Jump to content

Multiple dllhost.exe *32 Messing Up Computer Please Help


Penguin19

Recommended Posts

Ever since Sept 26 my laptop has been messing up. It started with "Powershell has stopped working" messages and now multiple dllhost.exe *32 processes max out my computer's CPU usage and physical memory each time it is connected to the internet. Even if I stop the processes, they just reappear. Also, my internet option security settings keep getting changed to disable downloads and erase browsing history.

I have ran scans from GFI Vipre AntiVirus, Malwarebytes Anti-Malware, Microsoft Safety Scanner and SUPERAntiSpyware but none of them found anything wrong. I've seen forum posts from other users who have had similar problems and hope that you guys can help fix my computer too.

Link to post
Share on other sites

Hello Penguin19, welcome to Malwarebytes' Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. xsmile.png.pagespeed.ic.CwSpBGGvqN.png
 
General P2P/Piracy Notice: 
 

If you are using Peer to Peer (P2P) filesharing software such as uTorrent, BitTorrent or similar you must either fully uninstall or completely disable the programme(s) from running whilst receiving assistance at this forum. 
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked/keygen or similar software on the computer, please remove/uninstall the software now and read the policy on Piracy. Failure to do so will also result in your topic being closed.

 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODEQUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
  • Please backup important documents before proceeding with my instructions.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
  • Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.
     

======================================================
 
Unfortunately, I must issue the following warning. 
Please let me know what you think, and how you wish to proceed. 
 

xgoGMWSt.gif.pagespeed.ic.T3xMEQZT0d.pngBACKDOOR WARNING

------------------------------

One or more of the identified infections is known to use a backdoor, that allows attackers to remotely control your computer, download/execute files and steal critical system, financial and personal information.

Please disconnect your computer from the internet immediately. If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should immediately change all account information (including those used for banking, email, eBay, paypal, online forums, etc). Consider these accounts already compromised.

If you have used a router, you will need to reset it with a strong logon/password to ensure the malware cannot gain control before connecting again. Banking and credit card institutions should be notified of the possible security breach immediately. Please read the following for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Whilst the identified infection(s) can be removed, there is no way to guarantee that your computer will be trustworthy again. This is due to the nature of the infection, which allows the attacker complete control over the computer. Many experts in the security community believe that once infected with this type of malware, the best course of action is to reformat the hard drive and reinstall the Operating System. Please read the following articles for more information.

Please let me know how you wish to proceed, and if you have any questions.
Link to post
Share on other sites

Hi Adam. Thank you for the help. My name is Gloria. Is it possible to save any family photos and word documents before reformating or would those files already be considered damaged because of the infection?

Also would it be best to reform the computer first then reset the router? It's an Xfinity router/modem that is used by other family members for their computers, game systems,and phones.

Link to post
Share on other sites

Hi Gloria, 

 

If you plan on resetting your router, I would do so first. 

 

As for backing up data, there's no reason why you can't safely backup your personal files. 

Instructions on how to do so can be found below. You require a USB drive or External Hard Drive with enough storage capacity to hold all your files. STEP 1 requires the use of a clean PC.

 

STEP 1
ypeNg1J.png Panda USB Vaccine

  • Please download Panda USB Vaccine and save the file to your Desktop of a clean PC.
  • Double-click USBVaccineSetup.exe to install the programme.
  • Read and accept the license agreement, then click Next.
  • Upon completion of the setup, ensure Launch Panda USB Vaccine is checked and click Finish.
  • Click the Vaccinate Computer button. It should now show a green checkmark and confirm Computer vaccinated.
  • Hold down the Shift key on your keyboard and insert your USB drive into the clean PC.
  • Follow these instructions on how to reformat your USB drive (this will remove all files on the device). This is to ensure the drive is clean. 
  • Return to Panda USB Vaccine. When the name of the drive appears in the Panda USB Vaccine dialog box, click the Vaccinate USB drive(s)button.
  • Exit the programme when done.

-- Computer Vaccination will prevent any AutoRun file from running, regardless of whether the removable device is infected or not. USB Vaccination disables the autorun file so it cannot be read, modified or replaced and creates an AUTORUN_.INF as protection against malicious code. The Panda Resarch Blog advises that once USB drives have been vaccinated, they cannot be reversed except with a format. If you do this, be sure to back up your data files first or they will be lost during the formatting process.
 
 
STEP 2
nSymGHK.png Folder Options

  • Press the Windows Key + r on your keyboard at the same time. Type Control Folders and click OK.
  • Click View. Under Hidden files and folders:
  • Place a checkmark next to Show hidden files, folders and drives.
  • Remove the checkmark next to Hide extensions for known file types.
  • Click Apply followed by OK.
     

STEP 3
LRQ3fDK.png Backup Data

The safest practice is not to backup any executable files (.exe), screensavers (.scr), dynamic link library (.dll), autorun (.ini) or script files (.php,.asp.htm.html.xml) files because they may be infected by malware. You should also avoid backing up compressed files (.zip.cab.rar) that have executables inside as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may disguise itself by hiding a file extension or by adding double file extensions (hence why STEP 2 is important) and/or space(s) in the file's name to hide the real extension, so be sure you look closely at the full file name.

  • Backing up documents, image, music and video is fine.
  • Specially crafted Word/Excel/PDF can be used for malicious intent, so please ensure you do not backup any documents you do not recognise.
  • To repeat, do not backup up files with the following extensions:
.exe, .scr, .bat, .com, .cmd, .msi, .pif, .ini, .htm, .html, .hta, .php, .asp, .xml, .zip, .rar, .cab
  • Once you have decided which files you wish to backup, copy the files over to the USB drive. 
Link to post
Share on other sites

I'm going to borrow a friend's computer to get the Panda vaccine. They want it back in the same condition that they lent it. Is there any way to undo the computer vaccination on their computer once I'm done with it?

I am planning on using a 1TB WD My Passport Ultra portable hard drive to back up my files. Do you know if there are any compatibility issues between this device and the Panda vaccine?

Finally, once I'm done backing up my data, do I follow the instructions for restoring my system to factory default or is there some other special process I must follow?

Sorry for all the questions. I'm not too good with technology so I just wanted to make sure I'm following all the right steps.

Link to post
Share on other sites

Hi Gloria,

The purpose of Panda USB Vaccine is to prevent the propagation of Autorun infections.

One should not have Autorun enabled on Windows 7 in any case. This is the only change made to the machine.

Panda USB vaccine should have no problems detecting your external hard drive, but I can't say for certain unfortunately.

As I said, the purpose is to prevent Autorun infections. Whilst I doubt this applies to you, I provide instructions on using the programme to err on the side of caution. Ultimately, your biggest defence will be following the instructions in STEP 3, as Autorun infections are relatively uncommon nowadays. As long as you follow the guidelines, and avoid copying over the file extensions listed, you should be OK.

There's no special procedure as such, but I do have a list of steps I provide on preparing and restoring.

