Jump to content

please help! very worried


Recommended Posts

hello my norton360 said I had a Trojan from Mozilla or something it quarantined it,so I downloaded malwarebytes just to be sure,it came back clean

then a bit later I get a couple pop ups saying some ips are being blocked from some place in the Netherlands and I am very worried.2013/11/10 00:23:16 -0500 HOMECOMPUTER fredly IP-BLOCK 93.174.93.139 (Type: incoming, Port: 53, Process: svchost.exe)
2013/11/10 02:37:03 -0500 HOMECOMPUTER fredly IP-BLOCK 80.82.64.238 (Type: incoming, Port: 19, Process: svchost.exe)

please help, i am not very computer savvy.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by fredly at 3:30:07 on 2013-11-10
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.5528.3254 [GMT -5:00]
.
AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\dwm.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhostex.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe
C:\Program Files\IDT\WDM\Beats64.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
mRun: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
mRun: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\fredly\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMEST~1.LNK - C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 24.247.24.53 66.189.0.100 24.178.162.3
TCP: Interfaces\{DFA20D67-7D26-4A8F-8FFD-0ECECB2B2676}\341626C65675966496 : DHCPNameServer = 10.240.205.161 10.240.205.162
TCP: Interfaces\{DFA20D67-7D26-4A8F-8FFD-0ECECB2B2676}\45753475966496 : DHCPNameServer = 10.240.205.161 10.240.205.162
TCP: Interfaces\{FE45C2A9-11A9-4D9C-941C-2EA9EEBDA455} : DHCPNameServer = 24.247.24.53 66.189.0.100 24.178.162.3
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-Run: [beatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\fredly\AppData\Roaming\Mozilla\Firefox\Profiles\a6hzfsbu.default\

FF - prefs.js: browser.search.selectedEngine - AOL Search

FF - prefs.js: keyword.URL -
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\windows\System32\Drivers\N360x64\1404000.028\symds64.sys [2013-10-22 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\Drivers\N360x64\1404000.028\symefa64.sys [2013-10-22 1139800]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [2013-11-6 1524824]
R1 ccSet_N360;Norton 360 Settings Manager;C:\windows\System32\Drivers\N360x64\1404000.028\ccsetx64.sys [2013-10-22 169048]
R1 CLVirtualDrive;CLVirtualDrive;C:\windows\System32\Drivers\CLVirtualDrive.sys [2012-9-15 92536]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131108.001\IDSviA64.sys [2013-11-9 521816]
R1 SymIRON;Symantec Iron Driver;C:\windows\System32\Drivers\N360x64\1404000.028\ironx64.sys [2013-10-22 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\Drivers\N360x64\1404000.028\symnets.sys [2013-10-22 433752]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2013-11-9 239616]
R2 Dokan;Dokan;C:\windows\System32\Drivers\dokan.sys [2011-1-10 120408]
R2 DokanMounter;DokanMounter;C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [2011-1-10 14848]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-15 85504]
R2 HPConnectedRemote;HP Connected Remote Service;C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [2012-7-19 35232]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-9 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-9 701512]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccsvchst.exe [2013-10-22 144368]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-10-22 140376]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2012-7-30 110744]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\Drivers\mbam.sys [2013-11-9 25928]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\windows\System32\Drivers\netr28x.sys [2013-4-15 2482960]
R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\Drivers\usbfilter.sys [2012-7-16 57000]
S0 SymELAM;Symantec ELAM Driver;C:\windows\System32\Drivers\N360x64\1404000.028\symelam.sys [2013-10-22 23448]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\windows\System32\WScript.exe "%1" %* [userChoice]
.
=============== Created Last 30 ================
.
2013-11-10 02:06:46 -------- d-----w- C:\Users\fredly\AppData\Roaming\Malwarebytes
2013-11-10 02:06:19 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-10 02:06:18 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-11-10 02:06:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-09 18:46:26 -------- d-----w- C:\ProgramData\Package Cache
2013-11-09 18:43:06 -------- d-----w- C:\windows\System32\SRSLabs
2013-11-09 18:43:06 -------- d-----w- C:\windows\LastGood.Tmp
2013-11-09 18:42:26 83456 ----a-w- C:\windows\System32\SRAPO64.DLL
2013-11-09 18:42:26 693760 ------w- C:\windows\System32\stapi64.dll
2013-11-09 18:42:26 550912 ----a-w- C:\windows\System32\drivers\stwrt64.sys
2013-11-09 18:42:26 315904 ----a-w- C:\windows\System32\SRCOM64.DLL
2013-11-09 18:42:26 287744 ----a-w- C:\windows\SysWow64\SRCOM.dll
2013-11-09 18:42:26 287744 ----a-w- C:\windows\System32\SRCOM.DLL
2013-11-09 18:42:26 256000 ----a-w- C:\windows\System32\st646482.dll
2013-11-09 18:42:26 2199040 ----a-w- C:\windows\System32\stapo64.dll
2013-11-09 18:42:26 206024 ----a-w- C:\windows\System32\AESTAC64.dll
2013-11-09 18:42:26 1401856 ----a-w- C:\windows\System32\SRRPTR64.DLL
2013-11-09 18:42:26 -------- d-----w- C:\Program Files\IDT
2013-11-08 21:14:14 -------- d-----w- C:\Users\fredly\AppData\Local\WarThunder
2013-11-08 21:14:13 -------- d-----w- C:\ProgramData\WarThunder
2013-11-08 21:14:06 -------- d-----w- C:\Program Files (x86)\WarThunder
2013-11-05 04:51:03 342704 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10224.bin
2013-11-02 06:19:53 -------- d-----w- C:\Users\fredly\AppData\Local\Adobe
2013-10-26 17:03:24 -------- d-----w- C:\Users\fredly\AppData\Local\HP Quick Start
2013-10-26 17:00:01 -------- d-----w- C:\Users\fredly\AppData\Roaming\WinBatch
2013-10-23 04:48:13 -------- d-----w- C:\windows\System32\MRT
2013-10-22 23:50:52 78296 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-22 23:50:52 694232 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-10-22 21:59:23 -------- d-----w- C:\Users\fredly\AppData\Local\ElevatedDiagnostics
2013-10-22 21:24:02 6987008 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-10-22 21:24:00 2219520 ----a-w- C:\windows\System32\dwmcore.dll
2013-10-22 21:22:47 60648 ----a-w- C:\Program Files\Windows Defender\MpUXSrv.exe
2013-10-22 21:21:58 652288 ----a-w- C:\windows\System32\comctl32.dll
2013-10-22 21:20:57 2035200 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-10-22 21:19:53 13644288 ----a-w- C:\windows\System32\Windows.UI.Xaml.dll
2013-10-22 21:18:54 4917760 ----a-w- C:\windows\System32\sppsvc.exe
2013-10-22 21:17:54 447320 ----a-w- C:\windows\System32\drivers\USBHUB3.SYS
2013-10-22 21:16:59 3959296 ----a-w- C:\windows\System32\jscript9.dll
2013-10-22 21:15:56 70144 ----a-w- C:\windows\System32\appinfo.dll
2013-10-22 21:15:56 112872 ----a-w- C:\windows\System32\consent.exe
2013-10-22 21:15:30 2382336 ----a-w- C:\windows\SysWow64\esent.dll
2013-10-22 21:15:29 2851840 ----a-w- C:\windows\System32\esent.dll
2013-10-22 21:02:00 796760 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\srtsp64.sys
2013-10-22 21:02:00 493656 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\symds64.sys
2013-10-22 21:02:00 433752 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\symnets.sys
2013-10-22 21:02:00 36952 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\srtspx64.sys
2013-10-22 21:02:00 23448 ----a-r- C:\windows\System32\drivers\N360x64\1404000.028\symelam.sys
2013-10-22 21:02:00 224416 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\ironx64.sys
2013-10-22 21:02:00 169048 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys
2013-10-22 21:02:00 1139800 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\symefa64.sys
2013-10-22 21:01:44 -------- d-----w- C:\windows\System32\drivers\N360x64\1404000.028
.
==================== Find3M  ====================
.
2013-11-09 18:42:12 6101504 ----a-w- C:\windows\System32\stlang64.dll
2013-11-09 18:42:12 41664 ----a-w- C:\windows\System32\Beats64.exe
2013-11-09 18:42:12 224768 ----a-w- C:\windows\System32\HPToneCtrls64.dll
2013-11-09 18:42:12 1897984 ----a-w- C:\windows\System32\IDTNC64.cpl
2013-11-09 18:42:12 1703424 ----a-w- C:\windows\sttray64.exe
2013-10-22 21:02:26 177312 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS
2013-09-22 23:28:06 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-08-23 05:11:57 4040192 ----a-w- C:\windows\System32\win32k.sys
2013-08-16 05:41:13 58200 ----a-w- C:\windows\System32\drivers\dam.sys
2013-08-16 05:39:26 2371728 ----a-w- C:\windows\System32\WSService.dll
2013-08-16 05:32:48 209200 ----a-w- C:\windows\System32\NotificationUI.exe
2013-08-16 05:22:22 40448 ----a-w- C:\windows\System32\wuapp.exe
2013-08-16 05:20:30 105984 ----a-w- C:\windows\System32\WinSetupUI.dll
2013-08-15 22:43:21 35328 ----a-w- C:\windows\SysWow64\wuapp.exe
2013-08-15 22:43:07 84992 ----a-w- C:\windows\SysWow64\wudriver.dll
2013-08-15 22:43:07 126976 ----a-w- C:\windows\SysWow64\wuwebv.dll
2013-08-15 22:43:03 562688 ----a-w- C:\windows\SysWow64\WSShared.dll
2013-08-15 22:43:03 159232 ----a-w- C:\windows\SysWow64\WSSync.dll
2013-08-15 22:43:02 83968 ----a-w- C:\windows\SysWow64\OEMLicense.dll
2013-08-15 22:43:02 167424 ----a-w- C:\windows\SysWow64\WSClient.dll
2013-08-15 22:43:02 143872 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-15 22:43:02 124928 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-15 22:42:52 76800 ----a-w- C:\windows\SysWow64\setupcln.dll
2013-08-15 22:42:47 91648 ----a-w- C:\windows\SysWow64\sppc.dll
.
============= FINISH:  3:30:36.86 ===============

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 12/7/2012 5:02:03 PM
System Uptime: 11/9/2013 1:52:45 PM (14 hours ago)
.
Motherboard: MSI |  | 2AE0
Processor: AMD A8-5500 APU with Radeon HD Graphics     | P0 | 3200/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 911 GiB total, 812.353 GiB free.
D: is FIXED (NTFS) - 19 GiB total, 2.422 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP41: 10/26/2013 12:59:21 PM - HPSF Applying updates
RP42: 11/3/2013 8:42:09 AM - Scheduled Checkpoint
RP43: 11/9/2013 1:41:27 PM - HPSF Applying updates
.
==== Installed Programs ======================
.
4 Elements II
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 12.0
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Wireless Display v3.0
Bejeweled 3
Bonjour
Build-a-lot 4 - Power Source
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Cradle Of Egypt Collector's Edition
Cradle of Rome 2
CyberLink LabelPrint
CyberLink Media Suite 10
CyberLink PhotoDirector
CyberLink Power2Go 8
CyberLink PowerDirector 10
D3DX10
Dead Island
Dokan Library 0.6.0
ExtraPutty 0.22
Farm Frenzy
FATE: The Cursed King
Final Drive Fury
FlatOut 2
GameStop App
GIMP 2.8.2
Google Update Helper
Governor of Poker 2 Premium Edition
Hewlett-Packard ACLM.NET v1.2.0.0
Hoyle Card Games
HP Connected Music (Meridian - installer)
HP Connected Remote
HP Customer Experience Enhancements
HP Games
HP MyRoom
HP Postscript Converter
HP Quick Start
HP Registration Service
HP Support Assistant
HP Support Information
IDT Audio
Jewel Match 3
John Deere Drive Green
Luxor Evolved
Mahjongg Dimensions Deluxe: Tiles in Time
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Application Error Reporting
Microsoft Office
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Mortimer Beckett and the Crimson Thief Premium Edition
Mozilla Firefox 25.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
Mystery P.I. - Curious Case of Counterfeit Cove
Norton 360
Peggle Nights
Penguins!
Polar Bowler
Polar Golfer
Ralink RT5390R 802.11bgn Wi-Fi Adapter
Recovery Manager
Roads of Rome 3
Steam
Stronghold Kingdoms
swMSM
Tales of Lagoona
TeamSpeak 3 Client
Update Installer for WildTangent Games App
Vacation Quest™ - Australia
War Thunder Launcher 1.0.1.278
WildTangent Games
WildTangent Games App
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (64-bit)
World of Tanks
World of Tanks - Common Test
Zuma's Revenge
.
==== End Of File ===========================

