeley\Documents\Laser Safety2014-10-10 22:17 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Resources2014-10-10 21:41 - 2013-11-19 10:07 - 00000000 ____D () C:\ProgramData\Trend Micro2014-10-10 21:41 - 2013-11-11 18:33 - 00000502 __RSH () C:\ProgramData\ntuser.pol2014-10-10 21:40 - 2013-11-19 10:09 - 00000000 ____D () C:\Users\David Angeley\AppData\Local\Trend Micro2014-10-10 15:53 - 2013-11-13 07:38 - 00000072 _____ () C:\Users\Public\LMDebug.log2014-10-10 14:01 - 2014-05-08 12:13 - 00231960 _____ () C:\Windows\RegBootClean64.exe2014-10-10 13:53 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\sysprep2014-10-06 18:52 - 2014-01-24 15:29 - 00000000 ____D () C:\ProgramData\Package Cache2014-10-06 18:48 - 2013-10-20 14:15 - 00060432 _____ () C:\Windows\DPINST.LOG2014-10-06 18:43 - 2014-01-24 15:30 - 00000000 ____D () C:\Program Files\Common Files\Western Digital2014-10-06 18:43 - 2014-01-24 15:29 - 00000000 ____D () C:\Program Files (x86)\Western Digital2014-10-06 18:43 - 2013-12-06 20:14 - 00000000 ____D () C:\ProgramData\Western Digital2014-10-06 18:10 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories2014-10-06 18:07 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions2014-10-06 18:02 - 2013-10-20 14:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-10-06 11:03 - 2014-06-19 13:13 - 00000000 _____ () C:\Windows\DCEBOOT.LOG2014-10-06 09:53 - 2014-06-19 12:20 - 00021528 _____ () C:\Windows\DCEBoot64.exe2014-10-04 13:57 - 2013-11-01 16:23 - 00002212 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk2014-10-04 13:57 - 2013-11-01 16:23 - 00002051 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk2014-10-02 16:59 - 2014-02-16 17:09 - 00000000 ____D () C:\Users\David Angeley\Documents\Dave2014-10-02 15:53 - 2010-11-20 20:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2014-09-30 04:43 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal2014-09-30 04:43 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism2014-09-30 04:43 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism2014-09-30 04:43 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\System2014-09-30 04:14 - 2011-02-10 07:33 - 00775852 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2014-09-29 14:28 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF2014-09-26 09:48 - 2013-11-11 15:03 - 00000000 ____D () C:\Users\David Angeley\AppData\Local\Microsoft Help2014-09-25 15:14 - 2014-01-14 21:49 - 00000000 ____D () C:\Users\David Angeley\dave Some content of TEMP:====================C:\Users\David Angeley\AppData\Local\Temp\HitmanPro.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-16 07:16 ==================== End Of Log ============================
  25. i was running my p2p program and today not malicious website were blocked. so after a while i checked if malwarebyte is running, and it wasn't. so is it possible that i might be infected? and what can i do to get uninfected?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.