What is the make and model of your infected machine?

Link to post
Share on other sites

Hello, 
 
Your logs indicate you have a Recovery Partition that can be used to restore to factory defaults. 
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
http://www.ehow.com/how_7198204_activate-recovery-gateway-laptop.html

 

Once you've backed up your files, I suggest do the following before your restore. 
 
STEP 1
CXrghb6.png Download Installation Files
I recommend downloading your Network Adapter drivers before reformatting. This is a precautionary measure in case you experience issues with Internet connectivity after restoring.

  • Press the Windows Key + r on your keyboard at the same time. Type devmgmt.msc and click OK.
  • Locate Network Adapters and click the corresponding drop-down arrow.
  • Make a note of your Network Adapters.
  • Using a clean PC and the Gateway site, enter your relevant product details and locate the Network Adapters you noted down. Save the files to your USB drive. 
     

Download the Anti-Virus installation file of your choice. You need only download the installation file; do not click or open the file. Once downloaded, save the file to your USB drive. You must only install one Anti-Virus after restoring.

Each paid-for Anti-Virus comes with a free trial if you wish to try the software before purchasing. For a paid solution, my choice of Anti-Virus is ESET NOD32, and for a free solution, my choice of Anti-Virus is avast!. However, you should be aware that there is no universal solution that works for everyone, and there is no single best anti-virus
 
 
STEP 2
6YRrgUC.png Paid-for/Premium/Licensed Software
Do you have any paid-for software that was activated using a code or key? If so, ensure you have all relevant information noted down before reformatting. 
 
If you have a Malwarebytes Anti-Malware Premium license, but do not possess your details, follow the instructions below.
 

You cannot look up your Activation ID and Key from the Registry unless you have a previously licensed 1.x version installed.  Fresh installs now encrypt that data so make very sure you have your ID and Key before you proceed.  Previous 1.x PRO versions did store the ID and Key in the following locations of the Registry but a clean fresh install of version 2.0 will not store it in the Registry.
 

Location for Windows x86 32-Bit
HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware
 
Location for Windows x64 64-Bit
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware

 
If you cannot locate your license activation information in the Registry and no longer have access to your order number you can contact cleverbridge to obtain information about your order including license registration and activation information. Please note that cleverbridge does not offer technical support for any products. They will only provide you with your order information: Contact cleverbridge customer service If you purchased Malwarebytes Anti-Malware from another vendor or reseller and still require the license activation information you will need to contact that vendor or reseller to obtain the information before you proceed otherwise you will not be able to re-activate the product.
Link to post
Share on other sites

FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01

Ran by Admin (administrator) on LAPTOP-PC on 06-10-2014 13:01:21

Running from C:\Users\Admin\Desktop\FRST

Loaded Profile: Admin (Available profiles: Admin)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe

(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)

HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-11] (ELAN Microelectronics Corp.)

HKLM\...\Run: [Power Management] => C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)

HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe [290112 2011-03-09] (NTI Corporation)

HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)

HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-06-30] (Dritek System Inc.)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=MAGW

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com/?pc=MAGW

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:

========

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn [2014-10-05]

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn [2014-10-06]

Chrome:

=======

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\Exts\Chrome.crx [2014-10-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation)

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [257344 2011-03-09] (NTI Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20141003.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)

R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-10-05] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-10-05] (Symantec Corporation)

R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20141003.001\IDSvia64.sys [633560 2014-10-03] (Symantec Corporation)

R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20141005.001\ENG64.SYS [129752 2014-10-05] (Symantec Corporation)

R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20141005.001\EX64.SYS [2137304 2014-10-05] (Symantec Corporation)

R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309000.009\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1309000.009\SYMDS64.SYS [451192 2011-05-16] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309000.009\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2014-10-06] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-06 13:03 - 2014-10-06 13:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security

2014-10-06 13:01 - 2014-10-06 13:01 - 00000000 ____D () C:\FRST

2014-10-06 12:58 - 2014-10-06 12:58 - 00003232 _____ () C:\Windows\System32\Tasks\Norton WSC Integration

2014-10-06 12:52 - 2014-08-18 14:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-10-06 12:47 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-10-06 12:47 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2014-10-06 12:45 - 2014-06-23 20:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-10-06 12:45 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-10-06 12:45 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-10-06 12:45 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2014-10-06 12:45 - 2014-02-03 19:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-10-06 12:45 - 2014-02-03 19:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-10-06 12:45 - 2014-01-08 19:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-10-06 12:45 - 2014-01-03 15:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-10-06 12:45 - 2013-11-26 01:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-10-06 12:45 - 2013-11-23 11:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2014-10-06 12:45 - 2013-11-23 10:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2014-10-06 12:45 - 2013-11-22 15:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2014-10-06 12:45 - 2012-02-10 23:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe

2014-10-06 12:45 - 2012-02-10 23:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe

2014-10-06 12:39 - 2014-10-06 13:01 - 00000000 ____D () C:\Users\Admin\Desktop\FRST

2014-10-06 12:38 - 2014-10-06 12:38 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList

2014-10-06 12:38 - 2014-10-06 12:38 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList

2014-10-06 12:30 - 2014-10-06 12:30 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0

2014-10-06 12:09 - 2014-10-06 12:09 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-10-06 00:24 - 2013-05-09 22:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2014-10-06 00:24 - 2013-05-09 22:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2014-10-06 00:24 - 2013-05-09 21:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2014-10-06 00:24 - 2013-05-09 21:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2014-10-06 00:14 - 2014-10-06 12:50 - 00774004 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-10-06 00:04 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2014-10-06 00:00 - 2014-10-06 00:00 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-10-06 00:00 - 2014-10-06 00:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-10-06 00:00 - 2014-10-06 00:00 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-10-06 00:00 - 2014-10-06 00:00 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-10-06 00:00 - 2014-10-06 00:00 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2014-10-06 00:00 - 2014-10-06 00:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-10-06 00:00 - 2014-10-06 00:00 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-10-06 00:00 - 2014-10-06 00:00 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2014-10-06 00:00 - 2014-10-06 00:00 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-10-06 00:00 - 2014-10-06 00:00 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2014-10-06 00:00 - 2014-10-06 00:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2014-10-06 00:00 - 2014-10-06 00:00 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-10-06 00:00 - 2014-10-06 00:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-10-05 23:53 - 2014-10-06 00:04 - 00011823 _____ () C:\Windows\IE11_main.log

2014-10-05 23:42 - 2013-10-01 19:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys

2014-10-05 23:42 - 2013-10-01 19:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2014-10-05 23:42 - 2013-10-01 19:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2014-10-05 23:42 - 2013-10-01 18:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll

2014-10-05 23:42 - 2013-10-01 18:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll

2014-10-05 23:42 - 2013-10-01 18:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2014-10-05 23:42 - 2013-10-01 18:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll

2014-10-05 23:42 - 2013-10-01 17:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2014-10-05 23:42 - 2013-10-01 17:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll

2014-10-05 23:42 - 2013-10-01 17:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll

2014-10-05 23:42 - 2013-10-01 17:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2014-10-05 23:42 - 2013-10-01 17:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2014-10-05 23:42 - 2013-10-01 16:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2014-10-05 23:42 - 2013-10-01 16:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2014-10-05 23:42 - 2013-10-01 16:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2014-10-05 23:42 - 2013-10-01 15:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2014-10-05 23:05 - 2014-10-06 12:30 - 00288462 _____ () C:\Windows\msxml4-KB973688-enu.LOG

2014-10-05 22:36 - 2014-10-06 12:30 - 00293434 _____ () C:\Windows\msxml4-KB954430-enu.LOG

2014-10-05 22:33 - 2012-08-23 07:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll

2014-10-05 22:33 - 2012-08-23 07:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys

2014-10-05 22:33 - 2012-08-23 07:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys

2014-10-05 22:33 - 2012-08-23 04:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll

2014-10-05 22:33 - 2012-08-23 03:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll

2014-10-05 22:19 - 2012-07-25 20:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll

2014-10-05 22:19 - 2012-07-25 20:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe

2014-10-05 22:19 - 2012-07-25 20:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll

2014-10-05 22:19 - 2012-07-25 20:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll

2014-10-05 22:19 - 2012-07-25 20:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll

2014-10-05 22:19 - 2012-07-25 19:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys

2014-10-05 22:19 - 2012-07-25 19:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys

2014-10-05 22:19 - 2012-06-02 07:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

2014-10-05 22:14 - 2014-10-05 22:16 - 00000000 ____D () C:\Windows\system32\MRT

2014-10-05 22:14 - 2014-08-29 13:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-10-05 22:12 - 2013-01-13 14:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 14:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 14:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-10-05 22:12 - 2013-01-13 14:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-10-05 22:12 - 2013-01-13 14:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 13:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 13:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 13:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 13:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-10-05 22:12 - 2013-01-13 13:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2014-10-05 22:12 - 2013-01-13 13:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-10-05 22:12 - 2013-01-13 13:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 13:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 13:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 13:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-10-05 22:12 - 2013-01-13 13:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2014-10-05 22:12 - 2013-01-13 13:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2014-10-05 22:12 - 2013-01-13 13:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2014-10-05 22:12 - 2013-01-13 12:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2014-10-05 22:12 - 2013-01-13 12:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2014-10-05 22:12 - 2013-01-13 12:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2014-10-05 22:12 - 2013-01-13 12:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2014-10-05 22:12 - 2013-01-13 12:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2014-10-05 22:12 - 2013-01-13 12:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2014-10-05 22:12 - 2013-01-13 12:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2014-10-05 22:12 - 2013-01-13 12:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2014-10-05 22:12 - 2013-01-13 12:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2014-10-05 22:12 - 2013-01-13 12:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2014-10-05 22:12 - 2013-01-13 12:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll

2014-10-05 22:12 - 2013-01-13 12:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2014-10-05 22:12 - 2013-01-13 12:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll

2014-10-05 22:12 - 2013-01-13 12:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2014-10-05 22:12 - 2013-01-13 12:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2014-10-05 22:12 - 2013-01-13 11:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2014-10-05 22:12 - 2013-01-13 11:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll

2014-10-05 22:12 - 2013-01-13 10:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2014-10-05 22:12 - 2013-01-13 10:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll

2014-10-05 22:11 - 2012-02-29 23:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys

2014-10-05 22:11 - 2012-02-29 23:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll

2014-10-05 22:11 - 2012-02-29 22:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll

2014-10-05 22:07 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-10-05 22:07 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2014-10-05 22:07 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-10-05 22:07 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-10-05 22:07 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-10-05 22:07 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-10-05 22:07 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2014-10-05 22:07 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

2014-10-05 22:06 - 2014-03-04 02:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-10-05 22:06 - 2014-03-04 02:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-10-05 22:06 - 2014-03-04 02:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-10-05 22:06 - 2014-03-04 02:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-10-05 22:06 - 2014-03-04 02:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-10-05 22:06 - 2014-03-04 02:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-10-05 22:06 - 2014-03-04 02:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-10-05 22:06 - 2014-03-04 02:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-10-05 22:06 - 2014-03-04 02:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-10-05 22:06 - 2014-03-04 02:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-10-05 22:06 - 2014-03-04 02:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-10-05 22:06 - 2014-03-04 02:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-10-05 22:06 - 2014-03-04 02:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-10-05 22:06 - 2014-03-04 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2014-10-05 22:06 - 2014-03-04 02:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2014-10-05 22:06 - 2014-03-04 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2014-10-05 22:06 - 2014-03-04 02:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2014-10-05 22:06 - 2014-03-04 02:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-10-05 22:06 - 2014-03-04 02:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2014-10-05 22:06 - 2014-03-04 02:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-10-05 22:06 - 2013-08-01 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2014-10-05 22:06 - 2013-08-01 19:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2014-10-05 22:06 - 2013-08-01 18:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2014-10-05 22:06 - 2013-08-01 17:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2014-10-05 22:05 - 2013-12-03 19:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll

2014-10-05 22:05 - 2013-12-03 19:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll

2014-10-05 22:05 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll

2014-10-05 22:05 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll

2014-10-05 22:05 - 2013-12-03 19:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-10-05 22:05 - 2013-12-03 19:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe

2014-10-05 22:05 - 2013-12-03 19:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe

2014-10-05 22:05 - 2013-12-03 19:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe

2014-10-05 22:05 - 2013-12-03 19:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe

2014-10-05 22:05 - 2013-12-03 19:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll

2014-10-05 22:05 - 2013-12-03 19:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll

2014-10-05 22:05 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll

2014-10-05 22:05 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll

2014-10-05 22:05 - 2013-12-03 19:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2014-10-05 22:05 - 2013-12-03 18:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe

2014-10-05 22:05 - 2013-12-03 18:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe

2014-10-05 22:05 - 2013-12-03 18:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe

2014-10-05 22:05 - 2013-12-03 18:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

2014-10-05 22:05 - 2012-12-07 06:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll

2014-10-05 22:05 - 2012-12-07 06:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll

2014-10-05 22:05 - 2012-12-07 05:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll

2014-10-05 22:05 - 2012-12-07 05:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll

2014-10-05 22:05 - 2012-12-07 04:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs

2014-10-05 22:05 - 2012-12-07 04:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs

2014-10-05 22:05 - 2012-12-07 04:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs

2014-10-05 22:05 - 2012-12-07 04:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs

2014-10-05 22:05 - 2012-12-07 04:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs

2014-10-05 22:05 - 2012-12-07 04:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs

2014-10-05 22:05 - 2012-12-07 04:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs

2014-10-05 22:05 - 2012-12-07 04:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs

2014-10-05 22:05 - 2012-12-07 04:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs

2014-10-05 22:05 - 2012-12-07 04:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs

2014-10-05 22:05 - 2012-12-07 04:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs

2014-10-05 22:05 - 2012-12-07 04:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs

2014-10-05 22:05 - 2012-12-07 04:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs

2014-10-05 22:05 - 2012-12-07 04:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs

2014-10-05 22:05 - 2012-12-07 03:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs

2014-10-05 22:05 - 2012-10-03 10:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

2014-10-05 22:05 - 2012-10-03 10:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll

2014-10-05 22:05 - 2012-10-03 10:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll

2014-10-05 22:05 - 2012-10-03 10:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll

2014-10-05 22:05 - 2012-10-03 10:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll

2014-10-05 22:05 - 2012-10-03 10:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll

2014-10-05 22:05 - 2012-10-03 09:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll

2014-10-05 22:05 - 2012-10-03 09:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll

2014-10-05 22:05 - 2012-10-03 09:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll

2014-10-05 22:05 - 2012-10-03 09:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2014-10-05 22:05 - 2012-01-13 00:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

2014-10-05 22:04 - 2014-05-30 01:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-10-05 22:04 - 2014-05-30 01:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-10-05 22:04 - 2014-05-30 01:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-10-05 22:04 - 2014-05-30 01:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-10-05 22:04 - 2014-05-30 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-10-05 22:04 - 2014-05-30 01:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-10-05 22:04 - 2014-05-30 00:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-10-05 22:04 - 2014-05-30 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-10-05 22:04 - 2014-05-30 00:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-10-05 22:04 - 2014-05-30 00:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-10-05 22:04 - 2014-05-30 00:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-10-05 22:04 - 2014-05-30 00:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-10-05 22:04 - 2013-08-28 19:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2014-10-05 22:04 - 2013-08-28 19:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2014-10-05 22:04 - 2013-08-28 19:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2014-10-05 22:04 - 2013-08-28 18:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2014-10-05 22:04 - 2013-08-28 18:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2014-10-05 22:04 - 2013-08-28 18:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2014-10-05 22:03 - 2013-04-25 16:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2014-10-05 22:03 - 2013-03-31 15:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

2014-10-05 22:02 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-10-05 22:02 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

2014-10-05 22:02 - 2014-06-03 03:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-10-05 22:02 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-10-05 22:02 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-10-05 22:02 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-10-05 22:02 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-10-05 22:02 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-10-05 22:02 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2014-10-05 22:02 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-10-05 22:02 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-10-05 22:02 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2014-10-05 22:02 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-10-05 22:02 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-10-05 22:02 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-10-05 22:02 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2014-10-05 22:02 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-10-05 22:02 - 2013-10-05 13:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2014-10-05 22:02 - 2013-10-05 12:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2014-10-05 22:02 - 2013-10-03 19:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2014-10-05 22:02 - 2013-10-03 19:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll

2014-10-05 22:02 - 2013-10-03 18:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2014-10-05 22:02 - 2013-10-03 18:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll

2014-10-05 22:02 - 2013-07-25 19:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2014-10-05 22:02 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2014-10-05 22:02 - 2013-07-08 22:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2014-10-05 22:02 - 2013-07-08 22:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2014-10-05 22:02 - 2013-07-08 22:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2014-10-05 22:02 - 2013-07-08 21:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2014-10-05 22:02 - 2013-07-08 21:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2014-10-05 22:02 - 2013-07-08 21:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2014-10-05 22:02 - 2013-02-26 22:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2014-10-05 22:02 - 2012-10-09 11:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll

2014-10-05 22:02 - 2012-10-09 11:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll

2014-10-05 22:02 - 2012-10-09 10:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll

2014-10-05 22:02 - 2012-10-09 10:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll

2014-10-05 22:02 - 2012-01-04 03:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll

2014-10-05 22:02 - 2012-01-04 01:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll

2014-10-05 22:01 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-10-05 22:01 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-10-05 22:01 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-10-05 22:01 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-10-05 22:01 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-10-05 22:01 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-10-05 22:01 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-10-05 22:01 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-10-05 22:01 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys

2014-10-05 22:01 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2014-10-05 22:01 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys

2014-10-05 22:01 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll

2014-10-05 22:01 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll

2014-10-05 22:01 - 2014-01-28 19:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-10-05 22:01 - 2014-01-28 19:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-10-05 22:01 - 2014-01-27 19:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-10-05 22:01 - 2013-12-31 16:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls

2014-10-05 22:01 - 2013-12-31 16:04 - 00420008 _____ () C:\Windows\system32\locale.nls

2014-10-05 22:01 - 2013-11-26 04:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-10-05 22:01 - 2013-10-29 19:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2014-10-05 22:01 - 2013-10-29 19:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2014-10-05 22:01 - 2013-09-07 19:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll

2014-10-05 22:01 - 2013-09-07 19:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll

2014-10-05 22:01 - 2013-08-04 19:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2014-10-05 22:01 - 2013-07-25 02:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2014-10-05 22:01 - 2013-07-25 01:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2014-10-05 22:01 - 2013-07-12 03:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys

2014-10-05 22:01 - 2013-07-12 03:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys

2014-10-05 22:01 - 2013-07-04 05:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2014-10-05 22:01 - 2013-07-04 05:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2014-10-05 22:01 - 2013-07-04 05:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2014-10-05 22:01 - 2013-07-04 04:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2014-10-05 22:01 - 2013-07-04 04:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2014-10-05 22:01 - 2013-07-04 04:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2014-10-05 22:01 - 2013-07-04 03:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2014-10-05 22:01 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2014-10-05 22:01 - 2013-06-05 22:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2014-10-05 22:01 - 2013-06-05 22:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2014-10-05 22:01 - 2013-06-05 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2014-10-05 22:01 - 2013-06-05 22:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2014-10-05 22:01 - 2013-06-05 21:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2014-10-05 22:01 - 2013-06-05 21:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2014-10-05 22:01 - 2013-06-05 21:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2014-10-05 22:01 - 2013-06-05 20:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2014-10-05 22:01 - 2013-06-05 20:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2014-10-05 22:01 - 2013-06-05 20:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2014-10-05 22:01 - 2013-03-18 22:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll

2014-10-05 22:01 - 2013-02-11 21:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys

2014-10-05 22:01 - 2012-11-28 15:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys

2014-10-05 22:01 - 2012-11-28 15:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll

2014-10-05 22:01 - 2012-11-28 15:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

2014-10-05 22:01 - 2012-08-21 14:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe

2014-10-05 22:01 - 2012-04-30 22:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2014-10-05 22:01 - 2012-04-25 22:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll

2014-10-05 22:01 - 2012-04-25 22:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll

2014-10-05 22:01 - 2012-04-25 22:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe

2014-10-05 22:01 - 2011-12-29 23:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl

2014-10-05 22:01 - 2011-12-29 22:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl

2014-10-05 22:01 - 2011-11-16 23:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll

2014-10-05 22:01 - 2011-11-16 22:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll

2014-10-05 22:01 - 2011-10-25 22:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll

2014-10-05 22:01 - 2011-10-25 21:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll

2014-10-05 22:01 - 2011-08-16 22:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll

2014-10-05 22:01 - 2011-08-16 22:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax

2014-10-05 22:01 - 2011-08-16 21:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll

2014-10-05 22:01 - 2011-08-16 21:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax

2014-10-05 22:01 - 2011-07-08 19:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2014-10-05 22:01 - 2011-06-15 22:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll

2014-10-05 22:01 - 2011-06-15 21:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll

2014-10-05 22:01 - 2011-06-15 03:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll

2014-10-05 22:01 - 2011-06-15 03:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll

2014-10-05 22:01 - 2011-06-15 03:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll

2014-10-05 22:01 - 2011-06-15 03:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll

2014-10-05 22:01 - 2011-06-15 01:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll

2014-10-05 22:01 - 2011-06-15 01:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll

2014-10-05 22:01 - 2011-06-15 01:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll

2014-10-05 22:01 - 2011-06-15 01:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll

2014-10-05 22:01 - 2011-06-15 01:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll

2014-10-05 22:00 - 2014-09-24 19:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2014-10-05 22:00 - 2014-09-24 18:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2014-10-05 22:00 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-10-05 22:00 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-10-05 22:00 - 2013-11-26 18:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-10-05 22:00 - 2013-11-26 18:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-10-05 22:00 - 2013-11-26 18:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-10-05 22:00 - 2013-11-26 18:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-10-05 22:00 - 2013-11-26 18:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-10-05 22:00 - 2013-10-18 19:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2014-10-05 22:00 - 2013-10-18 18:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2014-10-05 22:00 - 2013-10-03 19:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2014-10-05 22:00 - 2013-10-03 18:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2014-10-05 22:00 - 2013-07-02 21:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2014-10-05 22:00 - 2013-07-02 21:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2014-10-05 22:00 - 2013-06-14 21:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2014-10-05 22:00 - 2013-04-09 23:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2014-10-05 22:00 - 2012-11-01 22:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll

2014-10-05 22:00 - 2012-11-01 22:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll

2014-10-05 22:00 - 2012-09-25 15:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll

2014-10-05 22:00 - 2012-09-25 15:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll

2014-10-05 22:00 - 2012-08-22 11:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys

2014-10-05 22:00 - 2012-07-04 13:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys

2014-10-05 22:00 - 2012-04-27 20:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys

2014-10-05 22:00 - 2012-03-17 00:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys

2014-10-05 22:00 - 2011-04-08 23:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

2014-10-05 22:00 - 2011-04-08 22:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe

2014-10-05 22:00 - 2011-02-03 04:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2014-10-05 21:52 - 2014-09-09 15:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-10-05 21:52 - 2014-09-09 14:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-10-05 21:52 - 2014-06-24 19:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-10-05 21:52 - 2014-06-24 18:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-10-05 21:52 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-10-05 21:52 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2014-10-05 21:52 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2014-10-05 21:52 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2014-10-05 21:52 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2014-10-05 21:52 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2014-10-05 21:52 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2014-10-05 21:52 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2014-10-05 21:52 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2014-10-05 21:52 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2014-10-05 21:52 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2014-10-05 21:52 - 2013-08-01 19:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 18:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2014-10-05 21:52 - 2013-08-01 17:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 17:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 17:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2014-10-05 21:52 - 2013-08-01 17:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2014-10-05 21:52 - 2013-07-20 03:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-10-05 21:52 - 2013-07-20 03:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2014-10-05 21:52 - 2013-05-09 22:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll

2014-10-05 21:52 - 2013-05-09 20:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll

2014-10-05 21:52 - 2013-04-25 22:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2014-10-05 21:52 - 2013-04-25 21:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2014-10-05 21:52 - 2013-01-23 23:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys

2014-10-05 21:52 - 2012-11-22 20:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe

2014-10-05 21:52 - 2012-07-04 15:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll

2014-10-05 21:52 - 2012-07-04 15:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll

2014-10-05 21:52 - 2012-07-04 15:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll

2014-10-05 21:52 - 2012-07-04 14:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll

2014-10-05 21:52 - 2012-07-04 14:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll

2014-10-05 21:52 - 2012-05-05 01:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2014-10-05 21:52 - 2012-05-05 00:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2014-10-05 21:52 - 2011-12-16 01:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll

2014-10-05 21:52 - 2011-12-16 00:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll

2014-10-05 21:51 - 2014-09-04 19:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-10-05 21:51 - 2014-09-04 19:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-10-05 21:51 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-10-05 21:51 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-10-05 21:51 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-10-05 21:51 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-10-05 21:51 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-10-05 21:51 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-10-05 21:51 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-10-05 21:51 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-10-05 21:51 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-10-05 21:51 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-10-05 21:51 - 2014-04-11 19:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-10-05 21:51 - 2014-04-11 19:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-10-05 21:51 - 2014-04-11 19:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-10-05 21:51 - 2014-04-11 19:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-10-05 21:51 - 2014-04-11 19:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-10-05 21:51 - 2014-04-11 19:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-10-05 21:51 - 2014-01-23 19:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2014-10-05 21:51 - 2013-10-11 19:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2014-10-05 21:51 - 2013-10-11 19:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2014-10-05 21:51 - 2013-10-11 19:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2014-10-05 21:51 - 2013-10-11 19:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2014-10-05 21:51 - 2013-10-11 19:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2014-10-05 21:51 - 2013-10-11 19:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2014-10-05 21:51 - 2013-10-11 19:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2014-10-05 21:51 - 2013-10-11 19:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2014-10-05 21:51 - 2013-10-11 19:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2014-10-05 21:51 - 2013-10-11 18:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2014-10-05 21:51 - 2013-10-11 18:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2014-10-05 21:51 - 2013-10-11 18:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2014-10-05 21:51 - 2013-10-11 18:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2014-10-05 21:51 - 2013-08-27 18:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2014-10-05 21:51 - 2013-07-04 05:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2014-10-05 21:51 - 2013-05-12 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll

2014-10-05 21:51 - 2013-05-12 20:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2014-10-05 21:51 - 2013-05-12 20:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2014-10-05 21:51 - 2013-05-12 20:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2014-10-05 21:51 - 2012-06-05 23:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll

2014-10-05 21:51 - 2012-06-05 22:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll

2014-10-05 21:51 - 2012-05-13 22:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2014-10-05 21:51 - 2011-11-19 07:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll

2014-10-05 21:51 - 2011-11-19 07:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll

2014-10-05 21:51 - 2011-10-14 23:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll

2014-10-05 21:51 - 2011-10-14 22:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll

2014-10-05 21:51 - 2011-08-26 22:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2014-10-05 21:51 - 2011-08-26 22:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll

2014-10-05 21:51 - 2011-08-26 21:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2014-10-05 21:51 - 2011-08-26 21:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll

2014-10-05 21:48 - 2012-02-16 23:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll

2014-10-05 21:48 - 2012-02-16 22:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll

2014-10-05 21:48 - 2012-02-16 21:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys

2014-10-05 21:36 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-10-05 21:36 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2014-10-05 21:36 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2014-10-05 21:36 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-10-05 21:36 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2014-10-05 21:36 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-10-05 21:36 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-10-05 21:36 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2014-10-05 21:36 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2014-10-05 21:36 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-10-05 21:36 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2014-10-05 21:36 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-10-05 21:36 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2014-10-05 21:36 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2014-10-05 21:02 - 2014-10-05 21:02 - 00000000 ____D () C:\Windows\NAPP_Dism_Log

2014-10-05 20:49 - 2014-10-06 12:18 - 00001424 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-10-05 20:47 - 2014-10-06 12:18 - 00060416 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT

2014-10-05 20:47 - 2014-10-05 20:47 - 00002609 _____ () C:\Users\Public\Desktop\eBay.lnk

2014-10-05 20:47 - 2014-10-05 20:47 - 00002111 _____ () C:\Users\Public\Desktop\Netflix.lnk

2014-10-05 20:47 - 2014-10-05 20:47 - 00000930 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Times Reader.lnk

2014-10-05 20:47 - 2014-10-05 20:47 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia

2014-10-05 20:47 - 2014-10-05 20:47 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia

2014-10-05 20:47 - 2014-10-05 20:47 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia

2014-10-05 20:47 - 2014-10-05 20:47 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe

2014-10-05 20:47 - 2014-10-05 20:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore

2014-10-05 20:47 - 2014-10-05 20:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe

2014-10-05 20:47 - 2014-10-05 20:47 - 00000000 ____D () C:\ProgramData\OEM_E471269A730D

2014-10-05 20:47 - 2014-10-05 20:47 - 00000000 ____D () C:\Program Files (x86)\Times Reader

2014-10-05 20:47 - 2014-10-05 20:47 - 00000000 ____D () C:\Program Files (x86)\OEM

2014-10-05 20:46 - 2014-10-05 20:48 - 00000000 ____D () C:\Users\Admin

2014-10-05 20:46 - 2014-10-05 20:46 - 00000020 ___SH () C:\Users\Admin\ntuser.ini

2014-10-05 20:46 - 2014-10-05 20:46 - 00000000 __SHD () C:\Recovery

2014-10-05 20:46 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-10-05 20:46 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-10-05 20:26 - 2014-10-05 20:27 - 00003253 _____ () C:\Windows\IE9_main.log

2014-10-05 20:25 - 2014-10-05 20:25 - 00001942 _____ () C:\Users\Public\Desktop\Video Web Camera.lnk

2014-10-05 20:25 - 2014-10-05 20:25 - 00001215 _____ () C:\Users\Public\Desktop\NOOK for PC.lnk

2014-10-05 20:25 - 2014-10-05 20:25 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Web Camera

2014-10-05 20:25 - 2014-10-05 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barnes & Noble

2014-10-05 20:25 - 2014-10-05 20:25 - 00000000 ____D () C:\Program Files (x86)\Video Web Camera

2014-10-05 20:25 - 2014-10-05 20:25 - 00000000 ____D () C:\Program Files (x86)\Barnes & Noble

2014-10-05 20:24 - 2014-10-05 20:24 - 00002435 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk

2014-10-05 20:24 - 2014-10-05 20:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-10-05 20:23 - 2014-10-05 20:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social Networks

2014-10-05 20:23 - 2014-10-05 20:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10

2014-10-05 20:23 - 2014-10-05 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AUPEO!

2014-10-05 20:23 - 2014-10-05 20:23 - 00000000 ____D () C:\Program Files\Preload

2014-10-05 20:23 - 2014-10-05 20:23 - 00000000 ____D () C:\Program Files (x86)\Social Networks

2014-10-05 20:22 - 2014-10-05 20:22 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll

2014-10-05 20:19 - 2014-10-05 20:19 - 04729408 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS

2014-10-05 20:19 - 2014-10-05 20:19 - 03952128 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll

2014-10-05 20:19 - 2014-10-05 20:19 - 03617280 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll

2014-10-05 20:19 - 2014-10-05 20:19 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll

2014-10-05 20:19 - 2014-10-05 20:19 - 00006656 _____ () C:\Windows\system32\bcmwlrc.dll

2014-10-05 20:19 - 2014-10-05 20:19 - 00000000 ____D () C:\Program Files\Broadcom

2014-10-05 20:19 - 2014-10-05 20:19 - 00000000 ____D () C:\Program Files (x86)\Cisco

2014-10-05 20:15 - 2014-10-05 20:15 - 00004786 _____ () C:\Windows\DPINST.LOG

2014-10-05 20:15 - 2014-10-05 20:15 - 00000000 ____D () C:\Program Files\Elantech

2014-10-05 20:11 - 2014-10-06 13:01 - 02041190 _____ () C:\Windows\WindowsUpdate.log

2014-10-05 20:11 - 2014-10-05 20:11 - 00001194 _____ () C:\Users\Public\Desktop\Help.lnk

2014-10-05 20:11 - 2014-10-05 20:11 - 00000184 _____ () C:\Windows\LMv4.UNI

2014-10-05 20:11 - 2014-10-05 20:11 - 00000000 ____D () C:\Program Files\Intel

2014-10-05 20:11 - 2014-10-05 20:11 - 00000000 ____D () C:\Program Files (x86)\Launch Manager

2014-10-05 20:10 - 2014-10-05 20:10 - 00000000 ____D () C:\ProgramData\Intel

2014-10-05 20:10 - 2014-10-05 20:10 - 00000000 ____D () C:\book

2014-10-05 20:09 - 2014-10-05 20:09 - 00015796 _____ () C:\Windows\system32\results.xml

2014-10-05 20:06 - 2014-10-05 20:19 - 00000518 _____ () C:\Windows\Driver_install.log

2014-10-05 20:06 - 2014-10-05 20:06 - 00000000 ____D () C:\Program Files\Common Files\Intel

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-06 12:58 - 2011-08-11 08:40 - 00002499 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk

2014-10-06 12:58 - 2011-08-11 08:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security

2014-10-06 12:58 - 2011-08-11 08:40 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64

2014-10-06 12:58 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-10-06 12:57 - 2009-07-13 21:51 - 00038675 _____ () C:\Windows\setupact.log

2014-10-06 12:57 - 2009-07-13 21:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-10-06 12:57 - 2009-07-13 21:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-10-06 12:50 - 2009-07-13 22:13 - 00774004 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-10-06 12:39 - 2011-08-11 08:40 - 00175736 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