 

Link to post
Share on other sites

  • Replies 95
  • Created
  • Last Reply

Top Posters In This Topic

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2013
Ran by fredly (administrator) on HOMECOMPUTER on 10-11-2013 08:02:18
Running from C:\Users\fredly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LNXLU0SU
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(AMD) C:\windows\system32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Firefly Studios) C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.11.4\StrongholdKingdoms.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [beatsOSDApp] - C:\Program Files\IDT\WDM\Beats64.exe [41664 2013-11-09] (Hewlett-Packard )
HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-09] (IDT, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-07] (Hewlett-Packard)
HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\steam.exe [1597864 2013-02-15] (Valve Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc.)
Startup: C:\Users\fredly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameStop Now.lnk
ShortcutTarget: GameStop Now.lnk -> C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe (GameStop Corp.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {8DBB0F05-5FE0-414E-A561-FF366A747882} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {8DBB0F05-5FE0-414E-A561-FF366A747882} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKCU - {8DBB0F05-5FE0-414E-A561-FF366A747882} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=20&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 24.247.24.53 66.189.0.100 24.178.162.3

FireFox:
========
FF ProfilePath: C:\Users\fredly\AppData\Roaming\Mozilla\Firefox\Profiles\a6hzfsbu.default
FF DefaultSearchEngine: AOL Search
FF SelectedSearchEngine: AOL Search

FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF SearchPlugin: C:\Users\fredly\AppData\Roaming\Mozilla\Firefox\Profiles\a6hzfsbu.default\searchplugins\aol-search.xml
FF Extension: AOL Toolbar - C:\Users\fredly\AppData\Roaming\Mozilla\Firefox\Profiles\a6hzfsbu.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
FF Extension: prefs - C:\Users\fredly\AppData\Roaming\Mozilla\Firefox\Profiles\a6hzfsbu.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: Adblock Plus - C:\Users\fredly\AppData\Roaming\Mozilla\Firefox\Profiles\a6hzfsbu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF

==================== Services (Whitelisted) =================

R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-07-19] (Hewlett-Packard)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [1524824 2013-10-22] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R2 Dokan; C:\windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows ® Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-10-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-10-22] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131108.001\IDSvia64.sys [521816 2013-10-28] (Symantec Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131109.006\ENG64.SYS [126040 2013-10-22] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131109.006\EX64.SYS [2099288 2013-10-22] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-10-22] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-10 08:01 - 2013-11-10 08:01 - 00000000 ____D C:\FRST
2013-11-10 03:30 - 2013-11-10 03:30 - 00015616 _____ C:\Users\fredly\Desktop\dds.txt
2013-11-10 03:30 - 2013-11-10 03:30 - 00004761 _____ C:\Users\fredly\Desktop\attach.txt
2013-11-10 03:28 - 2013-11-10 03:28 - 00688992 ____R (Swearware) C:\Users\fredly\Downloads\dds.com
2013-11-09 21:06 - 2013-11-09 21:06 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-09 21:06 - 2013-11-09 21:06 - 00000000 ____D C:\Users\fredly\AppData\Roaming\Malwarebytes
2013-11-09 21:06 - 2013-11-09 21:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-09 21:06 - 2013-11-09 21:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-09 21:06 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-11-09 21:05 - 2013-11-09 21:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\fredly\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-09 20:17 - 2013-11-09 20:17 - 00005230 _____ C:\Users\fredly\AppData\Local\recently-used.xbel
2013-11-09 13:49 - 2013-11-09 13:49 - 00055445 _____ C:\windows\SysWOW64\CCCInstall_201311091349234661.log
2013-11-09 13:49 - 2013-11-09 13:49 - 00000000 ____D C:\ProgramData\ATI
2013-11-09 13:46 - 2013-11-09 13:46 - 00000000 ____D C:\ProgramData\Package Cache
2013-11-09 13:45 - 2013-11-09 13:45 - 28192256 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 25386496 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atio6axx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 23761408 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 21399040 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atioglxx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 15716352 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticaldd64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 14302208 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticaldd.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 12521472 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmdag.sys
2013-11-09 13:45 - 2013-11-09 13:45 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdag.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 03422720 _____ C:\windows\SysWOW64\atiumdva.cap
2013-11-09 13:45 - 2013-11-09 13:45 - 03388672 _____ C:\windows\system32\atiumd6a.cap
2013-11-09 13:45 - 2013-11-09 13:45 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00716208 _____ C:\windows\system32\atiicdxx.dat
2013-11-09 13:45 - 2013-11-09 13:45 - 00617472 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmpag.sys
2013-11-09 13:45 - 2013-11-09 13:45 - 00595456 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00571904 _____ (AMD) C:\windows\system32\atieclxx.exe
2013-11-09 13:45 - 2013-11-09 13:45 - 00544432 _____ C:\windows\SysWOW64\atiapfxx.blb
2013-11-09 13:45 - 2013-11-09 13:45 - 00544432 _____ C:\windows\system32\atiapfxx.blb
2013-11-09 13:45 - 2013-11-09 13:45 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiapfxx.exe
2013-11-09 13:45 - 2013-11-09 13:45 - 00239616 _____ (AMD) C:\windows\system32\atiesrxx.exe
2013-11-09 13:45 - 2013-11-09 13:45 - 00233396 _____ C:\windows\system32\ativvaxy_cik.dat
2013-11-09 13:45 - 2013-11-09 13:45 - 00231984 _____ C:\windows\system32\ativvaxy_cik_nd.dat
2013-11-09 13:45 - 2013-11-09 13:45 - 00229376 _____ C:\windows\system32\clinfo.exe
2013-11-09 13:45 - 2013-11-09 13:45 - 00190976 _____ (AMD) C:\windows\system32\atitmm64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00156712 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdhcp64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00141256 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdhcp32.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00127488 _____ (AMD) C:\windows\system32\coinst_13.151.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00098816 _____ (Advanced Micro Devices Inc.) C:\windows\system32\OpenVideo64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdave64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00090624 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdave32.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atisamu64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00086528 _____ (Advanced Micro Devices Inc.) C:\windows\system32\OVDecode64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00083456 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\OpenVideo.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00081920 _____ C:\windows\system32\ativce02.dat
2013-11-09 13:45 - 2013-11-09 13:45 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atisamu32.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6pxx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00073216 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\OVDecode.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiglpxx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiglpxx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00063488 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00062464 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalrt64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00057344 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00055808 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalcl64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00052224 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalrt.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00049152 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalcl.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00047164 _____ C:\windows\atiogl.xml
2013-11-09 13:45 - 2013-11-09 13:45 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\ati2erec.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00026112 _____ (AMD) C:\windows\system32\atimuixx.dll
2013-11-09 13:43 - 2013-11-09 13:47 - 00000000 ____D C:\windows\LastGood.Tmp
2013-11-09 13:43 - 2013-11-09 13:43 - 00000000 ____D C:\windows\system32\SRSLabs
2013-11-09 13:42 - 2013-11-09 13:43 - 00000000 ____D C:\Program Files\IDT
2013-11-09 13:42 - 2013-11-09 13:42 - 02199040 _____ (IDT, Inc.) C:\windows\system32\stapo64.dll
2013-11-09 13:42 - 2013-11-09 13:42 - 01401856 _____ (Synopsys, Inc.) C:\windows\system32\SRRPTR64.DLL
2013-11-09 13:42 - 2013-11-09 13:42 - 00693760 ____N (IDT, Inc.) C:\windows\system32\stapi64.dll
2013-11-09 13:42 - 2013-11-09 13:42 - 00550912 _____ (IDT, Inc.) C:\windows\system32\Drivers\stwrt64.sys
2013-11-09 13:42 - 2013-11-09 13:42 - 00315904 _____ (Synopsys, Inc.) C:\windows\system32\SRCOM64.DLL
2013-11-09 13:42 - 2013-11-09 13:42 - 00287744 _____ (Synopsys, Inc.) C:\windows\SysWOW64\SRCOM.dll
2013-11-09 13:42 - 2013-11-09 13:42 - 00287744 _____ (Synopsys, Inc.) C:\windows\system32\SRCOM.DLL
2013-11-09 13:42 - 2013-11-09 13:42 - 00256000 _____ (IDT, Inc.) C:\windows\system32\st646482.dll
2013-11-09 13:42 - 2013-11-09 13:42 - 00206024 _____ (Andrea Electronics Corporation) C:\windows\system32\AESTAC64.dll
2013-11-09 13:42 - 2013-11-09 13:42 - 00083456 _____ (Synopsys, Inc.) C:\windows\system32\SRAPO64.DLL
2013-11-08 16:14 - 2013-11-08 16:46 - 00000000 ____D C:\ProgramData\WarThunder
2013-11-08 16:14 - 2013-11-08 16:46 - 00000000 ____D C:\Program Files (x86)\WarThunder
2013-11-08 16:14 - 2013-11-08 16:14 - 00000000 ____D C:\Users\fredly\Documents\My Games
2013-11-08 16:14 - 2013-11-08 16:14 - 00000000 ____D C:\Users\fredly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2013-11-08 16:14 - 2013-11-08 16:14 - 00000000 ____D C:\Users\fredly\AppData\Local\WarThunder
2013-11-08 16:13 - 2013-11-08 16:13 - 04208536 _____ (2013 Gaijin Entertainment Corporation                       ) C:\Users\fredly\Downloads\wt_launcher_1.0.1.278.exe
2013-11-05 15:03 - 2013-11-05 15:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-05 14:22 - 2013-11-05 14:22 - 00002144 _____ C:\{E0FA67CD-2594-43BF-9BF3-161C909F6951}
2013-11-02 01:20 - 2013-11-02 01:20 - 00000000 ____D C:\ProgramData\McAfee
2013-11-02 01:19 - 2013-11-02 01:20 - 00000000 ____D C:\Users\fredly\AppData\Local\Adobe
2013-10-26 12:03 - 2013-10-26 12:03 - 00000000 ____D C:\Users\fredly\AppData\Local\HP Quick Start
2013-10-26 12:00 - 2013-10-26 12:00 - 00001101 _____ C:\Users\Public\Desktop\HP Quick Start.lnk
2013-10-26 12:00 - 2013-10-26 12:00 - 00000000 ____D C:\Users\fredly\AppData\Roaming\WinBatch
2013-10-26 09:57 - 2013-11-09 13:53 - 00000362 _____ C:\windows\Tasks\HPCeeScheduleForfredly.job
2013-10-26 09:57 - 2013-11-09 08:25 - 00003178 _____ C:\windows\System32\Tasks\HPCeeScheduleForfredly
2013-10-22 23:48 - 2013-10-22 23:49 - 00000000 ____D C:\windows\system32\MRT
2013-10-22 18:51 - 2013-10-22 18:52 - 00291288 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-22 18:50 - 2013-10-01 20:38 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-22 18:50 - 2013-10-01 20:38 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-22 16:47 - 2013-10-22 16:47 - 00000000 ____D C:\windows\System32\Tasks\Norton 360
2013-10-22 16:24 - 2013-06-01 06:26 - 06987008 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-10-22 16:24 - 2013-06-01 04:20 - 02219520 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2013-10-22 16:23 - 2013-06-16 17:41 - 00997632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2013-10-22 16:23 - 2013-06-01 06:34 - 02391280 _____ (Microsoft Corporation) C:\windows\explorer.exe
2013-10-22 16:23 - 2013-06-01 06:26 - 00327936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2013-10-22 16:23 - 2013-06-01 05:24 - 02106176 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2013-10-22 16:23 - 2013-06-01 04:25 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2013-10-22 16:23 - 2013-06-01 04:25 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2013-10-22 16:23 - 2013-06-01 04:24 - 01453568 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2013-10-22 16:23 - 2013-06-01 04:24 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2013-10-22 16:23 - 2013-06-01 04:24 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2013-10-22 16:23 - 2013-06-01 04:23 - 01842176 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2013-10-22 16:23 - 2013-06-01 04:23 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2013-10-22 16:23 - 2013-06-01 04:22 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2013-10-22 16:23 - 2013-06-01 04:22 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
2013-10-22 16:23 - 2013-06-01 04:22 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\MbaeParserTask.exe
2013-10-22 16:23 - 2013-06-01 04:21 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2013-10-22 16:23 - 2013-06-01 04:21 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2013-10-22 16:23 - 2013-06-01 04:20 - 01527808 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2013-10-22 16:23 - 2013-06-01 04:20 - 01048576 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2013-10-22 16:23 - 2013-06-01 04:20 - 00583168 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2013-10-22 16:23 - 2013-06-01 04:19 - 00785408 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2013-10-22 16:23 - 2013-06-01 04:19 - 00207872 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupManager.dll
2013-10-22 16:23 - 2013-05-31 22:08 - 00037632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthAvrcpTg.sys
2013-10-22 16:23 - 2013-05-24 17:09 - 01403296 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2013-10-22 16:23 - 2013-05-24 17:09 - 01271584 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2013-10-22 16:23 - 2013-05-24 17:09 - 01217352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2013-10-22 16:23 - 2013-05-24 17:09 - 01093904 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2013-10-22 16:22 - 2013-07-01 19:44 - 00036288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2013-10-22 16:22 - 2013-07-01 17:08 - 00247216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2013-10-22 16:21 - 2013-07-05 19:15 - 00652288 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-10-22 16:21 - 2013-07-03 21:13 - 00541696 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2013-10-22 16:21 - 2013-04-09 00:33 - 00489576 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2013-10-22 16:21 - 2013-04-09 00:33 - 00446792 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2013-10-22 16:21 - 2013-04-09 00:33 - 00253544 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2013-10-22 16:21 - 2013-04-09 00:20 - 00306952 _____ (Microsoft Corporation) C:\windows\system32\kd_02_10ec.dll
2013-10-22 16:21 - 2013-04-09 00:20 - 00086280 _____ (Microsoft Corporation) C:\windows\system32\kdnet.dll
2013-10-22 16:21 - 2013-04-09 00:18 - 00077960 _____ (Microsoft Corporation) C:\windows\system32\kdvm.dll
2013-10-22 16:21 - 2013-04-09 00:17 - 01829408 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-10-22 16:21 - 2013-04-08 23:52 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2013-10-22 16:21 - 2013-04-08 23:52 - 00804352 _____ (Microsoft Corporation) C:\windows\system32\RecoveryDrive.exe
2013-10-22 16:21 - 2013-04-08 23:52 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2013-10-22 16:21 - 2013-04-08 23:52 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2013-10-22 16:21 - 2013-04-08 23:52 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2013-10-22 16:21 - 2013-04-08 23:51 - 14267904 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2013-10-22 16:21 - 2013-04-08 23:51 - 03552768 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2013-10-22 16:21 - 2013-04-08 23:51 - 00595456 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2013-10-22 16:21 - 2013-04-08 23:51 - 00456704 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2013-10-22 16:21 - 2013-04-08 23:51 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2013-10-22 16:21 - 2013-04-08 23:51 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2013-10-22 16:21 - 2013-04-08 23:50 - 02107904 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2013-10-22 16:21 - 2013-04-08 23:50 - 01285632 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2013-10-22 16:21 - 2013-04-08 23:50 - 00745984 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2013-10-22 16:21 - 2013-04-08 23:50 - 00435200 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2013-10-22 16:21 - 2013-04-08 23:50 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-10-22 16:21 - 2013-04-08 23:50 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\GenuineCenter.dll
2013-10-22 16:21 - 2013-04-08 23:50 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2013-10-22 16:21 - 2013-04-08 23:50 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2013-10-22 16:21 - 2013-04-08 23:50 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
2013-10-22 16:21 - 2013-04-08 23:49 - 01444864 _____ (Microsoft Corporation) C:\windows\system32\MSAudDecMFT.dll
2013-10-22 16:21 - 2013-04-08 23:49 - 00817152 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2013-10-22 16:21 - 2013-04-08 23:49 - 00468992 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2013-10-22 16:21 - 2013-04-08 23:49 - 00281088 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2013-10-22 16:21 - 2013-04-08 23:49 - 00231936 _____ (Microsoft Corporation) C:\windows\system32\fhengine.dll
2013-10-22 16:21 - 2013-04-08 23:49 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\iuilp.dll
2013-10-22 16:21 - 2013-04-08 23:49 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\dmvdsitf.dll
2013-10-22 16:21 - 2013-04-08 23:49 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\dwmredir.dll
2013-10-22 16:21 - 2013-04-08 23:49 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\fmifs.dll
2013-10-22 16:21 - 2013-04-08 23:48 - 00169472 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2013-10-22 16:21 - 2013-04-08 21:34 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidbth.sys
2013-10-22 16:21 - 2013-04-08 21:33 - 00623104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2013-10-22 16:21 - 2013-04-08 21:33 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys
2013-10-22 16:21 - 2013-04-08 21:32 - 00805376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2013-10-22 16:21 - 2013-04-08 21:31 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2013-10-22 16:21 - 2013-04-08 21:31 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
2013-10-22 16:21 - 2013-04-08 18:44 - 00123880 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2013-10-22 16:21 - 2013-04-08 18:39 - 01408896 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-10-22 16:21 - 2013-04-08 18:37 - 00426024 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2013-10-22 16:21 - 2013-04-08 18:37 - 00324368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2013-10-22 16:21 - 2013-04-08 16:52 - 11878912 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2013-10-22 16:21 - 2013-04-08 16:52 - 00670208 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2013-10-22 16:21 - 2013-04-08 16:52 - 00302592 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2013-10-22 16:21 - 2013-04-08 16:52 - 00171008 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2013-10-22 16:21 - 2013-04-08 16:52 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2013-10-22 16:21 - 2013-04-08 16:51 - 02767360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 01593344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 01113600 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSAudDecMFT.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 00659456 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 00403968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 00214528 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 00155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmvdsitf.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\fmifs.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2013-10-22 16:21 - 2013-04-08 16:51 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll
2013-10-22 16:21 - 2013-04-04 18:30 - 00503080 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2013-10-22 16:21 - 2013-03-15 17:05 - 00298456 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2013-10-22 16:21 - 2013-03-15 17:05 - 00252928 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2013-10-22 16:21 - 2012-12-12 23:00 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2013-10-22 16:21 - 2012-12-12 22:59 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2013-10-22 16:20 - 2013-08-10 00:21 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2013-10-22 16:20 - 2013-08-10 00:21 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncInfo.dll
2013-10-22 16:20 - 2013-08-09 22:58 - 00356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2013-10-22 16:20 - 2013-08-02 01:28 - 19758080 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2013-10-22 16:20 - 2013-08-02 01:28 - 10116608 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2013-10-22 16:20 - 2013-08-02 01:28 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2013-10-22 16:20 - 2013-08-02 01:26 - 02304512 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-10-22 16:20 - 2013-08-02 00:08 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2013-10-22 16:20 - 2013-08-02 00:08 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2013-10-22 16:20 - 2013-08-02 00:08 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2013-10-22 16:20 - 2013-08-02 00:06 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-10-22 16:20 - 2013-08-01 05:41 - 02233688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-10-22 16:20 - 2013-07-30 18:30 - 00386923 _____ C:\windows\system32\ApnDatabase.xml
2013-10-22 16:20 - 2013-07-24 18:10 - 00158208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2013-10-22 16:20 - 2013-07-24 18:06 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2013-10-22 16:20 - 2013-04-15 21:34 - 01455368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2013-10-22 16:20 - 2013-04-09 18:17 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2013-10-22 16:20 - 2013-04-09 17:29 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2013-10-22 16:19 - 2013-08-03 01:40 - 01374208 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2013-10-22 16:19 - 2013-08-03 01:40 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2013-10-22 16:19 - 2013-08-03 01:40 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx
2013-10-22 16:19 - 2013-08-03 00:14 - 00399360 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2013-10-22 16:19 - 2013-08-03 00:13 - 01245696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2013-10-22 16:19 - 2013-08-03 00:13 - 00437248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2013-10-22 16:19 - 2013-05-30 18:24 - 01257472 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2013-10-22 16:19 - 2013-05-30 18:08 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2013-10-22 16:19 - 2013-05-14 21:25 - 00888320 _____ (Microsoft Corporation) C:\windows\system32\autochk.exe
2013-10-22 16:19 - 2013-05-14 21:25 - 00542208 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2013-10-22 16:19 - 2013-05-14 21:24 - 00793088 _____ (Microsoft Corporation) C:\windows\SysWOW64\autochk.exe
2013-10-22 16:19 - 2013-05-14 21:24 - 00482816 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2013-10-22 16:19 - 2013-05-04 02:58 - 00120736 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2013-10-22 16:19 - 2013-05-04 02:34 - 00284416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2013-10-22 16:19 - 2013-05-04 01:59 - 13644288 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2013-10-22 16:19 - 2013-05-04 01:59 - 01483776 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2013-10-22 16:19 - 2013-05-04 01:59 - 00812544 _____ (Microsoft Corporation) C:\windows\system32\Magnify.exe
2013-10-22 16:19 - 2013-05-04 01:58 - 01332736 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2013-10-22 16:19 - 2013-05-04 01:58 - 00470528 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2013-10-22 16:19 - 2013-05-04 01:58 - 00330240 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2013-10-22 16:19 - 2013-05-04 01:58 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2013-10-22 16:19 - 2013-05-04 01:58 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\netplwiz.dll
2013-10-22 16:19 - 2013-05-04 01:58 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2013-10-22 16:19 - 2013-05-04 01:58 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\psmsrv.dll
2013-10-22 16:19 - 2013-05-04 01:57 - 01131520 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2013-10-22 16:19 - 2013-05-04 01:57 - 00708096 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2013-10-22 16:19 - 2013-05-04 01:57 - 00560640 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2013-10-22 16:19 - 2013-05-04 01:57 - 00501760 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll
2013-10-22 16:19 - 2013-05-04 01:57 - 00389120 _____ (Microsoft Corporation) C:\windows\system32\BCP47Langs.dll
2013-10-22 16:19 - 2013-05-04 01:57 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2013-10-22 16:19 - 2013-05-04 01:57 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\biwinrt.dll
2013-10-22 16:19 - 2013-05-04 01:57 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\muifontsetup.dll
2013-10-22 16:19 - 2013-05-04 01:56 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\intl.cpl
2013-10-22 16:19 - 2013-05-03 23:58 - 00758784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Magnify.exe
2013-10-22 16:19 - 2013-05-03 23:57 - 10788864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2013-10-22 16:19 - 2013-05-03 23:57 - 00303616 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2013-10-22 16:19 - 2013-05-03 23:57 - 00247296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2013-10-22 16:19 - 2013-05-03 23:57 - 00151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\netplwiz.dll
2013-10-22 16:19 - 2013-05-03 23:57 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\netprofm.dll
2013-10-22 16:19 - 2013-05-03 23:57 - 00018432 _____ (Microsoft Corporation) C:\windows\SysWOW64\npmproxy.dll
2013-10-22 16:19 - 2013-05-03 23:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\muifontsetup.dll
2013-10-22 16:19 - 2013-05-03 23:56 - 00449536 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll
2013-10-22 16:19 - 2013-05-03 23:56 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2013-10-22 16:19 - 2013-05-03 23:56 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\BCP47Langs.dll
2013-10-22 16:19 - 2013-05-03 23:56 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\biwinrt.dll
2013-10-22 16:19 - 2013-05-03 23:55 - 00389632 _____ (Microsoft Corporation) C:\windows\SysWOW64\intl.cpl
2013-10-22 16:19 - 2013-05-03 23:51 - 00014848 _____ (Microsoft) C:\windows\system32\rars.rs
2013-10-22 16:19 - 2013-05-03 23:47 - 00427520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2013-10-22 16:19 - 2013-05-03 23:10 - 00014848 _____ (Microsoft) C:\windows\SysWOW64\rars.rs
2013-10-22 16:18 - 2013-08-16 00:41 - 00058200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2013-10-22 16:18 - 2013-08-16 00:39 - 02371728 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2013-10-22 16:18 - 2013-08-16 00:39 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-10-22 16:18 - 2013-08-16 00:32 - 00209200 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2013-10-22 16:18 - 2013-08-16 00:22 - 04917760 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2013-10-22 16:18 - 2013-08-16 00:22 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-10-22 16:18 - 2013-08-16 00:21 - 03275776 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 01621504 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 01164288 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\WSSync.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00174592 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2013-10-22 16:18 - 2013-08-16 00:21 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2013-10-22 16:18 - 2013-08-16 00:20 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2013-10-22 16:18 - 2013-08-15 17:43 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-10-22 16:18 - 2013-08-15 17:43 - 00562688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2013-10-22 16:18 - 2013-08-15 17:43 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2013-10-22 16:18 - 2013-08-15 17:43 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSSync.dll
2013-10-22 16:18 - 2013-08-15 17:43 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-10-22 16:18 - 2013-08-15 17:43 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-10-22 16:18 - 2013-08-15 17:43 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-22 16:18 - 2013-08-15 17:43 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-10-22 16:18 - 2013-08-15 17:43 - 00083968 _____ C:\windows\SysWOW64\OEMLicense.dll
2013-10-22 16:18 - 2013-08-15 17:43 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-10-22 16:18 - 2013-08-15 17:43 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2013-10-22 16:18 - 2013-08-15 17:42 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2013-10-22 16:18 - 2013-08-15 17:42 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2013-10-22 16:17 - 2013-09-22 18:27 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-10-22 16:17 - 2013-09-22 17:54 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-10-22 16:17 - 2013-09-22 17:54 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-10-22 16:17 - 2013-08-23 00:11 - 04040192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-10-22 16:17 - 2013-08-07 00:15 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2013-10-22 16:17 - 2013-07-19 17:13 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-22 16:17 - 2013-07-19 17:13 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-22 16:17 - 2013-07-05 17:02 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-10-22 16:17 - 2013-07-01 20:41 - 00447320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2013-10-22 16:17 - 2013-07-01 20:41 - 00337752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2013-10-22 16:17 - 2013-07-01 20:41 - 00213336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2013-10-22 16:17 - 2013-07-01 17:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2013-10-22 16:17 - 2013-06-30 20:42 - 00623448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-10-22 16:17 - 2013-06-30 20:42 - 00498008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-10-22 16:17 - 2013-06-30 20:42 - 00079192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-10-22 16:17 - 2013-06-30 20:42 - 00021848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-10-22 16:17 - 2013-06-28 22:08 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-10-22 16:17 - 2013-06-28 22:07 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-10-22 16:17 - 2013-06-28 22:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-10-22 16:17 - 2013-06-28 22:06 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-10-22 16:17 - 2013-06-22 00:45 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-10-22 16:17 - 2013-06-22 00:45 - 00054488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2013-10-22 16:17 - 2013-06-01 04:25 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-10-22 16:17 - 2013-06-01 04:21 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-10-22 16:17 - 2013-05-23 18:02 - 01314816 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2013-10-22 16:17 - 2013-05-23 17:25 - 00694272 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2013-10-22 16:17 - 2013-05-04 01:59 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-10-22 16:17 - 2013-05-03 23:57 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-10-22 16:17 - 2013-05-03 23:48 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2013-10-22 16:17 - 2013-04-23 18:13 - 01013248 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2013-10-22 16:17 - 2013-04-23 18:12 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2013-10-22 16:17 - 2013-04-23 17:56 - 01255936 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2013-10-22 16:17 - 2013-04-23 17:55 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2013-10-22 16:17 - 2013-04-11 17:30 - 01421312 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-10-22 16:17 - 2013-04-11 17:22 - 01838080 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-10-22 16:16 - 2013-09-22 18:28 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-10-22 16:16 - 2013-09-22 18:28 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-10-22 16:16 - 2013-09-22 18:27 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-10-22 16:16 - 2013-09-22 18:27 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-10-22 16:16 - 2013-09-22 18:27 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-10-22 16:16 - 2013-09-22 18:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-10-22 16:16 - 2013-09-22 18:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-10-22 16:16 - 2013-09-22 17:55 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-10-22 16:16 - 2013-09-22 17:55 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-10-22 16:16 - 2013-09-22 17:55 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-10-22 16:16 - 2013-09-22 17:54 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-10-22 16:16 - 2013-09-22 17:54 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-10-22 16:16 - 2013-09-22 17:54 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-10-22 16:16 - 2013-09-22 17:54 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-10-22 16:16 - 2013-07-13 01:18 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2013-10-22 16:16 - 2013-07-13 01:16 - 01889280 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-10-22 16:16 - 2013-07-13 01:16 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2013-10-22 16:16 - 2013-07-13 01:15 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\apprepapi.dll
2013-10-22 16:16 - 2013-07-13 01:15 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\apprepsync.dll
2013-10-22 16:16 - 2013-07-12 23:24 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2013-10-22 16:16 - 2013-07-12 23:23 - 01568256 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-10-22 16:16 - 2013-07-12 23:23 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepapi.dll
2013-10-22 16:16 - 2013-07-12 23:23 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepsync.dll
2013-10-22 16:16 - 2013-07-09 03:04 - 00120144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2013-10-22 16:16 - 2013-07-09 01:18 - 00439488 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2013-10-22 16:16 - 2013-07-08 23:25 - 00385768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2013-10-22 16:16 - 2013-07-08 22:57 - 00245760 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2013-10-22 16:16 - 2013-07-08 17:46 - 00543744 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2013-10-22 16:16 - 2013-07-08 17:46 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2013-10-22 16:16 - 2013-07-08 17:46 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Wwanadvui.dll
2013-10-22 16:16 - 2013-07-08 17:45 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2013-10-22 16:16 - 2013-07-05 19:16 - 01025024 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2013-10-22 16:16 - 2013-07-02 19:23 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2013-10-22 16:16 - 2013-07-02 19:23 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-10-22 16:16 - 2013-07-02 19:22 - 02839552 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2013-10-22 16:16 - 2013-07-02 19:22 - 01300480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-10-22 16:16 - 2013-07-02 19:11 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2013-10-22 16:16 - 2013-07-02 19:11 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-10-22 16:16 - 2013-07-02 19:10 - 02273792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2013-10-22 16:16 - 2013-06-30 17:30 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\openfiles.exe
2013-10-22 16:16 - 2013-06-30 17:29 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\openfiles.exe
2013-10-22 16:16 - 2013-06-29 01:15 - 00195416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2013-10-22 16:16 - 2013-06-29 01:15 - 00125784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2013-10-22 16:16 - 2013-06-29 00:43 - 00327512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2013-10-22 16:16 - 2013-06-28 20:12 - 01022464 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-10-22 16:16 - 2013-06-25 22:01 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2013-10-22 16:16 - 2013-06-25 21:59 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2013-10-22 16:16 - 2013-06-24 17:54 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-10-22 16:16 - 2013-06-24 17:54 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2013-10-22 16:16 - 2013-06-24 17:54 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2013-10-22 16:16 - 2013-06-19 00:36 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll
2013-10-22 16:16 - 2013-06-19 00:36 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll
2013-10-22 16:16 - 2013-06-18 17:38 - 00160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll
2013-10-22 16:16 - 2013-06-18 17:38 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2013-10-22 16:16 - 2013-06-11 18:43 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2013-10-22 16:16 - 2013-06-11 18:26 - 00230912 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2013-10-22 16:16 - 2013-06-10 16:17 - 00096512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2013-10-22 16:16 - 2013-06-10 14:16 - 00888832 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-10-22 16:16 - 2013-06-10 14:15 - 01156096 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-10-22 16:16 - 2013-06-10 14:15 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2013-10-22 16:16 - 2013-06-10 14:15 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-10-22 16:16 - 2013-06-10 14:10 - 00702464 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-10-22 16:16 - 2013-06-10 14:10 - 00245248 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-10-22 16:16 - 2013-06-06 03:03 - 00119040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2013-10-22 16:16 - 2013-05-26 18:17 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2013-10-22 16:16 - 2013-05-26 17:59 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-10-22 16:16 - 2013-05-24 22:15 - 00362496 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-10-22 16:16 - 2013-05-24 21:32 - 00300032 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2013-10-22 16:16 - 2013-05-15 17:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2013-10-22 16:16 - 2013-05-15 17:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2013-10-22 16:16 - 2013-05-14 08:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-10-22 16:16 - 2013-05-14 04:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-10-22 16:16 - 2013-04-28 17:28 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-10-22 16:16 - 2013-04-27 00:20 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2013-10-22 16:16 - 2013-04-02 18:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2013-10-22 16:16 - 2013-04-02 18:12 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2013-10-22 16:16 - 2013-03-14 19:17 - 00861184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2013-10-22 16:15 - 2013-03-21 22:49 - 02382336 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2013-10-22 16:15 - 2013-03-21 17:47 - 02851840 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2013-10-22 16:15 - 2013-03-06 02:10 - 00112872 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2013-10-22 16:15 - 2013-03-06 01:29 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll

==================== One Month Modified Files and Folders =======

2013-11-10 08:02 - 2012-07-26 03:12 - 00000000 ____D C:\windows\system32\sru
2013-11-10 08:01 - 2013-11-10 08:01 - 00000000 ____D C:\FRST
2013-11-10 07:56 - 2012-12-07 19:22 - 00000000 ____D C:\Users\fredly\AppData\Roaming\TS3Client
2013-11-10 07:29 - 2012-12-07 19:00 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-11-10 07:10 - 2013-03-20 01:54 - 00000924 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-10 04:18 - 2012-07-26 02:28 - 00876558 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-10 04:14 - 2013-03-20 01:54 - 00000920 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-10 04:14 - 2012-07-26 02:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-10 03:30 - 2013-11-10 03:30 - 00015616 _____ C:\Users\fredly\Desktop\dds.txt
2013-11-10 03:30 - 2013-11-10 03:30 - 00004761 _____ C:\Users\fredly\Desktop\attach.txt
2013-11-10 03:28 - 2013-11-10 03:28 - 00688992 ____R (Swearware) C:\Users\fredly\Downloads\dds.com
2013-11-09 21:06 - 2013-11-09 21:06 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-09 21:06 - 2013-11-09 21:06 - 00000000 ____D C:\Users\fredly\AppData\Roaming\Malwarebytes
2013-11-09 21:06 - 2013-11-09 21:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-09 21:06 - 2013-11-09 21:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-09 21:05 - 2013-11-09 21:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\fredly\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-09 20:35 - 2012-12-07 22:34 - 00000000 ____D C:\Users\fredly\.gimp-2.8
2013-11-09 20:17 - 2013-11-09 20:17 - 00005230 _____ C:\Users\fredly\AppData\Local\recently-used.xbel
2013-11-09 20:17 - 2012-12-07 22:27 - 01530368 ___SH C:\Users\fredly\Downloads\Thumbs.db
2013-11-09 16:02 - 2012-12-07 17:02 - 01480413 _____ C:\windows\WindowsUpdate.log
2013-11-09 15:11 - 2012-12-07 17:10 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2944871792-1132821875-1833353257-1001
2013-11-09 13:56 - 2012-12-22 08:49 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2013-11-09 13:55 - 2012-09-15 02:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-11-09 13:55 - 2012-07-26 00:26 - 00262144 ___SH C:\windows\system32\config\ELAM
2013-11-09 13:53 - 2013-10-26 09:57 - 00000362 _____ C:\windows\Tasks\HPCeeScheduleForfredly.job
2013-11-09 13:53 - 2013-01-19 08:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-09 13:53 - 2012-08-01 21:02 - 00773584 _____ C:\windows\PFRO.log
2013-11-09 13:52 - 2012-07-26 00:26 - 00262144 ___SH C:\windows\system32\config\BBI
2013-11-09 13:49 - 2013-11-09 13:49 - 00055445 _____ C:\windows\SysWOW64\CCCInstall_201311091349234661.log
2013-11-09 13:49 - 2013-11-09 13:49 - 00000000 ____D C:\ProgramData\ATI
2013-11-09 13:49 - 2012-09-15 02:46 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-11-09 13:48 - 2013-05-02 15:19 - 00000000 ____D C:\ProgramData\AMD
2013-11-09 13:48 - 2013-05-02 15:16 - 00000000 ____D C:\Program Files\ATI Technologies
2013-11-09 13:48 - 2013-03-04 15:59 - 00000000 ____D C:\Users\fredly\AppData\Local\CrashDumps
2013-11-09 13:47 - 2013-11-09 13:43 - 00000000 ____D C:\windows\LastGood.Tmp
2013-11-09 13:46 - 2013-11-09 13:46 - 00000000 ____D C:\ProgramData\Package Cache
2013-11-09 13:45 - 2013-11-09 13:45 - 28192256 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 25386496 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atio6axx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 23761408 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 21399040 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atioglxx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 15716352 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticaldd64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 14302208 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticaldd.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 12521472 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmdag.sys
2013-11-09 13:45 - 2013-11-09 13:45 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdag.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 03422720 _____ C:\windows\SysWOW64\atiumdva.cap
2013-11-09 13:45 - 2013-11-09 13:45 - 03388672 _____ C:\windows\system32\atiumd6a.cap
2013-11-09 13:45 - 2013-11-09 13:45 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00716208 _____ C:\windows\system32\atiicdxx.dat
2013-11-09 13:45 - 2013-11-09 13:45 - 00617472 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmpag.sys
2013-11-09 13:45 - 2013-11-09 13:45 - 00595456 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00571904 _____ (AMD) C:\windows\system32\atieclxx.exe
2013-11-09 13:45 - 2013-11-09 13:45 - 00544432 _____ C:\windows\SysWOW64\atiapfxx.blb
2013-11-09 13:45 - 2013-11-09 13:45 - 00544432 _____ C:\windows\system32\atiapfxx.blb
2013-11-09 13:45 - 2013-11-09 13:45 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiapfxx.exe
2013-11-09 13:45 - 2013-11-09 13:45 - 00239616 _____ (AMD) C:\windows\system32\atiesrxx.exe
2013-11-09 13:45 - 2013-11-09 13:45 - 00233396 _____ C:\windows\system32\ativvaxy_cik.dat
2013-11-09 13:45 - 2013-11-09 13:45 - 00231984 _____ C:\windows\system32\ativvaxy_cik_nd.dat
2013-11-09 13:45 - 2013-11-09 13:45 - 00229376 _____ C:\windows\system32\clinfo.exe
2013-11-09 13:45 - 2013-11-09 13:45 - 00190976 _____ (AMD) C:\windows\system32\atitmm64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00156712 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdhcp64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00141256 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdhcp32.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00127488 _____ (AMD) C:\windows\system32\coinst_13.151.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00098816 _____ (Advanced Micro Devices Inc.) C:\windows\system32\OpenVideo64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdave64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00090624 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdave32.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atisamu64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00086528 _____ (Advanced Micro Devices Inc.) C:\windows\system32\OVDecode64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00083456 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\OpenVideo.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00081920 _____ C:\windows\system32\ativce02.dat
2013-11-09 13:45 - 2013-11-09 13:45 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atisamu32.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6pxx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00073216 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\OVDecode.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiglpxx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiglpxx.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00063488 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00062464 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalrt64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00057344 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00055808 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalcl64.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00052224 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalrt.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00049152 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalcl.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00047164 _____ C:\windows\atiogl.xml
2013-11-09 13:45 - 2013-11-09 13:45 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\ati2erec.dll
2013-11-09 13:45 - 2013-11-09 13:45 - 00026112 _____ (AMD) C:\windows\system32\atimuixx.dll
2013-11-09 13:45 - 2013-03-28 21:37 - 00114488 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiu9p64.dll
2013-11-09 13:45 - 2013-03-28 21:36 - 07257008 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd64.dll
2013-11-09 13:45 - 2013-03-28 21:36 - 06765704 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd6a.dll
2013-11-09 13:45 - 2013-03-24 07:12 - 07673640 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atidxx32.dll
2013-11-09 13:45 - 2013-03-24 07:12 - 06174472 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdva.dll
2013-11-09 13:45 - 2013-03-24 07:12 - 01027544 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\aticfx32.dll
2013-11-09 13:45 - 2013-03-24 07:12 - 00142792 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiuxp64.dll
2013-11-09 13:45 - 2013-03-24 07:12 - 00125824 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiuxpag.dll
2013-11-09 13:45 - 2013-03-24 07:12 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiu9pag.dll
2013-11-09 13:45 - 2012-08-01 22:15 - 00000000 ____D C:\SWSETUP
2013-11-09 13:45 - 2012-07-25 05:25 - 08819560 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atidxx64.dll
2013-11-09 13:45 - 2012-07-25 05:24 - 01233616 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\aticfx64.dll
2013-11-09 13:43 - 2013-11-09 13:43 - 00000000 ____D C:\windows\system32\SRSLabs
2013-11-09 13:43 - 2013-11-09 13:42 - 00000000 ____D C:\Program Files\IDT
2013-11-09 13:43 - 2012-09-15 02:40 - 00000000 ____D C:\ProgramData\SoundResearch
2013-11-09 13:43 - 2012-07-26 02:21 - 00030925 _____ C:\windows\setupact.log
2013-11-09 13:42 - 2013-11-09 13:42 - 02199040 _____ (IDT, Inc.) C:\windows\system32\stapo64.dll
2013-11-09 13:42 - 2013-11-09 13:42 - 01401856 _____ (Synopsys, Inc.) C:\windows\system32\SRRPTR64.DLL
2013-11-09 13:42 - 2013-11-09 13:42 - 00693760 ____N (IDT, Inc.) C:\windows\system32\stapi64.dll
2013-11-09 13:42 - 2013-11-09 13:42 - 00550912 _____ (IDT, Inc.) C:\windows\system32\Drivers\stwrt64.sys
2013-11-09 13:42 - 2013-11-09 13:42 - 00315904 _____ (Synopsys, Inc.) C:\windows\system32\SRCOM64.DLL
2013-11-09 13:42 - 2013-11-09 13:42 - 00287744 _____ (Synopsys, Inc.) C:\windows\SysWOW64\SRCOM.dll
2013-11-09 13:42 - 2013-11-09 13:42 - 00287744 _____ (Synopsys, Inc.) C:\windows\system32\SRCOM.DLL
2013-11-09 13:42 - 2013-11-09 13:42 - 00256000 _____ (IDT, Inc.) C:\windows\system32\st646482.dll
2013-11-09 13:42 - 2013-11-09 13:42 - 00206024 _____ (Andrea Electronics Corporation) C:\windows\system32\AESTAC64.dll
2013-11-09 13:42 - 2013-11-09 13:42 - 00083456 _____ (Synopsys, Inc.) C:\windows\system32\SRAPO64.DLL
2013-11-09 13:42 - 2012-09-15 02:40 - 06101504 _____ (IDT, Inc.) C:\windows\system32\stlang64.dll
2013-11-09 13:42 - 2012-09-15 02:40 - 01897984 _____ (IDT, Inc.) C:\windows\system32\IDTNC64.cpl
2013-11-09 13:42 - 2012-09-15 02:40 - 01703424 _____ (IDT, Inc.) C:\windows\sttray64.exe
2013-11-09 13:42 - 2012-09-15 02:40 - 00224768 _____ (IDT, Inc.) C:\windows\system32\HPToneCtrls64.dll
2013-11-09 13:42 - 2012-09-15 02:40 - 00041664 _____ (Hewlett-Packard ) C:\windows\system32\Beats64.exe
2013-11-09 09:33 - 2012-12-07 17:04 - 00003946 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{B537E042-7B7F-4918-A6E7-A43F17219A61}
2013-11-09 08:25 - 2013-10-26 09:57 - 00003178 _____ C:\windows\System32\Tasks\HPCeeScheduleForfredly
2013-11-09 08:25 - 2012-12-22 08:49 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-11-09 08:25 - 2012-12-07 17:02 - 00000000 ____D C:\Users\fredly
2013-11-08 16:46 - 2013-11-08 16:14 - 00000000 ____D C:\ProgramData\WarThunder
2013-11-08 16:46 - 2013-11-08 16:14 - 00000000 ____D C:\Program Files (x86)\WarThunder
2013-11-08 16:45 - 2012-12-07 17:43 - 00000000 ___HD C:\windows\msdownld.tmp
2013-11-08 16:45 - 2012-12-07 17:43 - 00000000 ____D C:\windows\SysWOW64\directx
2013-11-08 16:14 - 2013-11-08 16:14 - 00000000 ____D C:\Users\fredly\Documents\My Games
2013-11-08 16:14 - 2013-11-08 16:14 - 00000000 ____D C:\Users\fredly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2013-11-08 16:14 - 2013-11-08 16:14 - 00000000 ____D C:\Users\fredly\AppData\Local\WarThunder
2013-11-08 16:13 - 2013-11-08 16:13 - 04208536 _____ (2013 Gaijin Entertainment Corporation                       ) C:\Users\fredly\Downloads\wt_launcher_1.0.1.278.exe
2013-11-07 00:02 - 2012-07-26 03:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-11-05 15:03 - 2013-11-05 15:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-05 14:22 - 2013-11-05 14:22 - 00002144 _____ C:\{E0FA67CD-2594-43BF-9BF3-161C909F6951}
2013-11-02 01:20 - 2013-11-02 01:20 - 00000000 ____D C:\ProgramData\McAfee
2013-11-02 01:20 - 2013-11-02 01:19 - 00000000 ____D C:\Users\fredly\AppData\Local\Adobe
2013-11-02 01:20 - 2012-12-07 19:00 - 00003718 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-11-01 00:53 - 2012-07-26 03:12 - 00000000 ____D C:\windows\SysWOW64\Macromed
2013-10-26 12:03 - 2013-10-26 12:03 - 00000000 ____D C:\Users\fredly\AppData\Local\HP Quick Start
2013-10-26 12:00 - 2013-10-26 12:00 - 00001101 _____ C:\Users\Public\Desktop\HP Quick Start.lnk
2013-10-26 12:00 - 2013-10-26 12:00 - 00000000 ____D C:\Users\fredly\AppData\Roaming\WinBatch
2013-10-26 00:00 - 2012-12-25 18:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-26 00:00 - 2012-12-25 18:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-24 10:15 - 2012-12-07 19:21 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-10-23 05:15 - 2012-07-26 03:12 - 00000000 ____D C:\windows\rescache
2013-10-22 23:49 - 2013-10-22 23:48 - 00000000 ____D C:\windows\system32\MRT
2013-10-22 23:48 - 2012-09-15 02:47 - 00002839 _____ C:\windows\system32\RaCoInst.log
2013-10-22 18:52 - 2013-10-22 18:51 - 00291288 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-22 18:52 - 2012-12-07 17:05 - 00000000 ___RD C:\Users\fredly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-22 18:52 - 2012-12-07 17:05 - 00000000 ___RD C:\Users\fredly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-22 18:51 - 2012-07-26 00:37 - 00000000 ____D C:\windows\servicing
2013-10-22 18:49 - 2012-07-26 03:12 - 00000000 ___HD C:\windows\ELAMBKUP
2013-10-22 18:47 - 2012-07-26 03:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-22 18:47 - 2012-07-26 03:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-22 18:47 - 2012-07-26 03:12 - 00000000 ____D C:\windows\WinStore
2013-10-22 18:47 - 2012-07-26 03:12 - 00000000 ____D C:\windows\PolicyDefinitions
2013-10-22 18:47 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-10-22 18:47 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-10-22 18:47 - 2012-07-26 02:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-22 18:47 - 2012-07-26 00:38 - 00000000 ____D C:\windows\system32\oobe
2013-10-22 18:46 - 2012-07-26 03:12 - 00000000 ___RD C:\windows\ToastData
2013-10-22 18:46 - 2012-07-26 03:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-10-22 18:46 - 2012-07-26 03:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-10-22 18:46 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-10-22 18:46 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-10-22 18:46 - 2012-07-26 00:38 - 00000000 ____D C:\windows\SysWOW64\Dism
2013-10-22 18:46 - 2012-07-26 00:38 - 00000000 ____D C:\windows\system32\Dism
2013-10-22 16:47 - 2013-10-22 16:47 - 00000000 ____D C:\windows\System32\Tasks\Norton 360
2013-10-22 16:47 - 2013-02-06 19:18 - 00003206 _____ C:\windows\System32\Tasks\Norton WSC Integration
2013-10-22 16:47 - 2013-02-06 19:17 - 00000000 ____D C:\windows\system32\Drivers\N360x64
2013-10-22 16:05 - 2013-03-20 01:54 - 00003896 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-22 16:05 - 2013-03-20 01:54 - 00003660 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-22 16:02 - 2013-02-06 19:18 - 00177312 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
2013-10-22 16:02 - 2013-02-06 19:18 - 00007631 _____ C:\windows\system32\Drivers\SYMEVENT64x86.CAT
2013-10-22 15:59 - 2012-12-07 17:40 - 00000000 ____D C:\Users\fredly\AppData\Local\Mozilla