2014-10-06 12:39 - 2011-08-11 08:40 - 00007488 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT

2014-10-06 12:39 - 2011-08-11 08:40 - 00000000 ____D () C:\Program Files\Symantec

2014-10-06 12:16 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-10-06 12:14 - 2009-07-13 21:45 - 00263640 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-10-06 12:11 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\System

2014-10-06 12:10 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal

2014-10-06 12:10 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Windows Defender

2014-10-06 12:10 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-10-06 12:10 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK

2014-10-06 12:10 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR

2014-10-06 12:10 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-10-06 12:10 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\zh-HK

2014-10-06 12:10 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\tr-TR

2014-10-06 12:10 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-10-06 12:10 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-10-06 12:07 - 2010-11-20 20:47 - 00004980 _____ () C:\Windows\PFRO.log

2014-10-05 21:36 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\system32\restore

2014-10-05 21:00 - 2009-07-13 22:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG

2014-10-05 21:00 - 2009-07-13 22:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template

2014-10-05 20:49 - 2011-08-11 08:38 - 00018627 _____ () C:\Windows\patch.log

2014-10-05 20:49 - 2011-08-11 08:37 - 00000000 ____D () C:\ProgramData\oem

2014-10-05 20:48 - 2011-08-11 08:40 - 00000000 ____D () C:\ProgramData\Norton

2014-10-05 20:48 - 2011-08-11 08:27 - 00000000 ___HD () C:\OEM

2014-10-05 20:47 - 2011-08-11 08:38 - 00000000 ____D () C:\ProgramData\Adobe

2014-10-05 20:47 - 2011-08-11 08:38 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-10-05 20:46 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Recovery

2014-10-05 20:46 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache

2014-10-05 20:44 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\sysprep

2014-10-05 20:44 - 2007-07-11 18:49 - 00000000 ____D () C:\Windows\Panther

2014-10-05 20:43 - 2009-07-13 21:46 - 00004059 _____ () C:\Windows\DtcInstall.log

2014-10-05 20:31 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help

2014-10-05 20:26 - 2011-08-11 08:28 - 00000000 ____D () C:\Program Files\Gateway

2014-10-05 20:26 - 2011-08-11 07:47 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-10-05 20:25 - 2011-08-11 08:23 - 00000000 ____D () C:\ProgramData\Temp

2014-10-05 20:23 - 2011-08-11 08:23 - 00000000 ____D () C:\ProgramData\CLSK

2014-10-05 20:22 - 2011-08-11 08:42 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll

2014-10-05 20:22 - 2011-08-11 08:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll

2014-10-05 20:22 - 2011-08-11 08:42 - 00000000 ____D () C:\Program Files (x86)\CyberLink

2014-10-05 20:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\th-TH

2014-10-05 20:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\sl-SI

2014-10-05 20:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\sk-SK

2014-10-05 20:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\ro-RO

2014-10-05 20:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\lv-LV

2014-10-05 20:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\lt-LT

2014-10-05 20:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\hr-HR

2014-10-05 20:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\he-IL

2014-10-05 20:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\et-EE

2014-10-05 20:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\bg-BG

2014-10-05 20:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\ar-SA

2014-10-05 20:11 - 2011-08-11 07:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

2014-10-05 20:10 - 2011-08-11 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway

2014-10-05 20:10 - 2011-02-11 20:12 - 00000000 ____D () C:\Windows\DeployWinRE2

2014-10-05 20:07 - 2011-08-11 07:47 - 00000000 ____D () C:\Program Files (x86)\Intel

2014-10-05 20:06 - 2011-08-11 07:47 - 00000000 ____D () C:\Intel

2014-10-05 20:06 - 2011-08-11 07:37 - 00003652 _____ () C:\Windows\TSSysprep.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-05 20:44

==================== End Of Log ============================

Link to post
Share on other sites

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01

Ran by Admin at 2014-10-06 13:03:48

Running from C:\Users\Admin\Desktop\FRST

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19480 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 2.7.0.19480 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.181.34 - Adobe Systems Incorporated)

Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)

Backup Manager V3 (x32 Version: 3.0.0.90 - NTI Corporation) Hidden

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.82.87 - Broadcom Corporation)

Build-a-lot 4 - Power Source (x32 Version: 2.2.0.97 - WildTangent) Hidden

Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden

Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden

Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden

Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)

CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.) Hidden

CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2912.52 - CyberLink Corp.)

CyberLink PowerDVD 10 (x32 Version: 10.0.2912.52 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)

ETDWare PS/2-X64 8.0.6.0_WHQL (HKLM\...\Elantech) (Version: 8.0.6.0 - ELAN Microelectronic Corp.)

FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden

Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Gateway Games (HKLM-x32\...\WildTangent gateway Master Uninstall) (Version: 1.0.2.5 - WildTangent)

Gateway MyBackup (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.90 - NTI Corporation)

Gateway Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Gateway Incorporated)

Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Gateway Incorporated)

Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.04.3503 - Gateway Incorporated)

Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.1022.2010 - Gateway Incorporated)

Gateway Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)

Gateway Social Networks (x32 Version: 3.0.3106 - CyberLink Corp.) Hidden

Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Gateway Incorporated)

Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden

HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)

Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Gateway Incorporated)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)

Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)

Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Gateway)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden

Nero Control Center 10 (x32 Version: 10.2.11100.1.1 - Nero AG) Hidden

Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden

Nero Core Components 10 (x32 Version: 2.0.18100.8.8 - Nero AG) Hidden

Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)

Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden

Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)

Nero Express 10 Help (CHM) (x32 Version: 10.5.10200 - Nero AG) Hidden

Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)

Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)

Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden

Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)

NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.4.7070 - Barnesandnoble.com)

Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.0.9 - Symantec Corporation)

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6329 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)

Skype™ 5.3 (HKLM-x32\...\{5335DADB-34BA-4AE8-A519-648D78498846}) (Version: 5.3.116 - Skype Technologies S.A.)

Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)

Times Reader (x32 Version: 2.055 - The New York Times Company) Hidden

Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden

Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden

Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)

Video Web Camera (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden

Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden

Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.02.3503 - Gateway Incorporated)

WildTangent Games App (Gateway Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden

Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

06-10-2014 04:36:22 Windows Update

06-10-2014 05:07:08 Windows Update

06-10-2014 19:29:25 Windows Update

06-10-2014 19:47:17 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {25A10B1A-F972-4E68-91C1-5F1598A381F3} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\WSCStub.exe [2012-09-26] (Symantec Corporation)

Task: {265CAC0A-2495-41E2-AAB5-77B575A2C93B} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Gateway\Gateway Recovery Management\NotificationCenter\Notification.exe [2011-06-17] (Acer)

Task: {26CF3A8F-CC23-4E56-8A8E-58EEC1B05F2E} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\SymErr.exe [2012-02-03] (Symantec Corporation)

Task: {2F13B093-0B7C-460A-98D3-0094B3EBBC06} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)

Task: {7E8AD514-96D5-42AB-8C32-CDFD60DA7DE9} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15] (Adobe Systems Incorporated)

Task: {C05F32DB-B4D9-43A4-9110-99E33BD823F5} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15] (Adobe Systems Incorporated)

Task: {E80C5BA7-7322-4F5B-87E1-F538002E791A} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\SymErr.exe [2012-02-03] (Symantec Corporation)

==================== Loaded Modules (whitelisted) =============

2011-08-11 08:30 - 2011-06-10 10:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2011-03-09 10:13 - 2011-03-09 10:13 - 00465640 _____ () C:\Program Files (x86)\NTI\Gateway MyBackup\sqlite3.dll

2011-03-09 10:12 - 2011-03-09 10:12 - 01081664 _____ () C:\Program Files (x86)\NTI\Gateway MyBackup\ACE.dll

2011-03-09 10:12 - 2011-03-09 10:12 - 00125760 _____ () C:\Program Files (x86)\NTI\Gateway MyBackup\MailConverter32.dll

2011-08-11 07:47 - 2011-01-12 17:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-2482108956-1102637409-1880698572-500 - Administrator - Disabled)

Admin (S-1-5-21-2482108956-1102637409-1880698572-1000 - Administrator - Enabled) => C:\Users\Admin

Guest (S-1-5-21-2482108956-1102637409-1880698572-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (10/06/2014 00:58:11 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 00:34:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 00:25:15 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 00:18:28 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 00:12:42 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: ccSvcHst.exe, version: 11.0.0.88, time stamp: 0x4ddc962f

Faulting module name: kernel32.dll_unloaded, version: 0.0.0.0, time stamp: 0x53159a85

Exception code: 0xc0000005

Fault offset: 0x714276f7

Faulting process id: 0x650

Faulting application start time: 0xccSvcHst.exe0

Faulting application path: ccSvcHst.exe1

Faulting module path: ccSvcHst.exe2

Report Id: ccSvcHst.exe3

Error: (10/06/2014 00:09:28 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/05/2014 11:09:32 PM) (Source: MsiInstaller) (EventID: 11935) (User: LAPTOP-PC)

Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"

Error: (10/05/2014 10:41:42 PM) (Source: MsiInstaller) (EventID: 11935) (User: LAPTOP-PC)

Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1935. An error occured during the installation of assembly component {7B30B69B-0E6C-B7E0-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9870.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"

Error: (10/05/2014 09:58:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )

Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

.

Error: (10/05/2014 09:48:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )

Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

.

System errors:

=============

Error: (10/06/2014 00:22:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2977629).

Error: (10/06/2014 00:16:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Windows Modules Installer service terminated with the following error:

%%16405

Error: (10/06/2014 00:12:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Norton Internet Security service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (10/06/2014 00:11:55 PM) (Source: Application Popup) (EventID: 877) (User: )

Description: There was error [DATABASE OPEN FAILED] processing the driver database.

Error: (10/06/2014 00:11:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Nero Update service to connect.

Error: (10/06/2014 00:11:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Intel® Rapid Storage Technology service failed to start due to the following error:

%%1053

Error: (10/06/2014 00:11:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Rapid Storage Technology service to connect.

Error: (10/06/2014 00:11:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Windows Font Cache Service service terminated with the following error:

%%32

Error: (10/06/2014 00:10:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (10/06/2014 00:08:24 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 12:30:49 AM on ‎10/‎6/‎2014 was unexpected.

Microsoft Office Sessions:

=========================

Error: (10/06/2014 00:58:11 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 00:34:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 00:25:15 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 00:18:28 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 00:12:42 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: ccSvcHst.exe11.0.0.884ddc962fkernel32.dll_unloaded0.0.0.053159a85c0000005714276f765001cfe198f593d071C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exekernel32.dllbecd0762-4d8c-11e4-99e2-9439e53580f5

Error: (10/06/2014 00:09:28 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/05/2014 11:09:32 PM) (Source: MsiInstaller) (EventID: 11935) (User: LAPTOP-PC)

Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/05/2014 10:41:42 PM) (Source: MsiInstaller) (EventID: 11935) (User: LAPTOP-PC)

Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1935. An error occured during the installation of assembly component {7B30B69B-0E6C-B7E0-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9870.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/05/2014 09:58:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )

Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/05/2014 09:48:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )

Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

==================== Memory info ===========================

Processor: Intel® Core i5-2430M CPU @ 2.40GHz

Percentage of memory in use: 42%

Total physical RAM: 3947.86 MB

Available physical RAM: 2284.03 MB

Total Pagefile: 7893.9 MB

Available Pagefile: 6273.85 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Gateway) (Fixed) (Total:450.66 GB) (Free:416.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 984F995F)

Partition 1: (Not Active) - (Size=15 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Very good, I'm glax to hear. :)

Run Delfix to remove FRST.

AFZxnZc.jpg DelFix

  • Please download DelFix and save the file to your Desktop.
  • Double-click DelFix.exe to run the programme.
  • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools
    • Create registry backup
    • Purge system restore
    • Reset system settings
  • Click the Run button.
-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

----------------------------------

My help will always be free. But if you are happy with the help provided, and would like to support my fight against malware and/or buy me a beer, please consider a donation. YSCcjW7.png

Below I have compiled a list of resources you may find useful. The articles document information on computer security, common infection vectors and how you can stay safe on the Internet.

The following programmes come highly recommended in the security community.
  • xKsUqI5A.png.pagespeed.ic.vn1Hlvqi8h.jpgAdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
  • x7D2ig3K.png.pagespeed.ic.x4TC1AK8OX.jpgEmsisoft Antimalware (free) acts as an additional on-demand scanner, and can be used in conjunction with your Anti-Virus.
  • EG85Vjt.pngMalwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
  • x6YRrgUC.png.pagespeed.ic.HjgFxjvw2Z.jpgMalwarebytes Anti-Malware Premium (MBAM) incorporates real-time protection and is designed to run alongside your Anti-Virus.
  • xjv4nhMJ.png.pagespeed.ic.A5YbWn1eDO.pngNoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
  • 3O8r9Uq.png Sandboxie isolates programmes of your choice, preventing files from writing to your HDD unless you approve the file.
  • DgW1XL2.png.pagespeed.ce.v1OlJl_ZAS.pngSecuina PSI will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you.
  • xj1OLIec.png.pagespeed.ic.k6hhwopU0q.jpgSpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
  • xJEP5iWI.png.pagespeed.ic.4tmM1lM7DQ.pngWeb of Trust (WOT) is a browser add-on designed to alert the user before interacting with a potentially malicious website.
-- Please feel free to ask if you have any questions or concerns on computer security or the programmes above.

======================================================

Please confirm you have no outstanding issues, and are happy with the state of your computer. Once I have confirmation things are in order, we can wrap things up and I will close this thread.

Thank you for using Malwarebytes.

Safe Surfing. thumbup.gif

Adam (LiquidTension).

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.