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-11-08 09:10

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2013
Ran by fredly at 2013-11-10 08:02:54
Running from C:\Users\fredly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LNXLU0SU
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

4 Elements II (x32 Version: 2.2.0.98)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.5.146)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Control Center (x32 Version: 2013.0819.1344.22803)
AMD Catalyst Install Manager (Version: 8.0.915.0)
AMD Wireless Display v3.0 (Version: 1.0.0.13)
Bejeweled 3 (x32 Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0819.1344.22803)
Catalyst Control Center InstallProxy (x32 Version: 2013.0819.1344.22803)
Catalyst Control Center Localization All (x32 Version: 2013.0819.1344.22803)
CCC Help Chinese Standard (x32 Version: 2013.0819.1343.22803)
CCC Help Chinese Traditional (x32 Version: 2013.0819.1343.22803)
CCC Help Czech (x32 Version: 2013.0819.1343.22803)
CCC Help Danish (x32 Version: 2013.0819.1343.22803)
CCC Help Dutch (x32 Version: 2013.0819.1343.22803)
CCC Help English (x32 Version: 2013.0819.1343.22803)
CCC Help Finnish (x32 Version: 2013.0819.1343.22803)
CCC Help French (x32 Version: 2013.0819.1343.22803)
CCC Help German (x32 Version: 2013.0819.1343.22803)
CCC Help Greek (x32 Version: 2013.0819.1343.22803)
CCC Help Hungarian (x32 Version: 2013.0819.1343.22803)
CCC Help Italian (x32 Version: 2013.0819.1343.22803)
CCC Help Japanese (x32 Version: 2013.0819.1343.22803)
CCC Help Korean (x32 Version: 2013.0819.1343.22803)
CCC Help Norwegian (x32 Version: 2013.0819.1343.22803)
CCC Help Polish (x32 Version: 2013.0819.1343.22803)
CCC Help Portuguese (x32 Version: 2013.0819.1343.22803)
CCC Help Russian (x32 Version: 2013.0819.1343.22803)
CCC Help Spanish (x32 Version: 2013.0819.1343.22803)
CCC Help Swedish (x32 Version: 2013.0819.1343.22803)
CCC Help Thai (x32 Version: 2013.0819.1343.22803)
CCC Help Turkish (x32 Version: 2013.0819.1343.22803)
ccc-utility64 (Version: 2013.0819.1344.22803)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98)
Cradle of Rome 2 (x32 Version: 2.2.0.98)
CyberLink LabelPrint (x32 Version: 2.5.1.5510)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925)
D3DX10 (x32 Version: 15.4.2368.0902)
Dead Island (x32)
Dokan Library 0.6.0 (x32)
ExtraPutty 0.22 (x32 Version: 0.22)
Farm Frenzy (x32 Version: 2.2.0.98)
FATE: The Cursed King (x32 Version: 2.2.0.97)
Final Drive Fury (x32 Version: 2.2.0.95)
FlatOut 2 (x32 Version: 2.2.0.98)
GameStop App (x32 Version: 4.00)
GIMP 2.8.2 (Version: 2.8.2)
Google Update Helper (x32 Version: 1.3.21.165)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000)
Hoyle Card Games (x32 Version: 2.2.0.95)
HP Connected Music (Meridian - installer) (x32 Version: v1.0)
HP Connected Remote (x32 Version: 1.0.1202)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Games (x32 Version: 1.0.3.0)
HP MyRoom (x32 Version: 9.0.0.0)
HP Postscript Converter (Version: 3.1.3591)
HP Quick Start (x32 Version: 1.0.4660.30220)
HP Registration Service (Version: 1.0.5976.4186)
HP Support Assistant (x32 Version: 7.0.33.6)
HP Support Information (x32 Version: 12.00.0000)
IDT Audio (x32 Version: 1.0.6482.0)
Jewel Match 3 (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Luxor Evolved (x32 Version: 2.2.0.98)
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98)
Mozilla Firefox 25.0 (x86 en-US) (x32 Version: 25.0)
Mozilla Maintenance Service (x32 Version: 25.0)
MSVCRT (x32 Version: 15.4.2862.0708)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98)
Norton 360 (x32 Version: 20.4.0.40)
Peggle Nights (x32 Version: 2.2.0.98)
Penguins! (x32 Version: 2.2.0.98)
Polar Bowler (x32 Version: 2.2.0.97)
Polar Golfer (x32 Version: 2.2.0.98)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (x32 Version: 5.0.0.0)
Recovery Manager (x32 Version: 5.5.0.5530)
Roads of Rome 3 (x32 Version: 2.2.0.98)
Steam (x32 Version: 1.0.0.0)
Stronghold Kingdoms (x32 Version: 1.17)
swMSM (x32 Version: 12.0.0.1)
Tales of Lagoona (x32 Version: 2.2.0.110)
TeamSpeak 3 Client (Version: 3.0.13.1)
Update Installer for WildTangent Games App (x32)
Vacation Quest™ - Australia (x32 Version: 2.2.0.98)
War Thunder Launcher 1.0.1.278 (x32)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (x32 Version: 4.0.9.6)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
World of Tanks - Common Test (x32)
World of Tanks (x32)
Zuma's Revenge (x32 Version: 2.2.0.98)

==================== Restore Points  =========================

26-10-2013 16:59:21 HPSF Applying updates
03-11-2013 13:42:09 Scheduled Checkpoint
09-11-2013 18:41:27 HPSF Applying updates

==================== Hosts content: ==========================

2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {07BEAC2B-DDB3-4BBD-91E3-AB36135D1F18} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_PostWarrantyAlert.exe [2013-11-07] (Hewlett-Packard)
Task: {14282631-6A75-488D-9DD6-D8CE4B8977C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {19F7F57A-B69B-40B7-AC85-32D323869124} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\wscstub.exe [2013-06-03] (Symantec Corporation)
Task: {1B21622D-4A1F-43FF-89CA-5FF90EA41927} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\symerr.exe [2013-06-03] (Symantec Corporation)
Task: {1F4000CA-DD06-4A7B-8CED-1D61A7574F16} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {236F21E3-FDE5-4C70-BA2A-F1AADB567561} - System32\Tasks\HPCeeScheduleForfredly => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {30E3BACA-C867-4E20-B510-0E91B27B9413} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {40EBD42F-D2A0-4D23-83D3-37301FCAB280} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_PostWarrantyAlert.exe [2013-11-07] (Hewlett-Packard)
Task: {50F8594C-1FA4-4801-A45F-59EE86E82753} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\symerr.exe [2013-06-03] (Symantec Corporation)
Task: {69155C29-A57D-4D91-9041-4E72AC1B4580} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {945793E9-1610-4933-8758-FDE19A390D49} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-02] (Adobe Systems Incorporated)
Task: {9AE546D3-6E0D-4FC2-9C8C-112ADC71AE30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-20] (Google Inc.)
Task: {A92C6970-C9AC-4322-99A2-697C3CC19AD3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {C59849AB-D204-4ABE-96AC-E4B3538220C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-20] (Google Inc.)
Task: {C8FF3D8E-EA82-4415-9E76-F7226188701F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2012-08-15] (Hewlett-Packard Company)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForfredly.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-07-19 20:06 - 2012-07-19 20:06 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-12-07 17:02 - 2012-12-07 17:02 - 00120224 _____ () C:\Users\fredly\AppData\Local\assembly\dl3\CEQ3OCKB.8CX\4DW6OZWL.BLJ\3ae63e4c\0038bcf4_1366cd01\HPItunesModule.DLL
2012-07-19 20:06 - 2012-07-19 20:06 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-07-19 20:07 - 2012-07-19 20:07 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2012-10-29 05:08 - 2013-10-24 10:15 - 00302056 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2012-10-29 05:08 - 2013-10-24 10:15 - 00320488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2013-10-22 16:02 - 2012-05-30 09:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\wincfi39.dll
2013-11-08 14:19 - 2013-11-07 06:22 - 00720896 _____ () C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.11.4\CommonTypes.dll
2013-11-08 14:19 - 2013-11-08 14:19 - 00086016 _____ () C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.11.4\DXGraphics.dll
2013-11-08 14:19 - 2013-03-06 15:55 - 02979840 _____ () C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.11.4\SlimDX.dll
2013-11-08 14:19 - 2013-11-08 14:19 - 00020480 _____ () C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.11.4\DataClient.dll
2013-11-08 14:19 - 2013-10-22 16:09 - 00024576 _____ () C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.11.4\DataInterface.dll
2013-11-08 14:19 - 2013-03-06 16:01 - 00929792 _____ () C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.11.4\geckofx\xulrunner\mozjs.dll
2013-11-08 14:19 - 2013-11-08 14:19 - 00069632 _____ () C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.11.4\CustomSinks.dll
2013-11-08 14:19 - 2013-11-08 14:19 - 00053248 _____ () C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.11.4\ServerInterface.dll
2013-11-08 14:19 - 2013-11-08 14:19 - 00016384 _____ () C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.11.4\ChatServerInterface.dll
2013-10-22 16:02 - 2012-05-30 09:51 - 00699280 ____R () C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\wincfi39.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2013 04:16:48 AM) (Source: Application Hang) (User: )
Description: The program taskmgr.exe version 6.2.9200.16465 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: eb4

Start Time: 01ceddf4a06220a3

Termination Time: 15

Application Path: C:\windows\system32\taskmgr.exe

Report Id: d00cac13-49e8-11e3-be84-78e3b5b5c425

Faulting package full name:

Faulting package-relative application ID:

Error: (11/09/2013 01:48:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: MsiExec.exe, version: 5.0.9200.16384, time stamp: 0x5010a60b
Faulting module name: MSI4791.tmp, version: 2.0.0.9, time stamp: 0x5114ea17
Exception code: 0xc000000d
Fault offset: 0x0001ae58
Faulting process id: 0xfe8
Faulting application start time: 0xMsiExec.exe0
Faulting application path: MsiExec.exe1
Faulting module path: MsiExec.exe2
Report Id: MsiExec.exe3
Faulting package full name: MsiExec.exe4
Faulting package-relative application ID: MsiExec.exe5

Error: (11/09/2013 01:48:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: MsiExec.exe, version: 5.0.9200.16384, time stamp: 0x5010a60b
Faulting module name: MSIFBAF.tmp, version: 2.0.0.9, time stamp: 0x5114ea17
Exception code: 0xc000000d
Fault offset: 0x0001ae58
Faulting process id: 0x1150
Faulting application start time: 0xMsiExec.exe0
Faulting application path: MsiExec.exe1
Faulting module path: MsiExec.exe2
Report Id: MsiExec.exe3
Faulting package full name: MsiExec.exe4
Faulting package-relative application ID: MsiExec.exe5

Error: (10/27/2013 00:31:58 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 24.0.0.5001 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3e4

Start Time: 01ced2abad6a33aa

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: a5ff736c-3f2d-11e3-be81-78e3b5b5c425

Faulting package full name:

Faulting package-relative application ID:

Error: (10/27/2013 00:31:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 24.0.0.5001, time stamp: 0x522fd228
Faulting module name: NPSWF32_11_9_900_117.dll, version: 11.9.900.117, time stamp: 0x5244d60c
Exception code: 0x80000003
Fault offset: 0x00345b8d
Faulting process id: 0x17dc
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (10/22/2013 11:35:30 PM) (Source: Application Hang) (User: )
Description: The program StrongholdKingdoms.exe version 1.1.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: eb4

Start Time: 01cecf8227e1788a

Termination Time: 14

Application Path: C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.10.6\StrongholdKingdoms.exe

Report Id: 4d0df9c1-3b9c-11e3-be80-78e3b5b5c425

Faulting package full name:

Faulting package-relative application ID:

Error: (10/22/2013 06:18:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: HPConnectedRemoteService.exe, version: 1.0.1202.0, time stamp: 0x5008a07f
Faulting module name: KERNELBASE.dll, version: 6.2.9200.16451, time stamp: 0x50988aa6
Exception code: 0xe0434352
Fault offset: 0x000000000003811c
Faulting process id: 0xd04
Faulting application start time: 0xHPConnectedRemoteService.exe0
Faulting application path: HPConnectedRemoteService.exe1
Faulting module path: HPConnectedRemoteService.exe2
Report Id: HPConnectedRemoteService.exe3
Faulting package full name: HPConnectedRemoteService.exe4
Faulting package-relative application ID: HPConnectedRemoteService.exe5

Error: (10/22/2013 06:18:13 PM) (Source: .NET Runtime) (User: )
Description: Application: HPConnectedRemoteService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
Stack:
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
   at System.Management.SinkForEventQuery.Cancel()
   at System.Management.ManagementEventWatcher.Stop()
   at HP.Seeker.ProcessKeeperService.StopProcesMonitors()
   at HP.Seeker.HPSeekerSwitchboard.StartUserService()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()

Error: (10/22/2013 03:49:52 PM) (Source: Bonjour Service) (User: )
Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 1355468597 ticks; setting correction factor to 1675970375

Error: (06/28/2013 09:26:27 PM) (Source: Application Hang) (User: )
Description: The program RunSanDiskSecureAccess_Win.exe version 1.1.19269.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1598

Start Time: 01ce746f7675f98e

Termination Time: 3

Application Path: J:\RunSanDiskSecureAccess_Win.exe

Report Id: 4a86b39d-e063-11e2-be7e-78e3b5b5c425

Faulting package full name:

Faulting package-relative application ID:

System errors:
=============
Error: (11/10/2013 04:18:08 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error:
%%1056

Error: (11/10/2013 04:18:08 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error:
%%1056

Error: (11/10/2013 04:17:40 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Diagnostic Policy Service service, but this action failed with the following error:
%%1056

Error: (11/10/2013 04:16:03 AM) (Source: DCOM) (User: homecomputer)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}homecomputerfredlyS-1-5-21-2944871792-1132821875-1833353257-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/10/2013 04:16:03 AM) (Source: DCOM) (User: homecomputer)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}homecomputerfredlyS-1-5-21-2944871792-1132821875-1833353257-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/10/2013 04:16:03 AM) (Source: DCOM) (User: homecomputer)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}homecomputerfredlyS-1-5-21-2944871792-1132821875-1833353257-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/10/2013 04:16:02 AM) (Source: DCOM) (User: homecomputer)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}homecomputerfredlyS-1-5-21-2944871792-1132821875-1833353257-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/10/2013 04:16:02 AM) (Source: DCOM) (User: homecomputer)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}homecomputerfredlyS-1-5-21-2944871792-1132821875-1833353257-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/10/2013 04:16:02 AM) (Source: DCOM) (User: homecomputer)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}homecomputerfredlyS-1-5-21-2944871792-1132821875-1833353257-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/10/2013 04:16:02 AM) (Source: DCOM) (User: homecomputer)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}homecomputerfredlyS-1-5-21-2944871792-1132821875-1833353257-1001LocalHost (Using LRPC)UnavailableUnavailable

Microsoft Office Sessions:
=========================
Error: (11/10/2013 04:16:48 AM) (Source: Application Hang)(User: )
Description: taskmgr.exe6.2.9200.16465eb401ceddf4a06220a315C:\windows\system32\taskmgr.exed00cac13-49e8-11e3-be84-78e3b5b5c425

Error: (11/09/2013 01:48:07 PM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.9200.163845010a60bMSI4791.tmp2.0.0.95114ea17c000000d0001ae58fe801cedd7c3923e8a0C:\Windows\syswow64\MsiExec.exeC:\windows\Installer\MSI4791.tmp785f4679-496f-11e3-be83-78e3b5b5c425

Error: (11/09/2013 01:48:02 PM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.9200.163845010a60bMSIFBAF.tmp2.0.0.95114ea17c000000d0001ae58115001cedd7c2e22c782C:\Windows\syswow64\MsiExec.exeC:\windows\Installer\MSIFBAF.tmp75a985fe-496f-11e3-be83-78e3b5b5c425

Error: (10/27/2013 00:31:58 PM) (Source: Application Hang)(User: )
Description: firefox.exe24.0.0.50013e401ced2abad6a33aa4294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exea5ff736c-3f2d-11e3-be81-78e3b5b5c425

Error: (10/27/2013 00:31:54 PM) (Source: Application Error)(User: )
Description: plugin-container.exe24.0.0.5001522fd228NPSWF32_11_9_900_117.dll11.9.900.1175244d60c8000000300345b8d17dc01ced2abd37bb182C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\windows\SYSTEM32\Macromed\Flash\NPSWF32_11_9_900_117.dllabad7ddb-3f2d-11e3-be81-78e3b5b5c425

Error: (10/22/2013 11:35:30 PM) (Source: Application Hang)(User: )
Description: StrongholdKingdoms.exe1.1.0.0eb401cecf8227e1788a14C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.10.6\StrongholdKingdoms.exe4d0df9c1-3b9c-11e3-be80-78e3b5b5c425

Error: (10/22/2013 06:18:15 PM) (Source: Application Error)(User: )
Description: HPConnectedRemoteService.exe1.0.1202.05008a07fKERNELBASE.dll6.2.9200.1645150988aa6e0434352000000000003811cd0401ce50f37488a14bc:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exeC:\windows\system32\KERNELBASE.dll39e99314-3b70-11e3-be7e-78e3b5b5c425

Error: (10/22/2013 06:18:13 PM) (Source: .NET Runtime)(User: )
Description: Application: HPConnectedRemoteService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
Stack:
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
   at System.Management.SinkForEventQuery.Cancel()
   at System.Management.ManagementEventWatcher.Stop()
   at HP.Seeker.ProcessKeeperService.StopProcesMonitors()
   at HP.Seeker.HPSeekerSwitchboard.StartUserService()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()

Error: (10/22/2013 03:49:52 PM) (Source: Bonjour Service)(User: )
Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 1355468597 ticks; setting correction factor to 1675970375

Error: (06/28/2013 09:26:27 PM) (Source: Application Hang)(User: )
Description: RunSanDiskSecureAccess_Win.exe1.1.19269.0159801ce746f7675f98e3J:\RunSanDiskSecureAccess_Win.exe4a86b39d-e063-11e2-be7e-78e3b5b5c425

==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 5527.51 MB
Available physical RAM: 2640.64 MB
Total Pagefile: 6423.51 MB
Available Pagefile: 3175.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:910.65 GB) (Free:811.86 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:19.38 GB) (Free:2.42 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 2989DC5C)

Partition: GPT Partition Type
==================== End Of Log ============================

Link to post
Share on other sites

Run the following:

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

  • Double click on AdwCleaner.exe to run the tool.
  • Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted (if necessary):
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

Next,

 

We need to run an online AV scan to ensure there are no remnants of any infection left on your system, this scan can take several hours to complete, it is very thorough and well worth running, please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

 

When the scan is complete

 

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

 

If threats were found

 

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

 

close program

 

copy and paste the report here

 

Kevin

Link to post
Share on other sites

# AdwCleaner v3.011 - Report created 10/11/2013 at 16:20:33
# Updated 03/11/2013 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : fredly - HOMECOMPUTER
# Running from : C:\Users\fredly\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\fredly\AppData\Local\PackageAware
File Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

-\\ Mozilla Firefox v25.0 (en-US)

[ File : C:\Users\fredly\AppData\Roaming\Mozilla\Firefox\Profiles\a6hzfsbu.default\prefs.js ]

Line Deleted : user_pref("FirstSearch.aol_toolbar.search.hasDoneFirst", 1);
Line Deleted : user_pref("aol_toolbar.aolmail", "");
Line Deleted : user_pref("aol_toolbar.aolmail.address", "fluffpie12@aim.com");
Line Deleted : user_pref("aol_toolbar.aolmail.count", "0");
Line Deleted : user_pref("aol_toolbar.aolmail.id", "value");
Line Deleted : user_pref("aol_toolbar.aolmail.imagelist.layout", "empty");
Line Deleted : user_pref("aol_toolbar.aolmail.popup.autoclose", "true");
Line Deleted : user_pref("aol_toolbar.aolmail.user", "fluffpie12");
Line Deleted : user_pref("aol_toolbar.button.facebook_40839.click", "1");
Line Deleted : user_pref("aol_toolbar.button.netflix_46519.click", "1");
Line Deleted : user_pref("aol_toolbar.button.radio_46530.click", "1");
Line Deleted : user_pref("aol_toolbar.button.wikipedia_46497.click", "1");
Line Deleted : user_pref("aol_toolbar.button.yahoo_mail_46508.click", "1");
Line Deleted : user_pref("aol_toolbar.buttons.layout", ";facebook_40839;mapquest_40872;twitter_40883;ebay_46278;_46497;_46508;_46519;radio_46530;_46541;");
Line Deleted : user_pref("aol_toolbar.calendar.date", "{system.date.timestamp}");
Line Deleted : user_pref("aol_toolbar.calendar.displaydate", "{system.date.locale}");
Line Deleted : user_pref("aol_toolbar.calendar.timestamp", "1384072282980");
Line Deleted : user_pref("aol_toolbar.cookie.homepage", "1");
Line Deleted : user_pref("aol_toolbar.cookie.search", "1");
Line Deleted : user_pref("aol_toolbar.curtain.congrats", "curtain");
Line Deleted : user_pref("aol_toolbar.default.homepage.check", true);

Line Deleted : user_pref("aol_toolbar.default.newtab.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", true);
Line Deleted : user_pref("aol_toolbar.default.search.label", "AOL Search");

Line Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);
Line Deleted : user_pref("aol_toolbar.guid", "{18974340-6355-C2CF-9254-B74202FCDB53}");
Line Deleted : user_pref("aol_toolbar.historybutton.active", true);
Line Deleted : user_pref("aol_toolbar.historybutton.enabled", true);
Line Deleted : user_pref("aol_toolbar.historybutton.ignoreids", "");
Line Deleted : user_pref("aol_toolbar.homepageprotection.enabled", true);
Line Deleted : user_pref("aol_toolbar.install.distroid", "");

Line Deleted : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.9838");
Line Deleted : user_pref("aol_toolbar.install.lid", "hyplognew00000010");
Line Deleted : user_pref("aol_toolbar.install.mtmhp", "txtlnkusaolp00000051");
Line Deleted : user_pref("aol_toolbar.install.ncid", "txtlnkusdown00000043");
Line Deleted : user_pref("aol_toolbar.install.sethomepage", "1");
Line Deleted : user_pref("aol_toolbar.install.setnewtab", "0");
Line Deleted : user_pref("aol_toolbar.install.setsearch", "1");
Line Deleted : user_pref("aol_toolbar.install.type", "upgrade");
Line Deleted : user_pref("aol_toolbar.metrics.activestampdate", "10");
Line Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "10");
Line Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2013");
Line Deleted : user_pref("aol_toolbar.metrics.log", false);
Line Deleted : user_pref("aol_toolbar.metrics.originalDate", "7");
Line Deleted : user_pref("aol_toolbar.metrics.originalHours", "5");
Line Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "0");
Line Deleted : user_pref("aol_toolbar.metrics.originalMonth", "12");
Line Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "0");
Line Deleted : user_pref("aol_toolbar.metrics.originalYear", "2012");
Line Deleted : user_pref("aol_toolbar.presethomepage", "aol.com");
Line Deleted : user_pref("aol_toolbar.presetnewtab", "about:newtab");
Line Deleted : user_pref("aol_toolbar.presetsearch", "AOL Search");
Line Deleted : user_pref("aol_toolbar.relatednews.enabled", false);
Line Deleted : user_pref("aol_toolbar.remote..xml", "1384072283162");
Line Deleted : user_pref("aol_toolbar.remote.config.js", "");
Line Deleted : user_pref("aol_toolbar.remote.historyconfig.js", "");
Line Deleted : user_pref("aol_toolbar.remote.publish.xml", "1384072283162");
Line Deleted : user_pref("aol_toolbar.remote.searchterm.js", "");
Line Deleted : user_pref("aol_toolbar.rtw.active", false);
Line Deleted : user_pref("aol_toolbar.search.button", true);
Line Deleted : user_pref("aol_toolbar.search.cid", "22-10-2013");
Line Deleted : user_pref("aol_toolbar.search.focusnewtab", true);
Line Deleted : user_pref("aol_toolbar.search.instd", "20121207183717354");
Line Deleted : user_pref("aol_toolbar.search.newtab", true);
Line Deleted : user_pref("aol_toolbar.search.oid", "07-12-2012");
Line Deleted : user_pref("aol_toolbar.search.placement", "right");
Line Deleted : user_pref("aol_toolbar.search.populateoncomplete", false);
Line Deleted : user_pref("aol_toolbar.search.savehistory", false);
Line Deleted : user_pref("aol_toolbar.search.searchtype", "web");
Line Deleted : user_pref("aol_toolbar.search.source", "aolrt");
Line Deleted : user_pref("aol_toolbar.searchprotection.enabled", true);
Line Deleted : user_pref("aol_toolbar.skin.custom", false);
Line Deleted : user_pref("aol_toolbar.surf.date", "76");
Line Deleted : user_pref("aol_toolbar.surf.lastDate", "22");
Line Deleted : user_pref("aol_toolbar.surf.lastMonth", "9");
Line Deleted : user_pref("aol_toolbar.surf.lastYear", "2013");
Line Deleted : user_pref("aol_toolbar.surf.month", "76");
Line Deleted : user_pref("aol_toolbar.surf.prevMonth", "6008");
Line Deleted : user_pref("aol_toolbar.surf.total", "58410");
Line Deleted : user_pref("aol_toolbar.surf.week", "76");
Line Deleted : user_pref("aol_toolbar.surf.year", "49020");
Line Deleted : user_pref("aol_toolbar.ticker.active", false);
Line Deleted : user_pref("aol_toolbar.toolbar.langlocale", "en-US");
Line Deleted : user_pref("aol_toolbar.toolbar.name", "AOL Toolbar");
Line Deleted : user_pref("aol_toolbar.uninstallreset", "3");
Line Deleted : user_pref("aol_toolbar.upgrade.showwindow", false);
Line Deleted : user_pref("aol_toolbar.weather.condition", "27_n");
Line Deleted : user_pref("aol_toolbar.weather.degc", "8");
Line Deleted : user_pref("aol_toolbar.weather.degf", "47");
Line Deleted : user_pref("aol_toolbar.weather.degrees", "F");

Line Deleted : user_pref("aol_toolbar.weather.lastupdate", "");
Line Deleted : user_pref("aol_toolbar.weather.locationid", "USNY0996");
Line Deleted : user_pref("aol_toolbar.weather.metric", true);
Line Deleted : user_pref("aol_toolbar.weather.tooltip", "New York , NY : Cloudy");
Line Deleted : user_pref("aol_toolbar.weather.update", "1382475756618");
Line Deleted : user_pref("aol_toolbar.weather.zipcode", "10006");
Line Deleted : user_pref("aol_toolbar.widgets.layout", "aolmail,calendar,weather");
Line Deleted : user_pref("aol_toolbar.widgets.log", false);
Line Deleted : user_pref("aol_toolbar.widgets.timestamp", "1384072288188");
Line Deleted : user_pref("aol_toolbar.widgets.version", "5.74.1.9838");
Line Deleted : user_pref("aol_toolbar.winamp.volume", "");

*************************

AdwCleaner[R0].txt - [9523 octets] - [10/11/2013 16:15:22]
AdwCleaner[s0].txt - [9329 octets] - [10/11/2013 16:20:33]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [9389 octets] ##########

 

I am running the eset scan now will post after finished

Link to post
Share on other sites

the eset scan came back with no threats found.im worried about this that adw thing deleted line had one of my emails listed do you know if it would still be safe?

also early this morning I rebooted my pc and it wouldn't connect to the internet I saw a bunch of svchost on there I shut a bunch of them down and I was able to connect.im not sure what this means or the intent of this virus or person I am not very knowledgeable on computers.thanks for all the help so far.

Link to post
Share on other sites

Many Toolbars are notorious for being loaded with unwanted adware, it is always best to avoid them unless you trust them or their source. AdwCleaner is a very good judge....

 

How does your system now respond, are there any remaining issues or concerns?

 

Read the following link: http://www.howtogeek.com/howto/windows-vista/what-is-svchostexe-and-why-is-it-running/ regarding svchost.....

Link to post
Share on other sites

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware,

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced log,

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop.

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Link to post
Share on other sites

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.10.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
fredly :: HOMECOMPUTER [administrator]

Protection: Enabled

11/10/2013 7:59:31 PM
mbam-log-2013-11-10 (19-59-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203318
Time elapsed: 3 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

my norton360 blocked both those screen317 downloads as a threat?

Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.76 
   x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Windows Defender  
Norton 360        
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Adobe Flash Player  11.9.900.117 
 Mozilla Firefox (25.0)
````````Process Check: objlist.exe by Laurent```````` 
 Norton ccSvcHst.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

Link to post
Share on other sites

No issues to worry about from Security Check, what is the status now, are you still having fluctuations?

 

Set up and run a clean boot of the system, see how things are in that state... Go to the following link, expand the option relevant to your OS and follow those instructions.

 

http://support.microsoft.com/kb/929135

 

Let me know if that makes any difference...

Link to post
Share on other sites

I was mostly worried about a couple svchost using more memory than I can remember them using a couple use like 35mb and one uses between 65 and 75mb,was worried that it had to do with those ips from ecatel in the Netherlands that tried to get in.im to scared to risk banking or going on my emails at this point lol,do you think it would be safe to yet?i ran the clean boot seems ok

Link to post
Share on other sites

Open Taskmanager, make a note of the PID for the svchost entries that are causing issue. Close Tskmanager

 

Next,

 

1. Click Start on the Windows taskbar, and then click Run. or select the Windows key and R Key together
2. In the Open box, type CMD, and then press ENTER.
3.  At the command prompt type TASKLIST /SVC, and then press ENTER

 

In the list that opens scroll down and look for the PID against svchost entries that match problem ones from Taskmanager. Make a note of the services that are running from those entries....

 

Post those for me...

Link to post
Share on other sites

svchost.exe  764   brokerinfastructure,dcomlaunch,lsm,plug play,power

                     808   rpceptmapper,rpcss

                     900   audiosrv,dhcp,eventlog,1mhosts,wcmsvc,wscsvc

                     988   appinfo,bits,ikeext,iph1psvc,lanmanserver,mmcss,profsvc,schedule,sens,she11hwdetection,systemeventsbroker,themes,winmgmt

                     292   eventsystem,fontcache,netprofm,nsi,wdiservicehost,winhttpautoproxysvc

                     356   audioendpointbuilder,hidserv,pcasvc,sysmain,trkwks,wlansvc

                     1112  cryptsvc,dnscache,lanmanworkstation,nlasvc

                     1480  bfe,dps,mpssvc

                     1620  apphostsvc

                     2064 policyagent

                     2788 ssdpsrv,timebroker,upnphost

                    

             356 and 1480 use the most memory

Link to post
Share on other sites

Now you know which actual services are causing the issue you have. Open Taskmanager, then shrink to task bar. Select start > type services.msc into the search box, tap enter. The services window will open. Scroll to and highlight each service in turn that you`ve identified. The option to stop or start will open. Stop each one and see what impact it has on Taskmanager. Start when done, then move to the next one.

 

Eventually you will find which is the biggest user....

Link to post
Share on other sites

2013/11/11 06:15:07 -0500 HOMECOMPUTER (null) MESSAGE Starting protection
2013/11/11 06:15:07 -0500 HOMECOMPUTER (null) MESSAGE Protection started successfully
2013/11/11 06:15:07 -0500 HOMECOMPUTER (null) MESSAGE Starting IP protection
2013/11/11 06:15:10 -0500 HOMECOMPUTER (null) MESSAGE IP Protection started successfully
2013/11/11 10:24:08 -0500 HOMECOMPUTER fredly MESSAGE Executing scheduled update:  Daily
2013/11/11 10:24:15 -0500 HOMECOMPUTER fredly MESSAGE Scheduled update executed successfully:  database updated from version v2013.11.10.06 to version v2013.11.11.07
2013/11/11 10:24:15 -0500 HOMECOMPUTER fredly MESSAGE Starting database refresh
2013/11/11 10:24:16 -0500 HOMECOMPUTER fredly MESSAGE Stopping IP protection
2013/11/11 10:24:17 -0500 HOMECOMPUTER fredly MESSAGE IP Protection stopped successfully
2013/11/11 10:24:19 -0500 HOMECOMPUTER fredly MESSAGE Database refreshed successfully
2013/11/11 10:24:19 -0500 HOMECOMPUTER fredly MESSAGE Starting IP protection
2013/11/11 10:24:22 -0500 HOMECOMPUTER fredly MESSAGE IP Protection started successfully
2013/11/11 12:13:26 -0500 HOMECOMPUTER fredly IP-BLOCK 80.82.64.231 (Type: incoming, Port: 53, Process: svchost.exe)
2013/11/11 14:31:51 -0500 HOMECOMPUTER fredly IP-BLOCK 80.82.64.238 (Type: incoming, Port: 19, Process: svchost.exe)
2013/11/11 14:59:44 -0500 HOMECOMPUTER fredly IP-BLOCK 94.102.49.37 (Type: incoming, Port: 53, Process: svchost.exe)
2013/11/11 19:02:38 -0500 HOMECOMPUTER fredly IP-BLOCK 80.82.64.238 (Type: incoming, Port: 19, Process: svchost.exe)

 

I just got these ?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.